Cloud computing is an IT operating model that enables a user or business to run workloads, store data or access applications virtually. It is fast becoming the default way to run IT systems.
What are the main ways that cloud computing is consumed?
There are several types of cloud computing but the three most popular are:
- Infrastructure-as-a-service: A way of consuming virtualised hardware such as servers, storage and networking via the internet and on a utility basis. It is sold as public cloud, private cloud or hybrid cloud.
- Platform-as-a-service: A complete platform or environment upon which developers can build and host their applications.
- Software-as-a-service: A way of consuming software applications via the internet.
What is public cloud?
Public cloud is a type of infrastructure-as-a-service where servers and storage are hosted and pooled together by a third-party service provider. Customers can use as much or as little of the pooled capacity as they want.
What is private cloud?
Private cloud is a type of infrastructure-as-a-service where servers and storage are hosted by your own IT department – either in-house or in an outsourced data centre – but presented as a cloud-like service for exclusive use by your own business.
What is hybrid cloud?
Hybrid cloud is an environment that mixes public and private cloud, essentially getting the best from both worlds.
A business may run most of its mission-critical or sensitive workloads in a private cloud, but use public cloud for selected applications, such as to host their website or as extra computing capacity in times of peak demand.
What are the advantages of cloud computing compared to traditional IT?
Cloud computing offers a number of advantages compared to traditional IT environments where a business buys and runs its own IT servers, storage and networking equipment.
First, cloud computing is scalable. Businesses can access compute capacity as their needs dictate, meaning they do not need to pay for considerable computing power upfront that may sit idle while demand for it catches up.
Second, it is easier to manage. Businesses do not need to employ people to provision, administer, and maintain their compute infrastructure. Spinning up new server or storage capacity in the cloud is managed from a self-service portal.
Third, there is no single point of failure. If something breaks in the cloud, it automatically fails over somewhere else, so users don’t notice. This kind of redundancy is expensive if you own and run all your own equipment.
What does “on-demand” mean for cloud services?
On-demand means being able to call upon cloud resources as and when you need them. This type of flexibility and scalability is core to the value proposition presented by cloud computing.
How is cloud computing charged?
Infrastructure-as-a-service and platform-as-a-service is typically charged per hour or month, or per unit of use.
Server capacity in the public cloud is charged per hour while storage capacity is charged per Gigabyte that is used. Some cloud service providers charge on a monthly basis. There may also be charges depending on how much data you want to transfer into the cloud or between clouds.
Software-as-a-service typically has a set cost per seat per month, similar to the way software has been traditionally licensed.
Private cloud costs are much higher as you need to buy, host and run your own equipment. It is just configured and presented to the business in a cloud-like fashion.
Is cloud computing secure?
Security affects all computing systems, and cloud is no different.
One of the main concerns with cloud is that the user is giving up some control over their environment. It is important that security controls and policies apply equally to data on internal IT systems or the cloud.
Contractual service level agreements (SLAs) may be used to specify requirements for the cloud service provider to protect the data it hosts.
A number of security standards specifically for cloud computing have emerged in recent years which may also provide assurance. They include ISO/IEC 27017:2015, US National Institute of Standards and Technology (NIST) reference architectures, and the Cloud Security Alliance’s Security Trust and Assurance Registry (STAR) program.
In addition, the Australian Signals Directorate published a set of guidelines aimed at helping cloud users address security concerns.
How do I prepare my business to move into the cloud?
The first step is to decide what you want to push to the cloud versus what you want to keep in-house. Once decisions have been made, you will have several options to move: you may be able to simply lift-and-shift in, or you may have to refactor an application or repackage it into containers or other block-like structures to make it cloud-ready. You will also need to create internal policies around cloud usage, governance and security, and select a system to implement those policies and manage your environment.
Can I use more than one cloud?
Yes. Different cloud services have different characteristics that may make them more suitable to run one workload over another. It is generally possible to test the characteristics of a particular service before committing production workloads to it.
Running in multiple clouds simultaneously can create complexity challenges. A number of software platforms are emerging that allow users to manage multiple clouds from a single screen.
Can I move workloads between clouds?
Yes, but it will depend how the workload or application is structured and you will also require some sort of management software.
If you started your cloud journey by moving existing workloads from your own data centre into the cloud, you may already have the building blocks in place for portability. Organisations preparing for cloud may choose to lift-and-shift, refactor or completely repackage applications and workloads for the cloud.
An increasingly common structure used by cloud-first organisations is to break workloads into “blocks” that can be easily shifted around. These “blocks” may be virtual machine instances, containers or microservices.
You will also need some kind of management software that allows you to import or export between different clouds.
What is a cloud broker, and do I need to use one?
A cloud broker is an intermediary that can be used to take some of the complexity out of managing multi-cloud environments. They can provide advice on the best cloud services to use and help to manage the logistics of consuming them, such as payment and interoperability.
It is not necessary to use a cloud broker. The alternative is to buy cloud services yourselves and manage them via cloud management software. But it may be valuable for organisations without the resources and knowledge in-house to do everything themselves.
Can any application run in the cloud?
In theory, yes. In practice, it will depend how the application is coded and licensed. For example, while it may be feasible to license software to run in the cloud, it may not be economically viable. Costs vary between vendors, and an evaluation of costs may form part of the due diligence in deciding whether or not an application or workload should live in the cloud or not.
Organisations may also find themselves in a constrained regulatory environment with requirements on where they can host personally-identifiable data. It will be up to these organisations to evaluate whether the proposed use of cloud keeps them in compliance.
What does it mean to be ‘cloud-first’?
Cloud-first is an IT strategy that puts priority on finding cloud-based ways to solve business problems. It originated out of government as a way to encourage adoption of cloud computing services. However, it is now found in many enterprise environments as a way to encourage the use of cloud architecture while discouraging the use of more traditional means of deploying applications and workloads.
How do I avoid getting locked in to a cloud service?
Ask prospective cloud service providers upfront how they store your data and whether they offer a way to extract it in a usable format in case you decide in future to migrate to a different service.
What happens if the cloud fails?
You will need to consider this scenario in any evaluation of cloud computing, and if you decide to proceed to factor it into your existing disaster recovery and business continuity strategy. Almost all cloud providers will offer some level of uptime guarantee as part of their service level agreement (SLA). Depending on your contract, you may be entitled to service credits in the event of an extended outage. However, you will want to make sure you have options available to keep business systems online should the cloud service fall over, such as consuming cloud services that are geographically-dispersed i.e. spread across multiple availability zones.
Why should I care about data sovereignty and where cloud services are hosted?
Data sovereignty is a challenge for cloud service providers and their users. Put simply, it means that data is subject to the laws of the country in which it is stored. This has been alleviated somewhat by large cloud service providers setting up local servers in many countries, allowing customers to keep data from being stored offshore. Court cases continue to test what reach countries have over cloud-based data stored in other jurisdictions.