Love it or hate it, the cloud is here to stay. Regardless of if it’s for individual use, a Fortune 500 company, or a government entity, everyone uses the cloud in one way or another at this point. In this series, we will explore the journey organizations will work through as they consider migrating to the cloud, diving into not only the benefits, but also the difficulties that need to be addressed as part of the migration to the cloud.
Above all else, this series will keep you from being this guy…
The use of public Cloud infrastructure has skyrocketed in the past couple of years with the market leaders being Amazon Web Services, Microsoft Azure, and Google Cloud. As we can see in the market breakdown below, provided by Statistica, AWS has the largest share of the Public Cloud Market at 33% as of Q2 of this year.
Traditional On-Prem Data Centers VS Cloud
While organizations are used to working within traditional on-prem, physical data centers we want to first understand some of the key differences as to why many have looked to migrate to the cloud versus continuing to grow their on-prem solutions. While there are always hesitations to making such a drastic change to your business, many find Cloud Computing worth the trial and tribulations. We’ll hear later in this series from Cloud Security Engineer, Rick Whittington as he recounts his transition from an on-prem environment to the cloud.
Types of Cloud Computing Services
When it comes to cloud computing services, users have several factors and options to weigh when it comes to selecting the right service for their business needs. Let’s take a look at the different types of cloud computing services from most configurable to least.
Infrastructure as a Service (IaaS)
The first service, which yields the most flexibility and adaptability for an enterprise solution is Infrastructure as a Service (IaaS). IaaS is regarded as the most comprehensive of the different cloud computing services since it essentially provides a virtualized infrastructure for an organization to build on. With IaaS deployments, businesses manage it all, from software and OS’s that are installed, down to specific needs for their organization without interference from the cloud provider. Examples of IaaS would be Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Compute Engine.
Platform as a Service (PaaS)
The Platform as a Service (PaaS) is similar to IaaS in that it allows for some adaptability, in regards to building out tools needed for the needs of the business, however it comes pre-configured typically with an OS installed and the basic framework for operating in the cloud. PaaS is great for decentralized teams who may all need to access the same tools for application development since it’s cloud / browser based. Examples of PaaS would include Microsoft Azure and Google App Engine.
Software as a Service (SaaS)
Lastly, we have Software as a Service (SaaS) which provides a developed software solution to meet a particular need for the user via a subscription service. SaaS solutions include all the necessary infrastructure, operating systems, and data without the need of the customer having to configure each before utilizing the software. SaaS solutions are quick to stand up, letting organizations scale very quickly based on their needs. Examples of SaaS based solutions would be Microsoft Office 365, Slack, Google Apps, and Dropbox.
Let’s now look at some of the core concepts underlying cloud architecture. Choosing the right cloud option is ultimately dependent on your need for each of these so understanding them and how they affect your decision is important.
Organizations always have to plan accordingly to scale their operations. With traditional, on-prem data centers this can be a timely and expensive endeavor. If an organization wants to grow into a new market, the process of locating and acquiring a suitable physical location for the data center, ordering of all the hardware, delivery, initial set-up, and hiring / training of personnel to staff the new facility can take many months to execute on.
While this has been the standard for business operations in the past, the use of public cloud infrastructure makes scalability for organizations much more fluid, which also allows for not only cost savings with the initial time savings of growing the business, it also keeps organizations nimble when it comes to managing the needs of the business. Instead of attending countless meetings where the team discusses the logistics of scaling an on-prem datacenter to a new location, using a cloud infrastructure the operations team can grow with the business with a few clicks of the mouse.
Another core concept of cloud computing is Elasticity. The notion of cloud elasticity can easily be related to the elastic nature of a rubber band, in that the band shrinks and expands based on the current needs, just like the needs of an organization as well; the resources being used within cloud environments can shrink or grow depending on the current business requirements.
Let’s face it, most people hate change. Especially big changes that disrupt current workflows. Common idioms such as, the old way is reliable, and I know how to fix it when it breaks, or better the devil you know than you than the devil you don’t seem to be popular when it comes to individuals or corporations looking to implement new technology.
Many organizations have business continuity plans as part of the NIST Cyber Security Framework (more information here), Information Protection Processes and Procedures (PR.IP) for if /when a data center or other information security technology goes down. For cross referencing, the PR.IP for business continuity plans is PR.IP-9.
Migrating operations to a cloud environment provides organizations maximum reliability due to redundancies and separate regions for fail-overs. This takes the burden off managing on-prem data centers that may have a short power outage or worse yet, a natural disaster that devastates the region. For some, a data center that goes offline for an extended period can have negative repercussions on that business for many months into the future.
Being agile is important for any business, regardless of the industry you’re in. When it comes to On-Prem solutions versus Cloud and being agile, Cloud has many advantages for users.
The first advantage Cloud computing has when it comes to being agile is it reduces the time required to maintain the infrastructure your company depends on to run smoothly. Maintenance of the Cloud infrastructure is serviced by the vendors (AWS & Azure), versus your organization. Instead of working on upkeep of the infrastructure, focus can instead be on how to add value to the organization.
Another advantage to utilizing the Cloud is around trying new things as a company. With On-Prem solutions, many months of planning has to be coordinated with various stakeholders of the organization before anything came to market, however with Cloud, a business can deploy a new solution much faster than they ever could before, giving more opportunities to try innovative ideas. To go alongside the notion of new solutions, organizations utilizing the cloud can often implement newer technology must faster and cheaper than if they were working towards a similar integration with their On-Prem solution.
In this series, we’ll explore many aspects of getting started in the cloud, as well as the security of your cloud environment, and lastly how to investigate the cloud when the need arises. We’ll hear later in this series from Cloud Security Engineer, Rick Whittington as he recounts his transition from an on-prem environment to the cloud., and will shed light on some of the common misconceptions of utilizing cloud infrastructure and how best to secure it.
If your organization has already migrated to AWS or AZURE and you find yourself needing to investigate these platforms make sure to check out AXIOM Cyber, which allows for analysis of S3, EC2, and Azure virtual machines.