Journey to the Cloud - Getting Things Straight

• Virtualization must be employed to separate the physical hardware from whichever software service layer is being consumed.

Without these five important characteristics and the two additional criteria, it would be all too easy for any service tobelabeled or rebrandedascloud, without providing any real cloud benefits.

Now we must tackle the buzz-words, we can start with service models. Some more traditional services have always had service models ranging from Do it Yourself (DIY) to Do it for Me (DIFM), and cloud is no exception:

• Do it Yourself (DIY): very simply, handle everything ourselves – yes, it can be done!

• Infrastructure as a Service (IaaS): Server, Network, Storage, and Operating System (OS)may be handled for us, eg Virtual Firewall or Virtual Private Server

• Platform as a Service (PaaS): IaaSis handled for us, plus middleware and runtime may be handled for us, eg Database Server, Application Server, or Web Server

• Software as a Service (SaaS): IaaS and PaaS is handled for us, we just configure and run the applications provided, eg Web-based Application or Mobile Application.

And now perhaps the most difficult definitions, the Deployment Models, where most confusion occurs:

• Private Cloud deployment is the most controversial to define because a more traditional definition is that it cannot be public facing and must be single-tenant. A less traditional definition is that it has isolated and/or dedicated resources, giving more control over a wide range of settings or layers, especially those related to security. It is considered the most secure but can also be public facing, on or off premise, self-hosted or handled by a 3rd party.

• Public Cloud deployment is generally multi-tenant and accessed over the internet but depending on the architecture, is not necessarily any less secure than Private Cloud.

• Community Cloud deployment can be either Private Cloud or Public Cloud but is shared for a common purpose.

• Hybrid Cloud deployment is any combination of the above.

We now have come clearer definitions but our selection process will not always be easy, there will be other differences in technical sophistication and service level agreements that need considering. We may also need to challenge traditional thinking, e.g.high-quality Public Cloud solutions will have strong architecture, continuous feature improvements and significant resources in both security and support—these solutions can be as secure, if not more secure, than Private Cloud or DIY.

By now, we should be getting things straight and be better placed for selecting services that are the best fit for our requirements. Selecting solutions where more of the technical work is done for us might sound perfect but don’t be surprised if these bring higher costs. Having said that, we may require more control or customization of our solution(s), require lower costs, and be willing to handle more work ourselves. In terms of security, hopefully, we are also realizing that, if we get things straight, the journey to the cloud does not have to be a leap of faith.