Information Technology Reference
In-Depth Information
capacity to be able to cope with any increase in demand from the customers. Most providers
would need to add hundreds or even thousands of new servers daily to keep up and provision
for future demand or replace older and failing servers.
When you offer the power of scalable resources to your customers, there is no real way
of knowing how much a single user will be using. To safeguard against overprovisioning,
many cloud service providers impose a limit on the number of virtual servers or resources
that a single account can provision or use tiered accounts, with higher tiers being able to
provision more but probably with added costs.
Security
One of the biggest hurdles to implementing cloud computing is the fear that it may be less
secure than on-premises solutions, and some organizations are willing to spend just to achieve
a better level of security. Cloud computing advocates would argue that this is not true, that
security measures in terms of software and hardware are the same for both on-premises and
cloud data centers. Yes, that would be true, but we should take in to consideration the dif-
ference in the nature of both solutions. On-premises or traditional data centers are designed
and built to serve the organization and its stakeholders, while a cloud data center is designed
to cater to a more or less worldwide customer base, meaning that its visibility is much wider
compared to that of on-premises data centers. That fact alone means that cloud data centers
are advertised more compared to their counterparts, and that means that more attackers are
aware of them.
Some security experts would argue that invisibility or anonymity is not a security
measure, but logically it is. No one can steal something if they don't know it exists, or at
least there will be fewer attempts when only a few know about it. This apparent sense of
invisibility of on-premises data centers stands as one the security advantages that wary
organizations depend on.
Nondisclosure of sensitive items, though highlighted as a form of security
for the most part, is not advisable as the only form of security measures.
Hidden items are often the first things that attackers will look for.
Another security issue that people have with cloud computing in general is its public
and third-party nature. The fact that people other than their own highly trusted personnel
are handling their sensitive data is enough to make some CIOs cringe. There is really no
assurance that people from third-party service providers can be trusted, and service-level
agreements (SLAs) don't always mention anything about prosecution of personnel who mis-
handle sensitive data. The only option is for organizations to opt for a hybrid system where
they keep their most sensitive data in their own on-premises data centers and relegate other
data and services to third-party cloud service providers. This looks to be the best option
for organizations with sensitive information on hand. They can keep a wary eye on critical
data by using smaller on-premises data centers while offloading all other data and applica-
tions to the public cloud. They save money because they need to maintain only a small data
center, so they still enjoy the cost effectiveness of cloud services. That is assuming that not
all of their business revolves around sensitive data and applications.
Search WWH ::
Custom Search