Case Study 2: Cloud ComputingJamia Yant
Cloud Computing
By Jamia Yant
May 24th, 2012
How Ericsson Benefitted from Amazon Web Services (AWS)
Ericsson was able to instantly take advantage of Amazon’s resources. Amazon’s AWS is able to build and manage a global infrastructure to the scale Ericsson needed to support their business. This infrastructure already being in place provides a cost savings benefit. They had the ability to deploy new applications and automated software updates instantly because they were able to scale up and down as demand changed or the business required it. They could access their cloud from anywhere thanks to the freedom of remote access. The web services provided Ericsson with a highly reliable, scalable, low-cost infrastructure platform with data center locations in the U.S., Europe, Singapore, and Japan. The company chose Amazon Web Services (AWS) because they felt AWS was the most integrated public cloud provider in the Rightscale Cloud Management Platform (Rightscale). “The Ericsson team states that having hosting centers in various regions was important for them. AWS also showed a better quality of service with solid management and a proven track record.” (Amazon Web Services, 2012)
Evaluate the scalability, dependability, manageability, and adaptability of Amazon EC2, Amazon S3, and Rightscale
Amazon EC2
Amazon Elastic Compute Cloud (Amazon EC2) provides a complete environment, a processor, memory, and preconfigured software. It offers scalability within minutes on a pay-as-you-go basis. It also reduces the time required to obtain and boot new server instances to minutes, allowing you to quickly scale capacity, both up and down, as your computing requirements change. Amazon EC2 changes the economics of computing by allowing you to pay only for capacity that you actually use. Amazon EC2 provides developers the tools to build failure resilient applications and isolate themselves from common failure scenarios. (Amazon Web Services, 2012)
Amazon S3
Amazon S3 is simply storage for the Internet. It is designed to make Web-scale computing easier for developers. It provides a simple Web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the Internet. It gives any developer access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of Web sites. The service aims to maximize benefits of scale and to pass those benefits on to developers. Amazon S3 is built to be flexible so that protocol or functional layers can easily be added. Reliability is backed with the Amazon S3 Service Level Agreement. As with most cloud services, you pay for what you use. (Amazon Web Services, 2012)
Rightscale
Rightscale acts as the bridge between your applications and your cloud infrastructure. Rightscalecloud management enables organizations to easily deploy and manage business-critical applications across public, private, and hybrid clouds. Right Scale provides efficient configuration, monitoring, automation, and governance of cloud computing infrastructure and applications. (Crunch Base, 2012) One of its features enables the user to monitor, scale, and manage entire server deployments efficiently and reliably. (Rightscale Cloud Management, 2012) Right Scale offers automation during the entire deployment lifecycle. There is also complete visibility into each level of the deployment. Managing, monitoring, testing, troubleshooting and re-launching applications all offer complete control. It offers the freedom and flexibility to keep a business from getting locked into a single provider because it is portable. (Amazon Web Services, 2012)
Security Concerns for Cloud-based Services and Methodologies for Handling Them
There are several potential security concerns with regard to cloud-based services: privileged user access, regulatory compliance, data location, data segregation, recovery, investigative support and long-term viability.
- Privileged user access.Because the vendor is controlling the cloud, the organization should ask for detailed information concerning vendor employees and administrators who have access to the organization’s data. The organization should know the number of vendor employees with data access, as well as their level of training and expertise, degree of authority, and overall responsibility within the vendor setting.
- Regulatory compliance.The organization is ultimately responsible for the security and integrity of its own data. Therefore, the organization should insist the cloud vendor will provide for specific external audits and security certifications.
- Data location.It is possible that the organization will not know the physical location of the cloud. In all actuality it could be in another country, far from the organization’s location. Therefore, the organization may want to specify acceptable location(s) whenever possible, and ensure the vendor agrees to commit, by contract, to local privacy requirements.
- Data segregation.Many times, the organization’s data and information in the cloud reside alongside other companies’ data. There should be a clear delineation and segregation of that information through any number of encryption techniques. Furthermore, the organization should insist that whatever encryption scheme is utilized, it is designed and tested by experienced specialists.
- Recovery.The vendor should offer a specified plan of action to the organization in the event of a disaster. A specific and detailed disaster recovery plan should be in place as part of the agreement between both parties.
- Investigative support.Any agreement or contract should include the availability of, and allowance for, a third-party investigation in the event of a specific problem requiring investigation. The agreement should allow specific information to be locked down at the organization’s request; the vendor should not be allowed to destroy or change such information. Access to metadata can confirm the unaltered state of the information.
- Long-term viability.The vendor chosen by the organization should have long-term viability and experience in cloud computing. In addition, there should be a specific contract-based understanding of the consequences should a vendor participate in a merger and/or routine, day-to-day functioning of the cloud.
One security methodology that can be used for cloud security is known as the “layered approach.” It works to insure the vendor and the organization both have multiple levels of protection for all data and physical assets. This method offers several layers of protection so the company is not dependent on a single countermeasure, but relies on multiple defenses at various levels. These levels would include:
- Level 1 – physical security:There should be procedures to control, monitor, and protect the physical facility where servers and other required physical equipment are located.
- Level 2 – network security:The vendor should have 24-hour trained security and network personnel monitoring and managing network filters, which are placed at various network locations. The competence and skill sets of the personnel managing the network are crucial at this level.
- Level 3 – intrusion detection:The vendor should have some form of detection capability located at multiple points within the network to monitor traffic flow into and out of the cloud. The vendor should be queried about the possibility of implementing intrusion detection based upon pre-set parameters negotiated between the organization and the vendor.
- Level 4 – firewall management:The organization should provide specific firewall policies unique to its needs. Firewalls can provide an additional level of security into the organization’s specific portion of the cloud.
- Level 5 – data encryption:Organizations should maintain encryption techniques within and outside the cloud.
It is important to consider that confidential and sensitive material will be transmitted to the cloud. It is imperative that the proper and appropriate level of security is provided and maintained by the vendor, per the organization’s requirements and specifications.(Arma International, 2010)
Scalability, Reliability, and Cost Issues Associated with Cloud Computing
The primary vehicle for cloud infrastructure is virtualization. This equates to running virtual servers in large data centers removing the need to buy and maintain expensive hardware and sharing Infrastructure resources. This allows the businesses to take advantage of economies of scale and reap some cost savings. Cloud storage offers a number of benefits, such as the ability to store and retrieve large amounts of data in any location at any time. Data storage services are fast, inexpensive, and very scalable; but, reliability can be an issue. Every system at some time experiences down time. Another possible issue could be the cost of developing the application to synchronize data between the application and the Cloud. Choosing to support both an offline and online experience for the end users will add additional cost to the project. (Chantry, 2009) “Although promising cost efficiency with its "pay as you need" model, the cost of implementing cloud computing can skyrocket when the expense of reliable and secure connectivity with sufficient bandwidth delivered via private WANs” (Gottlieb, 2011) I think detailed research into what it would take to implement such a system can reduce the shock of the actual cost of implementation. Investigate the number of service interruptions your service provider has experienced. Look at the security concerns and remember to scrutinize the contracts for any additional costs that could arise. Systems such as these can be implemented in phases to bring certain departments and processes on line in their order of importance. Most of the benefits outweigh any issue and issues will arise with any system. Like service interruptions, it is just a matter of time. Being able to stay on top of change in this age of business is essential for success. Platforms like the one Amazon offers has allowed many business’s like Ericsson thrive.
Resources:
- Amazon Web Services (2012) About AWS,
- Amazon Web Services (2012) Amazon Elastic Compute Cloud,
- Amazon Web Services (2012) Amazon Simple Storage Service
- Rightscale Cloud Management (2012) A Bridge Between Your Apps and Infrastructure,
- Crunch Base (2012)
- Arma International (2010) Information Management: Putting a Lock on Cloud Based Information,
- Chantry, D. (2009) Mapping Applications to the Cloud,
- Gottlieb, A. (2011) Cloud Computing Journal: Beware the Network Cost Gotchas of Cloud Computing,
- Amazon Web Services (2012)
- Amazon Web Services (2012)