The cloud is ubiquitous. It’s everywhere even though we rarely notice it. You interact with the cloud starting first thing in the morning as you check your phone for new emails before you even get out of bed. The cloud is there again when you use your phone’s maps app to check traffic conditions on the way to work.
Once at work, you use the cloud whether you write code using Github as a code repository, share a document with a colleague using Box, enter customer information into Salesforce, or onboard a new employee using Workday. When we go home, we may open up vacation photos a friend sent to us on Dropbox without giving it a second thought that we are consuming a cloud service built on top of another cloud service (Dropbox is built on Amazon AWS).
All of these are cloud services, yet we experience them in completely different ways, which raises several questions: What is a cloud service? Where is the cloud? What is the difference between the cloud and the Internet? And how many flavors does the cloud come in?
/ ði klaʊd/: software or services delivered over the Internet
The term “cloud” is closely related to the Internet. For a long time, in network diagrams the complexity of the Internet was reduced down to a simple cloud icon. That’s because the focus was on the servers, devices, and switches IT professionals were responsible for and the Internet was beyond the horizon of what they needed to worry about from an architecture standpoint. Since software delivered over the Internet similarly doesn’t require the customer to worry about how it’s architected, people began to refer to this software as being “in the cloud.”
Cloud services are a subset of the Internet
Larry Ellison, as one of the longest running tech CEOs in Silicon Valley history, summarized his frustration with what he perceived to be an overuse of the term “cloud” back in 2008 when he stated, “maybe I’m an idiot, but I have no idea what anyone is talking about. What is it? It’s complete gibberish. It’s insane. When is this idiocy going to stop?”
It’s clear what isn’t the cloud. Software that is stored in and run from someone’s local hard-drive is not the cloud because one of the requirements of the cloud computing is that the software, the underlying code, and the supporting infrastructure must be delivered via the internet and must run over the internet. By that same measure, most of Oracle’s enterprise software business that involves customers installing and running Oracle’s software is not in the cloud.
But why is Facebook.com considered a cloud service but Amazon.com isn’t considered a cloud service? The answer is related to how the two services are used. An e-commerce site such as Amazon certainly falls under the “software or service delivered over the internet” definition. However, another requirement of the cloud is that data must be uploaded to it. People don’t upload data to Amazon’s e-commerce site, but we upload a lot of data to Facebook in the form of pictures, comments, etc.
This is why the cloud can’t be conflated with the Internet, and doing so would inevitably lead to circular logic. Instead, cloud computing is a model for sharing resources and enabling on-demand access to things like data storage, software, and processing.
IaaS, PaaS, SaaS, oh my!
Today, the cloud comes in three flavors which form the cloud stack: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). SaaS is often built on a PaaS, which is built using IaaS.
SaaS is what most people think of when they hear the name of a familiar cloud service they interact with via a client such as a mobile app or browser. SaaS providers deliver software and applications via the cloud, which differ from other software in that it’s far more scalable. It’s also much easier for a software upstart to launch a new application in the cloud, which is why many SaaS apps from Slack to Salesforce dominate their respective product categories.
PaaS is a cloud environment or platform for developers to build cloud applications. Providers of PaaS deliver a database, an operating system, programming language execution capabilities as well as web servers. Like IaaS, the end user of the cloud application never interacts with the PaaS infrastructure. Microsoft Azure, Google Compute Engine, and Amazon AWS also have PaaS capabilities. Salesforce’s Force.com platform is another example of PaaS. The Salesforce apps available in the App Exchange are built on Salesforce Force.com platform.
IaaS is a platform offering raw computing power for service providers. It can also includes the servers, file or object storage, load balancers, network firewall, CDNs, etc. IaaS providers deliver these capabililites on-demand from a large cluster of equipment stationed in data centers. Amazon AWS, Microsoft Azure, Google Compute Engine, Rackspace, and IBM SmartCloud Enterprise are all leading providers of IaaS, Many big names in SaaS including Dropbox, Instagram, and Pinterest run on IaaS platforms provided by Amazon and others.
To add another wrinkle to the definition of the cloud, vendors that provide data center technology such as hardware, networking switches, and virtualization are now introducing elastic computing concepts IaaS providers leverage to traditional data centers run by end customers. They have coined the term “private cloud” to refer to these upgraded data centers.
In a private cloud, the infrastructure, the platform, and the software all exist only for one company. The end customer runs their own data center, provides most of the hardware and software, and maintenance. The cost savings that come with cloud computing tend to evaporate in this model of deployment. However, certain industries with highly sensitive data prefer to use private clouds due to a perception that they’re more secure than public clouds.
To make the most out of a private cloud, organizations need to take careful considerations in order. In order to gain the scalability and efficiency benefits of private clouds, the whole business environment is usually virtualized. There are also security concerns with private clouds since responsibility for securing every part of the infrastructure falls on the company. Unlike a cloud company like Salesforce or Microsoft that have large cyber security teams, many enterprises lack the expertise required to defend against today’s sophisticated cyber attacks.
As a result, use of cloud services is growing exponentially and a recent survey by the Cloud Security Alliance found that an overwhelming 64.9% of IT leaders think the cloud is as secure or more secure than on-premises software.
About the Author
Categories: Cloud Security