1 / 12

Myth or Reality? – The most Common Objections to Cloud Computing

Myth or Reality? – The most Common Objections to Cloud Computing. Peter van der Zouwe Windows Azure Partner Lead Microsoft Canada petervdz@microsoft.com Twitter: @ petervdz. March 2012. Agenda. Context – The Windows Azure Platform How to Target Cloud Computing – People and Business

tammy
Download Presentation

Myth or Reality? – The most Common Objections to Cloud Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Myth or Reality? – The most Common Objections to Cloud Computing Peter van der Zouwe Windows Azure Partner Lead Microsoft Canada petervdz@microsoft.com Twitter: @ petervdz March 2012

  2. Agenda • Context – The Windows Azure Platform • How to Target Cloud Computing – People and Business • Common Objections to Cloud Computing • - Patriot Act (contact Microsoft Directly) • - Security • - Critical Data • - Availability • - Multi-Tenancy • - Compliance • - Performance

  3. messaging CDN caching database VMs business analytics compute networking Global Physical Infrastructure servers/network/datacenters automated managed resources elastic usage based storage identity commerce North Central US, S. Central US, N. Europe, W. Europe, E. Asia, S.E. Asia + 24 Edge CDN Locations

  4. Cloud Services

  5. Azure Usage Scenarios

  6. How to Target Cloud Computing Solutions • People • Target Business and Technology Visionaries • Cloud Computing more of a business Value Proposition than pure IT • Easier for SaaS Cloud Vendors to get to the Business Decision Makers • If you are going to target IT – talk to CIO or Application Development • Business Risk • Target Lower Business Impact (LBI) Application to start. • Customers willing to accept more risk on SaaS Solutions (SLA) • For some customers Cloud is a long term journey (Federal Government) • “Hybrid” Solutions – alternative to pure Cloud plays • Agility – ability to do things quickly (more quickly than competitors • No up-front costs for massively scalable computing infrastructure • Pay for what you use, when you use it • Eliminate utilization concerns • Add compute power as business grows or demand spikes • No ongoing depreciation and maintenance costs • Lower risk (scale or fail quickly) • Opex vs Capex

  7. Common Objections – Security “How can you guarantee that our data is secure?” • This is a very Complex Area and requires and expertise to address all the needs of security experts in Enterprises (e.g. Financial Services) • For Cloud Platforms - Need to consider Platform (Cloud Service Provider), Architecture (Customer and /or IT Partner) and Code (Customer and /or IT Partner). Need to design using good security practices (SDLC). • Most Cloud Providers take Security VERY Seriously and invest heavily in this area (e.g. MSFT hired 3 X Top Tier Penetration testing teams to test Azure – over 7 weeks not one successful attack) • Examples of Cloud Security measures; Intrusion Detection Methods, Video Surveillance, Biometrics, Access Control, Background checks on all Data-Centre Personnel, Use of Standards like SSL/HTTPS, Data Encryption, Auto Updating of Security patches, Threat & Vulnerability Management, Anti-Malware, Edge Routers. • For Serious/Large customers have them take a Data Centre Tour.

  8. Common Objections – Critical Data & Availability “I do not want to (or legally cannot) put critical Customer Data in the Cloud” • Discuss Hybrid Solutions (Keep Critical Data on Premise) • What do you do outside of Canada now? E.g. Who does your payroll? • Discuss what data is used for? There is typically something that can be put in the Cloud. “Can you gaurantee that your Cloud Solution will be available when (& where) I need it?” • SLA’s (Most Cloud Service Providers offer at least 99.9% and many offer a Financial Guarantee if it falls below this service level) • Cloud Services are not perfect and there is always the risk of downtime (as there is in an On-Premise Environment). • As with normal SW Development “Design for faults”. Back-up. Redundancy.

  9. Common Objections – Multi-Tenancy & Performance “I do not like the fact that there are Multiple customers on the same server, what if someone else can see my data?” • Typically with Cloud you are in a Multi-Tenant Environment • Azure has NW Level protections in place to stop cross-Tenant intrusions & Communications • Need to encrypt data to ensure secure communications between Services • For Cloud Storage you can encrypt data and it is secured as standard using randomly generated storage “keys” “How well does your solution perform? I need to know that it is not going to be slow because there are multiple customers accessing the US based Cloud Solution” • Do a Proof of Concept/Test the Solution. • Cloud providers manage Load Balancing, Performance etc • Cloud Providers Typically have huge Bandwidth in and out of the Data Centre • Still a dependence on Architecture, Applications and Design.

  10. Common Objections – Compliance “What about Compliance? I need to ensure that your solution complies with internationally recognized standards” • Ask Customer where the Compliance Concern is coming from? E.g. Legal, Industry Standard etc. Need to understand issue to address the concern. • Common Standards that customers will ask for: ISO-27001 (Broad International Information Security Standard), SAS70/SSAE 16 (US Accounting Audit Standard), PCI DSS (Credit Card Information). • Be careful when discussing Standards with Customers. While your Cloud Data Centre may conform to a standard. You need to ensure that all the services that sit on top of the platform are also compliant. • There are some standards that are VERY difficult to meet e.g. PCI DSS. Typically Partners will solve this by outsourcing credit card payment to a specific PCI DSS Compliant Vendor. • For Canada look at PIPEDA (can be covered off via online Privacy Policy)

  11. Cloud Round Table “With proper privacy protections designed into the system from the very beginning of its lifecycle, and integrated at every system layer, businesses can gain the huge financial and competitive advantages of cloud and ensure security,” Dr. Ann Cavoukian, Ontario Privacy Commissioner The conversation also covered one of the biggest current concerns about cloud privacy, The U.S. Patriot Act. Cavoukian argued that companies shouldn’t fear it, because it’s not that big a deal. Michael Power, a privacy lawyer at Michael Power Barrister & Solicitor, agreed. “There are a lot of things you should ask your cloud provider ... but location shouldn’t be the sole focus,” he said. “You’ll find that a lot of the similar kinds of provisions that are found in the Patriot Act already exist in Canada.”

More Related