Virtual machines make it possible to separate hardware acquisition and deployment from software deployment, and can improve delivery within an enterprise to 10, 20, or even 30 times faster. Thomas J. Bittman, VP, Distinguished Analyst, Gartner
In today's economic environment, organizations are focused on reducing costs and doing more with less while still trying to remain competitive. This means that IT departments are facing greater scrutiny to ensure that they match key business needs and deliver intended results in the most efficient and cost-effective manner. To meet these challenges, IT organizations are increasingly moving away from device-centric views of IT, to one that is focused more on the defining characteristics of cloud computing on applications, information, and people.
As an emerging trend that provides rapid access to dynamically scalable and virtualized IT resources, cloud computing promises new and exciting opportunities for organizations to create lean, robust, cost-effective IT infrastructures that better align with business goals. However, certain tradeoffs concerning control, compliance, and security must be addressed before fully realizing those benefits.
This article describes the elements driving data centers migration to the cloud, including the role of virtualization in public cloud infrastructures, and outlines the security and compliance implications of cloud computing to provide insight into the protection of sensitive data in the cloud through two key methods: Administrative access and privileged delegation.
Why journey into the cloud?
Why would organizations want to move their data center to the cloud? It's simple: The flexibility provided by virtualized servers and the economies of scale of larger private or public clouds create a better economic model for today's computing needs.
Virtualization provides the starting point for the better model: Higher utilization of server and storage hardware when workload varies:
Add the economies of scale and even higher utilization when resources are shared across business units in a public cloud or across companies in a public cloud and you have a lower cost model.
Add the flexibility to pay for resources only as used rather than incurring large fixed costs and large chunks of capital expenditures and IT can better match the business requirements in many industries.
However, beyond the simple economics, the cloud model provides significant operational benefits. Virtualization again provides the starting point for a better operation model by reducing the time to provision needed applications and workloads. The cloud model builds on these capabilities by abstracting the end user from the complexity of both the physical infrastructure and the details of the provisioning and management processes making computing as easy to buy and manage as any other business service, as well as providing metering for measured service and service level agreements. Add to that, increased reliability and greater accessibility for mobile or remote users and the cloud becomes a very compelling value proposition
Virtualization as an enabler
While the cloud is not in and of itself virtualization, virtualization is a critical component and major enabler of cloud computing. Virtualized servers and storage allow higher utilization of physical hardware when workload varies.
The ability to automatically move workloads whenever required increases reliability without the need to provide redundant (and often underutilized) hardware for every application. Cloud providers build on the economic advantages of virtualization; combining that with economies of scale and advanced automation of routine systems administration is what creates the cost savings that allow cloud-based data centers to be an economically viable alternative or supplement. Still, organizations moving data onto the cloud must consider the risks they face if the virtual environment is not administered properly.
Additionally, virtualization is enabling the IT department itself to be, in effect, a service provider for the business. Virtualization again provides the starting point for a better operation model by reducing the time to provision needed applications and workloads. By abstracting the end user from the complexity of both the physical infrastructure and the details of the provisioning and management processes, server virtualization "helps IT behave more like a cloud provider, and prepares the business to be a better consumer of cloud computing." (From GartnerGroup, "Server Virtualization: One Path That Leads to Cloud Computing", RAS Core Research Note G00171730, Thomas J. Bittman, 29 October 2009.)
So what does this mean for the data center and IT operations? The first characteristic of a heavily virtualized data center is a dramatic increase in the number of servers to be managed. This increasing scale — from hundreds to thousands and thousands to tens of thousands of servers — adds high degree of complexity to data center operations. Change and configuration management become for more important and challenging and automation moves from a nice way to save money to a fundamental requirement.
Because of this additional complexity in virtual and cloud environments, client data is now exposed to security vectors not found in purely physical environments. The addition of a virtualization layer to the IT stack introduces a new point of failure in the established security model and a new attack surface for intruders of malicious insiders. Any breach of security at the hypervisor level undermines all of the security on the stack above it, from the operating system through the data and application layers.
The dangers of a cloud data center
According to an IDC Enterprise Panel survey, the number one concern of companies moving into cloud computing environments is security
Security is number one concern when moving into the cloud
Image missing...
In today's economic environment, organizations are focused on reducing costs and doing more with less while still trying to remain competitive. This means that IT departments are facing greater scrutiny to ensure that they match key business needs and deliver intended results in the most efficient and cost-effective manner. To meet these challenges, IT organizations are increasingly moving away from device-centric views of IT, to one that is focused more on the defining characteristics of cloud computing on applications, information, and people.
As an emerging trend that provides rapid access to dynamically scalable and virtualized IT resources, cloud computing promises new and exciting opportunities for organizations to create lean, robust, cost-effective IT infrastructures that better align with business goals. However, certain tradeoffs concerning control, compliance, and security must be addressed before fully realizing those benefits.
This article describes the elements driving data centers migration to the cloud, including the role of virtualization in public cloud infrastructures, and outlines the security and compliance implications of cloud computing to provide insight into the protection of sensitive data in the cloud through two key methods: Administrative access and privileged delegation.
Why journey into the cloud?
Why would organizations want to move their data center to the cloud? It's simple: The flexibility provided by virtualized servers and the economies of scale of larger private or public clouds create a better economic model for today's computing needs.
Virtualization provides the starting point for the better model: Higher utilization of server and storage hardware when workload varies:
Add the economies of scale and even higher utilization when resources are shared across business units in a public cloud or across companies in a public cloud and you have a lower cost model.
Add the flexibility to pay for resources only as used rather than incurring large fixed costs and large chunks of capital expenditures and IT can better match the business requirements in many industries.
However, beyond the simple economics, the cloud model provides significant operational benefits. Virtualization again provides the starting point for a better operation model by reducing the time to provision needed applications and workloads. The cloud model builds on these capabilities by abstracting the end user from the complexity of both the physical infrastructure and the details of the provisioning and management processes making computing as easy to buy and manage as any other business service, as well as providing metering for measured service and service level agreements. Add to that, increased reliability and greater accessibility for mobile or remote users and the cloud becomes a very compelling value proposition
Virtualization as an enabler
While the cloud is not in and of itself virtualization, virtualization is a critical component and major enabler of cloud computing. Virtualized servers and storage allow higher utilization of physical hardware when workload varies.
The ability to automatically move workloads whenever required increases reliability without the need to provide redundant (and often underutilized) hardware for every application. Cloud providers build on the economic advantages of virtualization; combining that with economies of scale and advanced automation of routine systems administration is what creates the cost savings that allow cloud-based data centers to be an economically viable alternative or supplement. Still, organizations moving data onto the cloud must consider the risks they face if the virtual environment is not administered properly.
Additionally, virtualization is enabling the IT department itself to be, in effect, a service provider for the business. Virtualization again provides the starting point for a better operation model by reducing the time to provision needed applications and workloads. By abstracting the end user from the complexity of both the physical infrastructure and the details of the provisioning and management processes, server virtualization "helps IT behave more like a cloud provider, and prepares the business to be a better consumer of cloud computing." (From GartnerGroup, "Server Virtualization: One Path That Leads to Cloud Computing", RAS Core Research Note G00171730, Thomas J. Bittman, 29 October 2009.)
So what does this mean for the data center and IT operations? The first characteristic of a heavily virtualized data center is a dramatic increase in the number of servers to be managed. This increasing scale — from hundreds to thousands and thousands to tens of thousands of servers — adds high degree of complexity to data center operations. Change and configuration management become for more important and challenging and automation moves from a nice way to save money to a fundamental requirement.
Because of this additional complexity in virtual and cloud environments, client data is now exposed to security vectors not found in purely physical environments. The addition of a virtualization layer to the IT stack introduces a new point of failure in the established security model and a new attack surface for intruders of malicious insiders. Any breach of security at the hypervisor level undermines all of the security on the stack above it, from the operating system through the data and application layers.
The dangers of a cloud data center
According to an IDC Enterprise Panel survey, the number one concern of companies moving into cloud computing environments is security
Security is number one concern when moving into the cloud
Image missing...
No comments:
Post a Comment