Estimated reading time: 3 minutes, 2 seconds

Clouds Make '-as-a-Service' Reality Featured

Clouds Make '-as-a-Service' Reality "Cumulus clouds in the sky"

Although there have been fears about issues such as reliability and security, companies are increasingly moving their applications and services to the cloud. This migration is going to change organizations in big ways. Despite the concept of cloud computing being there since 60’s it was not widely known by consumers until decades later. With the launch of Amazon Web Services (AWS) by Amazon in 2006 and other cloud solutions that followed, cloud computing became a household name. Microsoft, Google, and Apple among others are today some of the famous cloud service providers in the world. These companies offer different cloud experiences such as storage, computing space, and other services that are usually metered. They have consequently changed how businesses are conducted and lifestyles in general. Here are some ways in which cloud computing is making “as a service” a reality:

  1. Infrastructure-as-a-service

Infrastructure-as-a-service (IaaS) is one of the most important components of the cloud. It is where cloud service providers supply their customers with compute space along with control, and new forms of storage. Most of what is provided are not available on-premise or are too expensive if one decides to invest in them. Although the services began with enterprises lacking knowledge on the IaaS paradigm that eventually lead to data breaches, it later made the security of assets in the cloud a shared responsibility that must be carried out by both the customer and the cloud service provider. Unlike the on-premise systems that you can surround with the firewalls at the edge, the cloud is different. The presence of a single vulnerability can be exploited across the internet leading to a large-scale data breach. An example of an attack on cloud service is the one on AWS carried out in 2019, taking advantage of Capital One. The cloud service providers and their customers must work hand-in-hand to adapt to the changes, ensure configurations are up to standards and ensure they are up to the task to the changing threats. 

2. Platform-as-a-Service (PaaS)

This is another service provided by the cloud whose security implications are still not well understood by the customers. Each of the services offered here ranges from storage to analytics stacks, each with its complexities. While these services can be of great use to your organization, the IT team must understand security best practices ranging from preventive to detective security measures. This starts from proper configuration to role-based access controls (RBAC). Since PaaS is still new, the challenge faced by the security professionals is the lack of pre-existing models that can be used to show how secure an embedded service in an application is without using a secure network. 

  1. Software-as-a-service (SaaS)

This is perhaps the most broadly adopted cloud service by organizations. It allows organizations to add new applications within a short time without worrying about things such as software upgrades, support tasks, and backups among other things. Although useful, SaaS applications do not give adequate insight into network and security controls. Although customers have the authority on various things such as who can access their applications, permissions that they have, what they can access and others, there is a massive complexity in the configuration that may impact security. 

Generally, there is no doubt that a change is coming and it brings disruption with it. Companies must therefore prepare their IT workforce to face the new shifts. Some IT professionals fear that the cloud will commoditize their work and the cloud will result in the outsourcing of the majority of their operations. Although most of these are true, organizations and institutions of learning must prepare people to make a difference and fill gaps that remain.

Read 44 times
Rate this item
(0 votes)
Scott Koegler

Scott Koegler is Executive Editor for PMG360. He is a technology writer and editor with 20+ years experience delivering high value content to readers and publishers. 

Find his portfolio here and his personal bio here

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.