Summary
- Cloud computing offers many benefits, including a pay-as-you-go economic model, simplified IT management for users, scalability, flexibility, improved utilization, and a decreased carbon footprint.
- Cloud computing also has many risks and challenges, including vendor lock-in, security risks, privacy-related concerns, developer training and reengineering, evolving tools, and movement of data.
- Cloud computing offers a compelling economic model for businesses through the pay-as-you-go model and can significantly lower management and overall costs of IT.
- Cloud service providers leverage economies of scale to provide services at low costs. They require large datacenters and many clients in order to amortize the costs over the entire user base.
- A service level objective (SLO) allows an organization to formally state its service requirements to a service provider.
- A service level agreement (SLA) is a contract that is negotiated between a service provider and a client. It defines the level of service expected from the service provider.
- Auditing evaluates whether the cloud services comply with the SLA through monitoring. As with auditing in other fields, a mutually trusted third party is involved in the process to ensure compliance and fairness.
- The shared and public nature of cloud computing introduces new risks in terms of information security. The primary threats are abuse of clouds, insecure interfaces and APIs, malicious insiders, shared technology issues, and data loss or leakage.
- The responsibility of securing applications on the cloud is split between the cloud service provider and the client. The provider must make available controls and systems that can be used to secure applications, resources, and data on the cloud. The client must make sure that it makes full use of the provided controls and systems and follows best security practices when using clouds.