<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Cloud Computing Archives -</title>
	<atom:link href="https://zymitry.com/category/cloud-computing-notes-tutorials/feed/" rel="self" type="application/rss+xml" />
	<link>https://zymitry.com/category/cloud-computing-notes-tutorials/</link>
	<description>Tech &#38; Other Stuff</description>
	<lastBuildDate>Fri, 05 Jun 2026 21:38:37 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://i0.wp.com/zymitry.com/wp-content/uploads/2016/11/favicon.png?fit=32%2C32&#038;ssl=1</url>
	<title>Cloud Computing Archives -</title>
	<link>https://zymitry.com/category/cloud-computing-notes-tutorials/</link>
	<width>32</width>
	<height>32</height>
</image> 
<site xmlns="com-wordpress:feed-additions:1">120106411</site>	<item>
		<title>Cloud Architecture Models</title>
		<link>https://zymitry.com/cloud-acrchitectural-models/</link>
					<comments>https://zymitry.com/cloud-acrchitectural-models/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Sat, 17 Jun 2023 18:46:42 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[architecture]]></category>
		<category><![CDATA[Cloud applications]]></category>
		<category><![CDATA[Cloud Architecture Models]]></category>
		<category><![CDATA[cloud computing]]></category>
		<category><![CDATA[Cloud infrastructure]]></category>
		<category><![CDATA[Cloud management]]></category>
		<category><![CDATA[distribution]]></category>
		<category><![CDATA[logical]]></category>
		<category><![CDATA[replication]]></category>
		<category><![CDATA[Resource optimization]]></category>
		<category><![CDATA[resource pooling architecture]]></category>
		<category><![CDATA[scalability]]></category>
		<category><![CDATA[Workload Distribution Architecture]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=355</guid>

					<description><![CDATA[<p>"Discover the power of workload distribution and resource pooling architecture in cloud systems. Learn how these foundational cloud architecture models enable scalability, optimize resource utilization, and provide fault tolerance. Explore the benefits, challenges, and real-world examples of implementing these models to build highly scalable and responsive cloud applications."</p>
<p>The post <a href="https://zymitry.com/cloud-acrchitectural-models/">Cloud Architecture Models</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1>Cloud Architecture Models for Scalability and Resource Optimization: Workload Distribution and Resource Pooling Architecture</h1>
<h4></h4>
<p>&nbsp;</p>
<h4>Cloud Architecture Models for Scalability and Resource Optimization: Workload Distribution and Resource Pooling Architecture</h4>
<p>Learn about workload distribution and resource pooling architecture, two foundational cloud architecture models for scalability and resource optimization. Discover how these models enable efficient resource utilization, dynamic scaling, synchronization, and redundancy in cloud systems.</p>
<h4>Introduction:</h4>
<p>Cloud architecture plays a crucial role in building highly scalable applications to accommodate expanding datasets, unpredictable traffic patterns, and the need for faster response times. In this article, we will explore two common cloud architecture models: workload distribution architecture and resource pooling architecture. These models provide the foundation for achieving scalability and optimizing resource utilization in cloud systems.</p>
<h4>Workload Distribution Architecture:</h4>
<p>Workload distribution architecture focuses on horizontally scaling IT resources by utilizing identical resources and a load balancer. The load balancer evenly distributes the workload among available IT assets, such as distributed virtual servers, cloud storage devices, and cloud services. Additional mechanisms that can be part of this architecture include:</p>
<ul>
<li>Cloud Usage Monitor: Enables runtime tracking and data processing.</li>
<li>Audit Monitor: Monitors the system to fulfill legal requirements.</li>
<li>Hypervisor: Manages workloads and distributes them among virtual hosts.</li>
<li>Logical network perimeter: Isolates cloud consumer network boundaries.</li>
<li>Resource clusters: Support workload balancing between cluster nodes.</li>
<li>Resource replication: Generates new instances of virtualized resources during increased workloads.</li>
</ul>
<p><strong>Benefits of Workload Distribution Architecture</strong>:</p>
<ul>
<li>Scalability: Horizontal scaling allows for efficient distribution of workloads, ensuring optimal resource utilization during increased demand.</li>
<li>Fault tolerance: Distribution of workloads across multiple resources provides fault tolerance and minimizes downtime in case of resource failures.</li>
<li>Performance optimization: Balancing workloads across resources prevents overload on individual resources, leading to improved performance.</li>
</ul>
<p><strong>Disadvantages of Workload Distribution Architecture:</strong></p>
<ul>
<li>Complexity: Implementing workload distribution architecture can be complex, especially when configuring load balancers, monitoring systems, and ensuring resource synchronization.</li>
<li>Increased latency: Load balancing and workload distribution can introduce some latency, particularly in processing requests involving large datasets or complex applications.</li>
</ul>
<h4>Resource Pooling Architecture:</h4>
<p>Resource pooling architecture involves grouping identical IT resources into pools, which can include physical and virtual resources. These resources are automatically synchronized and maintained by the system. Examples of resource pools include:</p>
<ul>
<li>Physical server pools: Networked servers with pre-installed operating systems and applications.</li>
<li>Virtual server pools: Configured from pre-chosen templates during provisioning.</li>
<li>Storage pools: File or block-based storage containers.</li>
<li>Network pools: Pre-configured network devices like virtual firewalls and switches for redundancy, load balancing, and link aggregation.</li>
<li>CPU pools: Allocate CPU resources to virtual servers.</li>
<li>Physical RAM pools: Vertically scale newly provisioned physical servers.</li>
</ul>
<p><strong>Benefits of Resource Pooling Architecture:</strong></p>
<ul>
<li>Resource optimization: Resource pooling ensures efficient utilization of IT resources by dynamically allocating them based on demand.</li>
<li>Simplified management: The architecture simplifies resource management by automatically synchronizing resources and providing administration tools.</li>
<li>Scalability: Resource pooling enables both horizontal and vertical scalability, allowing for the allocation of additional resources from appropriate pools as workload increases.</li>
</ul>
<p><strong>Disadvantages of Resource Pooling Architecture:</strong></p>
<ul>
<li>Complexity: Managing and organizing resource pools can be complex, especially in large-scale environments with hierarchical structures.</li>
<li>Synchronization challenges: Keeping identical resources within pools synchronized and maintaining consistency across multiple instances can be challenging, requiring robust synchronization mechanisms.</li>
</ul>
<h4>Conclusion:</h4>
<p>Cloud architecture models such as workload distribution architecture and resource pooling architecture are instrumental in achieving scalability, resource optimization, and performance in cloud systems. By leveraging these models, architects can design and implement complex architectures that dynamically scale IT resources, synchronize resources, provide fault tolerance, and optimize resource allocation. These architectural approaches are essential for building highly scalable cloud applications that meet the demands of expanding datasets, unpredictable traffic patterns, and the need for faster response times.</p>
<h4>References</h4>
<p>G. Palmer Security Notes (2015-2023)</p>
<p>Acitura Education. Load Balanced Virtual Server Instances. Retrieved June 17, 2023: <a href="https://patterns.arcitura.com/cloud-computing-patterns/design_patterns/load_balanced_virtual_server_instances">http://cloudpatterns.org/design_patterns/load_balanced_virtual_server_instances.</a></p>
<p>&nbsp;</p>
<h4>Related Articles and Content</h4>
<p><a href="https://zymitry.com/artificial-intelligence-implications-exploration/" target="_blank" rel="noopener">Exploring the Implications of Artificial Intelligence</a></p>
<p><a href="https://zymitry.com/artificial-intelligence-texas-higher-ed/" target="_blank" rel="noopener">Artificial Intelligence in Texas Higher Education: Ethical Considerations, Privacy, and Security</a></p>
<p><a href="https://zymitry.com/understanding-business-continuity-planning/" target="_blank" rel="noopener">Understanding Business Continuity Planning</a></p>
<p><a href="https://www.vmware.com/topics/glossary/content/cloud-architecture.html" target="_blank" rel="noopener">https://www.vmware.com/topics/glossary/content/cloud-architecture.html</a></p>
<p><a href="https://web.archive.org/web/20240305030142/https://scitis.io/cloud-architecture-simply-explained/?lang=en" target="_blank" rel="noopener">https://scitis.io/cloud-architecture-simply-explained/?lang=en</a></p>
<p>5 Questions you should ask</p>
<p><a href="https://cloud.google.com/learn/what-is-cloud-architecture" target="_blank" rel="noopener">https://cloud.google.com/learn/what-is-cloud-architecture</a></p>
<p><a href="https://www.informit.com/articles/article.aspx?p=2093407" target="_blank" rel="noopener">https://www.informit.com/articles/article.aspx?p=2093407</a></p>
<p>https://ieeexplore.ieee.org/document/8588188</p>
<p><a href="https://patterns.arcitura.com/cloud-computing-patterns/design_patterns/workload_distribution" target="_blank" rel="noopener">Workload Distribution</a></p>
<p><a href="https://www.oreilly.com/library/view/cloud-computing-concepts/9780133387568/ch11.xhtml" target="_blank" rel="noopener">https://www.oreilly.com/library/view/cloud-computing-concepts/9780133387568/ch11.xhtml</a></p>
<p>&nbsp;</p>
<p><span style="font-size: 10pt;"><strong>Note:</strong> <em>This article has been prepared with the assistance of AI, which provided suggestions and revisions to improve the clarity and coherence of the content. However, the original research, decision-making, and final content selection were done by a human author.</em></span></p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/cloud-acrchitectural-models/">Cloud Architecture Models</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/cloud-acrchitectural-models/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">355</post-id>	</item>
		<item>
		<title>The Process of Migrating an Application to the Cloud</title>
		<link>https://zymitry.com/process-migrating-application-cloud/</link>
					<comments>https://zymitry.com/process-migrating-application-cloud/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 22:51:39 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[application]]></category>
		<category><![CDATA[checklist]]></category>
		<category><![CDATA[cloud]]></category>
		<category><![CDATA[cycle]]></category>
		<category><![CDATA[factors]]></category>
		<category><![CDATA[migrating]]></category>
		<category><![CDATA[migration]]></category>
		<category><![CDATA[planning]]></category>
		<category><![CDATA[security]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=352</guid>

					<description><![CDATA[<p>The Process of Migrating an Application to the Cloud Applications can be moved to the cloud quickly with little problem if the migration is planned correctly. The process of constructing a plan for migrating a system to the cloud generally includes the following steps: Define the system goals and requirements. This process includes considering several… <span class="read-more"><a href="https://zymitry.com/process-migrating-application-cloud/">Read More: The Process of Migrating an Application to the Cloud &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/process-migrating-application-cloud/">The Process of Migrating an Application to the Cloud</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2>The Process of Migrating an Application to the Cloud</h2>
<p>Applications can be moved to the cloud quickly with little problem if the migration is planned correctly. The process of constructing a plan for migrating a system to the cloud generally includes the following steps:</p>
<ul>
<li>Define the system goals and requirements. This process includes considering several factors such as security requirements, scalability requirements, continuity and disaster requirements, as well as others.</li>
</ul>
<ul>
<li>Protect existing data. Items to be addressed include a backup plan agreed upon by the customer and provider, data privacy requirements, and procedures to move out of the cloud in case problems are encountered.</li>
</ul>
<ul>
<li>Use a Consultant if needed. Hiring a reputable cloud expert might save organizations money over the long term.</li>
</ul>
<ul>
<li>Consider vendor lock-ins. Lock-ins can be technical or administrative in nature. Cloud providers should make it easy for customers to move their data if desired.</li>
</ul>
<ul>
<li>Know and document the characteristics of current applications. This includes knowing characteristics such as demand periods, average amount of users, disk storage requirements, database requirements, RAM usage, bandwidth required, and cache required by the application.</li>
</ul>
<ul>
<li>Define training requirements. Training requirements to consider include: employee preparedness, developer training, administrator training, audit group for governance training, help desk support training, an business continuity and disaster recovery training.</li>
</ul>
<ul>
<li>Define a realistic deployment schedule. The plan should provide sufficient time for training, testing, and benchmarking.</li>
</ul>
<ul>
<li>Budget concerns. Key budget factors to consider include cost breakdowns for current data centers so comparative analysis and Return on Investment (ROI) can be calculated. Other factors to consider include; current payroll and projected payroll, current and future licensing and update costs, and current hardware maintenance costs.</li>
</ul>
<ul>
<li>Identify governance issues such as alignment with organizational goals, define internal and external controls, identify and mitigate risks, define access, discover how to access event and system logs for auditing, discover how the provider performs updates and patches, and how to use performance monitoring tools.</li>
</ul>
<p>&nbsp;</p>
<h4>Cloud migration can be done using a four-stage cycle as follows:</h4>
<p><strong>Assessment</strong></p>
<p>An assessment to determine if the cloud service meets system requirements and if the provider’s services align with the organizations goals. Items to consider include the following:</p>
<ul>
<li>Is the cloud system offered a good fit, does it align with the organizations mission and goals? Do not blindly choose a provider.</li>
</ul>
<ul>
<li>What are the organizations capacity demands?</li>
</ul>
<ul>
<li>Accurately determine actual costs. Factors to consider include on-boarding programs, support plans, and new environments that did not exist with the current system.</li>
</ul>
<ul>
<li>Are there going to be any gaps in service after the migration?</li>
</ul>
<ul>
<li>How well do the providers tools align with the organizations existing tools?</li>
</ul>
<p>&nbsp;</p>
<p><strong>Planning</strong></p>
<ul>
<li>What applications and environments are good candidates for the cloud? Conduct a comprehensive inventory of applications and determine which are the best fit for a cloud environment.</li>
</ul>
<ul>
<li>What’s the topology of the application architecture? Cloud servers, data services, and networks behave differently than their on-premises counterparts so architecture may have to evolve or change to accommodate.</li>
</ul>
<ul>
<li>Will there be any performance bottlenecks? For example: if your applications have integration points with on-premises systems you may see performance problems due to long-distance connections over public networks.</li>
</ul>
<ul>
<li>Are there hybrid integration plans? It’s unrealistic to think that you’ll move an entire application portfolio to the cloud at once. Treat the cloud as a logical extension of existing systems.</li>
</ul>
<ul>
<li>Have you identified the first adopters? A migration to the cloud can be disruptive so it is important to find people within the organization who are eager and experienced to help define new standards and guide the organization through the transition.</li>
</ul>
<ul>
<li>How will users access the environment?</li>
</ul>
<ul>
<li>Staff training.</li>
</ul>
<ul>
<li>What internal processes have to change in order to capitalize on the new service? Documented procedures for hardware requisition, change management, testing, and deployments may not apply in the same way when using cloud services.</li>
</ul>
<ul>
<li>How will you deploy updated code, data, and configurations to the environment? A new cloud service may or may not work with existing tools.</li>
</ul>
<ul>
<li>Operating plan after the migration.</li>
</ul>
<ul>
<li>Small scale test of the migration plan.</li>
</ul>
<p>&nbsp;</p>
<p><strong>Migration itself.</strong></p>
<ul>
<li>How are applications and data being distributed to the cloud? There are several of ways to get applications and data up to a cloud location. For moderately-sized workloads, simple copy commands used over the internet may work. Large data transfers might incur significant bandwidth charges.</li>
</ul>
<ul>
<li>What security controls are in place during transit to the cloud?</li>
</ul>
<ul>
<li>What is being migrated? Is it virtual machines, data, or applications?</li>
</ul>
<ul>
<li>Recreate metadata.</li>
</ul>
<p>&nbsp;</p>
<p><strong>Validation</strong></p>
<ul>
<li>Are applications and data reachable? A vital simple test.</li>
</ul>
<ul>
<li>Did all the data make its way into the environment? Through automation, or if required, a manual spot check, verify that both transaction data and reference data was accurately and successfully transferred.</li>
</ul>
<ul>
<li>Can administrative tools access the cloud environment? This should have been performed during the planning phase but it is important to verify this again.</li>
</ul>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>References</p>
<p>&nbsp;</p>
<p>Seroter, R. (2015, June 18). <em>The Cloud Migration Checklist.</em> Retrieved August 11, 2016, from InfoQ, <a href="https://www.infoq.com/articles/cloud-migration-checklist" target="_blank">https://www.infoq.com/articles/cloud-migration-checklist</a></p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank">Disclaimer</a></p>
<p>&nbsp;</p>
<p>The post <a href="https://zymitry.com/process-migrating-application-cloud/">The Process of Migrating an Application to the Cloud</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/process-migrating-application-cloud/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">352</post-id>	</item>
		<item>
		<title>Mobile Cloud Computing:  Benefits &#038; Disadvantages</title>
		<link>https://zymitry.com/mobile-cloud-benefits-disadvantages/</link>
					<comments>https://zymitry.com/mobile-cloud-benefits-disadvantages/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 22:25:43 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[applications]]></category>
		<category><![CDATA[apps]]></category>
		<category><![CDATA[benefits]]></category>
		<category><![CDATA[cloud]]></category>
		<category><![CDATA[cons]]></category>
		<category><![CDATA[disadvantages]]></category>
		<category><![CDATA[future]]></category>
		<category><![CDATA[mobile]]></category>
		<category><![CDATA[pros]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=349</guid>

					<description><![CDATA[<p>It has been estimated that within the next few years mobile computing using cloud-based systems will become a trillion dollar business. Currently, it is not clear whether mobile computing is driving the growth of cloud-based systems or vice versa. Either way, most businesses understand that it is critical to have a mobile computing presence. To… <span class="read-more"><a href="https://zymitry.com/mobile-cloud-benefits-disadvantages/">Read More: Mobile Cloud Computing: Benefits &#038; Disadvantages &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/mobile-cloud-benefits-disadvantages/">Mobile Cloud Computing:  Benefits &#038; Disadvantages</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>It has been estimated that within the next few years mobile computing using cloud-based systems will become a trillion dollar business. Currently, it is not clear whether mobile computing is driving the growth of cloud-based systems or vice versa. Either way, most businesses understand that it is critical to have a mobile computing presence. To maximize efficiency and the user experience, developers should design applications from the ground up taking mobile computing into account.</p>
<h4>Mobile Cloud Computing</h4>
<h4>Benefits:</h4>
<ul>
<li>One of the major advantages of cloud computing is that you can access your data from anywhere in the world, using any mobile device that is connected to the Internet.</li>
</ul>
<ul>
<li>Real time data availability: Cloud computing provides access to data in real time whenever and wherever wanted.</li>
</ul>
<ul>
<li>Unlike traditional application models, cloud computing is supported on many different platforms.</li>
</ul>
<ul>
<li>Cloud applications accessed by mobile devices usually have minimal or no upfront cost. Most applications use a pay as you go model.</li>
</ul>
<h4>Disadvantages:</h4>
<ul>
<li>One major concerns with cloud computing is the security of data as it relates to users and their actions. Mobile users can accidentally provide sensitive information through the network or through using the application. If cloud applications are not properly secured it increases risks related to user actions.</li>
</ul>
<ul>
<li>Another well-known concern with cloud computing is performance. Since applications are hosted on remote servers that are accessed across public networks, this can cause slower responses and slower application speeds.</li>
</ul>
<ul>
<li>An internet connection is required. If an application does not have access to the internet it is often unusable.</li>
</ul>
<h4>Summary</h4>
<p>Not everyone can afford to buy and maintain large devices such as laptop or desktop computers, but these same people can often afford a smart phone with a reasonably priced mobile data plan. Major developers such as Microsoft and Adobe already offer suites designed to be run from mobile devices, and directed towards mobile application users.</p>
<p>References</p>
<p>http://www.getcloudservices.com/blog/mobile-cloud-computing-pros-and-cons/.</p>
<p>http://offshorent.com/blog/advantages-of-mobile-cloud-computing</p>
<p>https://themediax.com/what-are-the-advantages-and-disadvantages-of-mobile-cloud-computing/</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/mobile-cloud-benefits-disadvantages/">Mobile Cloud Computing:  Benefits &#038; Disadvantages</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/mobile-cloud-benefits-disadvantages/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">349</post-id>	</item>
		<item>
		<title>The Governance of Cloud-Based Systems</title>
		<link>https://zymitry.com/governance-cloud-systems/</link>
					<comments>https://zymitry.com/governance-cloud-systems/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 22:09:15 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[agreement]]></category>
		<category><![CDATA[breach]]></category>
		<category><![CDATA[Governance]]></category>
		<category><![CDATA[legal]]></category>
		<category><![CDATA[Negligence]]></category>
		<category><![CDATA[privacy]]></category>
		<category><![CDATA[Rights]]></category>
		<category><![CDATA[risk]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[SLA]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=345</guid>

					<description><![CDATA[<p>The Governance of Cloud-Based Systems The Dot Com crash of 2000 and corporate scandals such as Enron highlighted the need for better laws to oversee financial organizations, and also highlighted the need for better corporate governance. IT Governance is the part of corporate governance that includes policies, procedures, and controls that relate to information systems… <span class="read-more"><a href="https://zymitry.com/governance-cloud-systems/">Read More: The Governance of Cloud-Based Systems &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/governance-cloud-systems/">The Governance of Cloud-Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2 class="TextBody" style="margin-bottom: 0.0001pt; line-height: 200%; text-align: left;" align="center"><span style="font-family: 'Times New Roman','serif'; color: #010101;">The Governance of Cloud-Based Systems</span></h2>
<p>The Dot Com crash of 2000 and corporate scandals such as Enron highlighted the need for better laws to oversee financial organizations, and also highlighted the need for better corporate governance. IT Governance is the part of corporate governance that includes policies, procedures, and controls that relate to information systems use, performance, Return on Investment (ROI), and risk mitigation</p>
<p>When a company moves services to the cloud it must naturally extend its IT governance to include cloud-based systems and services. Governance includes policies, procedures, and controls that ensure confidence in the accuracy and security of the cloud-based systems, and also ensures the strategic alignment of cloud-based systems with the organizations goals. A key component of the governance process begins with Service Level Agreements (SLA)’s that specify contractual obligations that a cloud vendor must provide and adhere to. One important governance issue that is normally specified in a SLA is limited liability provisions. Fox (2015) states that customers generally want service provider&#8217;s liability responsibility to include, among other obligations, coverage for claims arising out of the following:</p>
<ul>
<li>Allegations that the cloud services provided by the vendor infringe upon, or violate, the intellectual property or other proprietary rights of any third party.</li>
</ul>
<ul>
<li>Negligence or willful misconduct of the cloud service provider, including its contractors and agents.</li>
</ul>
<ul>
<li>Claims that the cloud service provider including its contractors and agents caused any bodily injury to the customer&#8217;s staff, or property damage to the customer&#8217;s property.</li>
</ul>
<ul>
<li>A breach of any of the cloud service provider&#8217;s data or system security as well as any other customer data privacy obligations.</li>
</ul>
<p>&nbsp;</p>
<p>In contrast, cloud service providers usually try and reduce the scope of their liability towards customers by attempting to negotiate SLA provisions in their favor, for example, trying to limit its liability obligations to customers using a cap on the amount that it is obligated to indemnify the customer for. Customers who agree to caps run the risk of being held accountable for damages that exceed the cap limit even if the damages can be attributed to the provider, provider contractors, and other third-parties that may be associated with the cloud provider (Fox, 2015).</p>
<p>&nbsp;</p>
<h4>Summary</h4>
<p>Regarding the governance of cloud-based systems, it is of utmost importance that customers clearly understand that if their IT systems are hosted on a cloud-based system, their IT governance extends to include those systems. Service Level agreements with cloud providers are a method that organizations can use to extend that governance to cloud-based systems which specifies a level of service that a vendor agrees to provide, and contains provisions that specify items such as liability.</p>
<p>&nbsp;</p>
<p>References</p>
<p>Fox, A. (2015, May 07). <em>Common Mistakes Made by Customers and Service Providers when Negotiating Cloud Services Agreements.</em> Retrieved August 10, 2017, from Association of Corporate Counsel, http://www.acc.com/legalresources/quickcounsel/negotiating-cloud-services-agreements.cfm.</p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/governance-cloud-systems/">The Governance of Cloud-Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/governance-cloud-systems/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">345</post-id>	</item>
		<item>
		<title>Service-Oriented Architecture (SOA) Web Services</title>
		<link>https://zymitry.com/soa-web-services/</link>
					<comments>https://zymitry.com/soa-web-services/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 20:40:55 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[architecture]]></category>
		<category><![CDATA[black-box]]></category>
		<category><![CDATA[coupled]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[server]]></category>
		<category><![CDATA[service-oriented]]></category>
		<category><![CDATA[services]]></category>
		<category><![CDATA[web]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=338</guid>

					<description><![CDATA[<p>Service-Oriented Architecture (SOA) Web Services Service-Oriented Architecture (SOA) is a system of solutions characterized in terms of one or more services. Web services as a type of SOA allow programmers to use web services within their programs to perform specific functions. The following are features and benefits of SOA: The Service feature provides the benefits… <span class="read-more"><a href="https://zymitry.com/soa-web-services/">Read More: Service-Oriented Architecture (SOA) Web Services &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/soa-web-services/">Service-Oriented Architecture (SOA) Web Services</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2>Service-Oriented Architecture (SOA) Web Services</h2>
<p>Service-Oriented Architecture (SOA) is a system of solutions characterized in terms of one or more services. Web services as a type of SOA allow programmers to use web services within their programs to perform specific functions.</p>
<h4>The following are features and benefits of SOA:</h4>
<ul>
<li>The Service feature provides the benefits of improved information flow, the ability to safely expose an internal function, and organization flexibility. SOA provides a way to offer software services over the Internet and the world-wide web.</li>
</ul>
<ul>
<li>Service Re-use that has the benefit of lowering software development and management costs.</li>
</ul>
<ul>
<li>Messaging that provides configuration flexibility by providing a way for systems to communicate with each other in a standardized way.</li>
</ul>
<ul>
<li>Message monitoring that provides the benefit of business intelligence, performance measurement, and security attack detection.</li>
</ul>
<ul>
<li>Message control which allows the application of management and security policies.</li>
</ul>
<ul>
<li>Message transformation which is the conversion of data from one format to another through automated field mapping.</li>
</ul>
<ul>
<li>Message security through encryption and cryptographic integrity-check fields.</li>
</ul>
<ul>
<li>Complex event processing. Services can respond to events from other sources. For example, a financial information service might respond to stock-price changes, or a manufacturing production-control service might respond to production process events, such as changes in temperature of the materials being processed.</li>
</ul>
<ul>
<li>Service composition by putting together of a number of simple services to make a more complex one.</li>
</ul>
<ul>
<li>Service discovery which allows a program to discover services at run time instead of having to be pre-programmed. This provides the ability to optimize performance, functionality, and cost, and easier upgrades of systems since upgraded systems can be offered in parallel with older systems.</li>
</ul>
<ul>
<li>Asset wrapping where assets and components are assembled to form a software service. The ability to integrate existing assets provides the benefit of preserving the value of an enterprise’s existing assets, the cost of developing or acquiring replacements is avoided, and there is a smooth migration path from the old architecture to new ones.</li>
</ul>
<ul>
<li>Example: hypervisors that can provide different operating system environments.</li>
</ul>
<ul>
<li>Model driven implementation which provides the ability to develop new functions rapidly.</li>
</ul>
<p>&nbsp;</p>
<h4>The disadvantages of SOA are as follows:</h4>
<ul>
<li>SOA is not suitable for applications with GUI functionalities. These applications require heavy data exchange which makes them much more complex.</li>
</ul>
<ul>
<li>Applications that use asynchronous communication do not work very well with SOA.</li>
</ul>
<ul>
<li>Standalone and short lived application implementations are not well suited for SOA. The development of an SOA for these applications is not worth the time and cost to create them.</li>
</ul>
<p>&nbsp;</p>
<h4>SOA Web Services</h4>
<p>Programmers use web services to provide specific services across the web for other programs. Web services are intended specifically for other services and not users. Web services typically are used by programmers to create programs to perform tasks that require another company or organization, example; credit card processing for an eCommerce vendor, or for checking a supplier’s inventory. In the first example a customer would order an item from an eCommerce vendor and pay for it using a credit card. The vendors system would have code that would contact the credit card company system to process the details of the transaction then send the results back. The second example, a customer looking for an item wants to know if an item is in stock. The vendor does not physically carry the item but rather processes the order and has it drop shipped directly from the supplier. In this case the vendors system can check with the suppliers system and verify if the item is in stock. In these examples, the vendor is contacting the web services of another company whose system actually processes the request then sends the results back across the internet to the vendor. All the functions and processing is transparent to the users who only see the results in a web page. Web services use what is known as loose coupling to be able to communicate with systems from different organizations. The idea is that with a web service, a program only needs to know the location (URL) of the web service, the web services functions, and parameters, to pass to the web service function. A Web Service Description Language (WDSL) file tells the program requesting web services what functions are available, parameter types, and other information that defines how the systems will communicate with each other. This loose coupling architecture allows systems from different organizations using different architectures and platforms to communicate and use functions provided over the web.</p>
<p>&nbsp;</p>
<h4>Web Service Roles</h4>
<p>Web service architecture can be viewed either as individual roles of each service, or by examining the emerging Web Service Protocol Stack.</p>
<p>There are three major roles within the web service architecture as follows:</p>
<ul>
<li>The Service Provider who implements the service and makes it available on the Internet.</li>
</ul>
<ul>
<li>The Requestor who utilizes the service by opening a network connection and sending a request.</li>
</ul>
<ul>
<li>Service Registry which is a centralized directory of services that provides a central place where developers can publish new services or find existing ones.</li>
</ul>
<p>The Web Service Protocol Stack (WSPS) is still evolving but currently has four layers that are as follows:</p>
<ul>
<li>The Service Transport layer which is responsible for transporting messages between applications.</li>
</ul>
<ul>
<li>The XML Messaging layer responsible for encoding messages in a common XML format so that messages can be understood at either end.</li>
</ul>
<ul>
<li>The Service Description layer is responsible for describing the public interface to a specific web service using the previously described WSDL.</li>
</ul>
<ul>
<li>The Service Discovery layer that is responsible for centralizing services into a common registry and providing easy publish/find functionality.</li>
</ul>
<p>Oracle for example provides an in-depth tutorial that instructs programmers on how to use Oracle XML DB Web services for Service-Oriented Architecture. The tutorial gives an overview and then provides prerequisites, the creation of a binary XML table, reviewing the XML schema in JDeveloper, and using Oracle XML DB Web Services. The tutorial provides code examples for creating network connections, and database protocols and commands to use.</p>
<p>&nbsp;</p>
<h4>Benefits of Web Services as Black Box</h4>
<p>The term “black box” is a module where a software developer does not know or care how processing is performed, but only knows that valid code inputs will produce predictable results. This is another example of the loosely coupled relationship found in web services. The developer can treat the web service as a black box not knowing how the service performs a task, but knows that if they provide valid input to the service that they will get consistent results. This black box functionality provides the benefit of interoperability. The black box web service doesn’t care what creates the valid input, only that it is valid. This means that the input can be created by a variety of programming languages which allows a wide-array of services from different organizations to be able to use the web service. This functionality usually works outside of private networks and provide developers a way to develop non-proprietary solutions. The result is that the services developed are likely to have a longer life-span and offer a better return on investment of the developed service. Web service black box functionality lets developers use their preferred programming languages because of the use standards-based communications methods making web services platform-independent.</p>
<p>&nbsp;</p>
<h4>Summary</h4>
<p>Web services that can be loosely-coupled allow various programs from many different platforms written in many different program languages to use a web service. Programmers do not need to know how the web service actually processes requests; they only need to know how to produce valid code inputs to the service to use it. Web services provide a way for systems to communicate in a standardized way.</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>References</p>
<p>Oracle XML DB Web Services. (n.d.). <em>Using Oracle XML DB Web Services for Service- Oriented Architecture. </em>Retrieved August 03, 2016, from Oracle.com, <a href="https://web.archive.org/web/20230627004807/https://www.tutorialspoint.com/webservices/web_services_architecture.htm" target="_blank" rel="noopener">http://www.tutorialspoint.com/webservices/web_services_architecture.htm</a>.</p>
<p>MSDN Benefits Web Services. (n.d.). <em>Advantages &amp; Disadvantages of Web Services</em>. Retrieved August 4, 2016, from <a href="https://web.archive.org/web/20141008191900/http://social.msdn.microsoft.com:80/Forums/en-US/435f43a9-ee17-4700-8c9d-d9c3ba57b5ef/advantages-disadvantages-of-webservices?forum=asmxandxml" target="_blank" rel="noopener">https://social.msdn.microsoft.com/Forums/en-US/435f43a9-ee17-4700-8c9d-d9c3ba57b5ef/advantages-disadvantages-of-webservices?forum=asmxandxml</a>.</p>
<p>Paul, A. (2011, May 06). Service Oriented Architecture. Retrieved August 4, 2016, from <a href="https://web.archive.org/web/20180816142348/http://www.techyv.com:80/article/service-oriented-architecture-soa" target="_blank" rel="noopener">http://www.techyv.com/article/service-oriented-architecture-soa</a>.</p>
<p>The Open Group SOA. (n.d.). <em>Service Oriented Architecture : SOA Features and Benefits.</em> Retrieved August 4, 2016, from https://www.opengroup.org/soa/source-book/soa/soa_features.htm.</p>
<p>Tutorials Point Web Services. (n.d.). <em>Web Services Architecture.</em> Retrieved August 03, 2016 from Tutorials Point, <a href="https://web.archive.org/web/20230627004807/https://www.tutorialspoint.com/webservices/web_services_architecture.htm" target="_blank" rel="noopener">http://www.tutorialspoint.com/webservices/web_services_architecture.htm</a>.</p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/soa-web-services/">Service-Oriented Architecture (SOA) Web Services</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/soa-web-services/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">338</post-id>	</item>
		<item>
		<title>Security Advantages &#038; Disadvantages of Cloud-Based Systems</title>
		<link>https://zymitry.com/security-advantages-disadvantages-cloud/</link>
					<comments>https://zymitry.com/security-advantages-disadvantages-cloud/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 19:46:59 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[Administrator]]></category>
		<category><![CDATA[cloud]]></category>
		<category><![CDATA[disadvanatges]]></category>
		<category><![CDATA[security]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=336</guid>

					<description><![CDATA[<p>Security Advantages &#38; Disadvantages of Cloud-Based Systems Cloud computing benefits enterprises by reducing costs and allowing them to concentrate on their core business rather than IT and infrastructure related issues. Cloud services provide several security advantages and disadvantages. Advantages: Improved patch management and deployment due to cloud providers using specialized staff. Better human-relations reach. Through… <span class="read-more"><a href="https://zymitry.com/security-advantages-disadvantages-cloud/">Read More: Security Advantages &#038; Disadvantages of Cloud-Based Systems &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/security-advantages-disadvantages-cloud/">Security Advantages &#038; Disadvantages of Cloud-Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2>Security Advantages &amp; Disadvantages of Cloud-Based Systems</h2>
<p>Cloud computing benefits enterprises by reducing costs and allowing them to concentrate on their core business rather than IT and infrastructure related issues. Cloud services provide several security advantages and disadvantages.</p>
<h4>Advantages:</h4>
<ul>
<li>Improved patch management and deployment due to cloud providers using specialized staff.</li>
</ul>
<ul>
<li>Better human-relations reach. Through strong financial positions cloud vendors are able to better screen potential employees for security concerns.</li>
</ul>
<ul>
<li>System redundancy. Cloud solution providers are specialized and as such provide redundant resources.</li>
</ul>
<ul>
<li>Incident response. Client organizations often multi-task personnel, example, the system administrator may also be the organizations security specialist. Cloud providers are able to employ specialist that concentrate in specific areas. Additionally, cloud providers usually use advanced system monitoring and intrusion detection systems.</li>
</ul>
<p>&nbsp;</p>
<h4>Disadvantages:</h4>
<ul>
<li>Location of data. Cloud providers may store data in many different data centers, not all of them may be in the same state, or even the same country. For this reason it is not always clear how the physical location of data will be affected by things such as legal issues or standards compliance.</li>
</ul>
<ul>
<li>Multitenant concerns. Cloud services are often shared between multiple customers. As a result issues such as application errors for one customer might expose private data of other customers.</li>
</ul>
<ul>
<li>Malicious insiders. Even though cloud providers can better screen staff, sometime problems still occur. Malicious insiders can be in a position to compromise an organizations data.</li>
</ul>
<ul>
<li>Contract lock-ins. Organizations have to be very familiar with vendor agreements and clearly understand what they specify.</li>
</ul>
<ul>
<li>Vendor failure. There is always a possibility that a cloud provider fails as a business. An organization could potentially lose data hosted with the failed vendor and have problems recovering it. There is also the potential for loss of revenue while the organization gets systems running elsewhere. The problem is compounded if an organization has to replicate applications from scratch.</li>
</ul>
<p>&nbsp;</p>
<p>Additional security advantages of cloud-based systems include:</p>
<ul>
<li>Security through scale. Large scale implementations are usually more cost effective than small scale. This gives cloud vendors the financial resources to implement advanced security measures such as filtering, encryption, and detailed auditing.</li>
</ul>
<ul>
<li>Market demand security. Security has become one of the core factors determining which cloud provider organizations choose. Example, I have selected to evaluate cloud systems for a small hospital as my class project. One of the core requirements is that the providers must be HIPAA compliant and provide HIPAA compliant service agreements. Since this type security is in high demand, I have a large pool of potential vendors to choose from. This large pool creates an environment of competition which reduces costs.</li>
</ul>
<ul>
<li>Security through standardization. As cloud-based services become more popular this leads to more uniform, open and readily available security services that are more resilient against security threats.</li>
</ul>
<ul>
<li>Advantage of concentrated resources. The concentration of resources is potentially dangerous for security. At the same time it can also be used for improving security through other methods. It allows service providers cheaper physical access and security control. The saved resources can be reallocated to improve security.</li>
<li>Evidence-gathering and Investigation. Cloud computing services offer quick evidence gathering for forensic and investigation purposes.</li>
</ul>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>References</p>
<p>Blake, G. (2010, August 15). <em>The Security Benefits of Cloud Computing.</em> Retrieved July 28, 2016, from http://cloudtweaks.com/2010/08/the-security-benefits-of-cloud-computing/.</p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/security-advantages-disadvantages-cloud/">Security Advantages &#038; Disadvantages of Cloud-Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/security-advantages-disadvantages-cloud/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">336</post-id>	</item>
		<item>
		<title>Security Threats to Cloud–Based Systems</title>
		<link>https://zymitry.com/security-threats-cloud-based-systems/</link>
					<comments>https://zymitry.com/security-threats-cloud-based-systems/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 19:31:41 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[attacks]]></category>
		<category><![CDATA[cloud]]></category>
		<category><![CDATA[mitigate]]></category>
		<category><![CDATA[risk]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[threats]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=333</guid>

					<description><![CDATA[<p>Security Threats to Cloud–Based Systems Threats to both cloud-based and on-site solutions should be evaluated with an additional focus directed towards security issues specific to cloud services. Cloud security threats can come from internal or external sources, and can originate as human or software based attacks. Threat agents are as follows; anonymous attackers, malicious service… <span class="read-more"><a href="https://zymitry.com/security-threats-cloud-based-systems/">Read More: Security Threats to Cloud–Based Systems &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/security-threats-cloud-based-systems/">Security Threats to Cloud–Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2 style="text-align: left;" align="center">Security Threats to Cloud–Based Systems</h2>
<p>Threats to both cloud-based and on-site solutions should be evaluated with an additional focus directed towards security issues specific to cloud services. Cloud security threats can come from internal or external sources, and can originate as human or software based attacks. Threat agents are as follows; anonymous attackers, malicious service agents, trusted attackers, and malicious insiders. The following is a list of common security threats to cloud-based environments and methods that can be used to mitigate them.</p>
<ul>
<li>Traffic eavesdropping. This is a passive attack that can occur when data is being transmitted between cloud services and clients. This include actions such as packet sniffing which examines data in transmission packets, and Man-In-The-Middle (MITM) attacks where an attacker intercepts transmission packets, then can alter messages before forwarding them to their destination.  A MITM attack commonly uses a technique called ARP spoofing. Example, trick user 1 computer into thinking that it is communicating with user 2 computer, and vice versa. To prevent these types of attacks communications between machines should take place over Virtual Private Networks (VPN) when possible. Another mitigation strategy is to ensure communications use Secure Socket Layer (SSL) protocols. Example, web traffic using HTTPS instead of HTTP.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Denial of Service. Denial of Service (DoS), and Distributed Denial of Services (DDoS) occur when an attacker uses one or many different computers to send a bombardment of message traffic to a system to try and overwhelm it’s resources and take them out of use. Defending against DoS and DDoS attacks is difficult and common strategies to mitigate them usually apply only after the attack has started and caused problems. The best defense against these types of attacks are specialized network firewalls designed to track and recognize DoS attacks, and the use of a number of reverse proxy mechanisms. Reverse proxies determine if incoming traffic is legitimate and allows or drops the incoming packets accordingly.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Insufficient Authorization. This attack occurs when access or unauthorized levels of access are granted to an attacker in error. This can occur from weak authentication vulnerabilities related to weak passwords or shared accounts. The best protection against this threat includes both logical and physical security controls. Logical controls include administrative policies such as password policies, use firewalls and keep them updated, and auditing of systems. Physical controls include keeping system equipment in locked spaces with controlled access.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Virtualization Attacks. Since cloud service providers often grant customers administrative rights to virtualized resources, this means they might also be used to attack underlying IT resources. This attack is commonly known as hyperjacking and it is directed towards the virtualization hypervisor software layer where an attacker will try and get control over the hypervisor and gain access to the underlying hardware. Controls such as separate Virtual Local Area Network (VLAN) connections for each service, and the use of separate management networks are the most effective way to mitigate hyperjacking attacks. Example, keep web facing traffic separate from internal traffic, and keep management interfaces on networks separate from all other services.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Overlapping Trust Boundaries. Since cloud services often share resources among many different customers great care must be taken in establishing boundaries between them. Attackers can target shared resources with the intention of compromising other customers, or the underlying infrastructure as a way to get access to other customers resources. This attack can also include guest-hopping. This is an attack where an attacker might have access to one Operating System (OS), and use that access to try and compromise a different OS within the same cloud system. Establishing secondary private VLANs for each entity provides traffic isolation and is the ideal method for mitigating this threat.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Malicious Employees. Staff such as software developers often has extensive access to systems which can be misused by disgruntled or terminated employees. Moving services to the cloud reduces this risk with local employees, but cloud service staff still require a stringent screening. Malicious insider threats can be mitigated by using access controls, policies and enforcement, and layered security. Examples; Access controls should be put in place so employees and third-parties can only access specified information and systems. A policy that would explain that when employees and contractors fail to comply, they could face termination of their employment or contractual relationship and lawsuits depending on how the information was misused. Taken together these methods form layered security.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>SQL Injection. This type of attack is directed towards trying to compromise or gain control over database servers and databases. It commonly takes advantage of form type data being sent from a client such as a web browser to an application database server. The attacker alters “injects” their own SQL commands into the data being sent to the server in order to get control of the server, or force the server to divulge data within the database. Controls to mitigate SQL injection threats include; use parameterized queries, use stored procedures, include code that escapes all user supplied input, enforce the concept of least privilege on user access, and the use of white lists to validate user inputs.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Compromised Interfaces and API’s. APIs and interfaces are commonly the most exposed part of a system because they&#8217;re usually accessible from the open Internet. The use of separate VLAN’s for API and management traffic is the most effective method of mitigating this threat.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Data Loss. Cloud providers generally provide multiple layers of redundancy and extensive data replication. Although a rare occurrence, data loss due to provider error or system problems can still occur. Cloud providers recommend distributing data and applications across multiple zones as additional protection against this threat.</li>
</ul>
<p>&nbsp;</p>
<ul>
<li>Loosely defined service contracts. Sometimes organizations do not fully understanding cloud provider contracts and environments and encounter many commercial, financial, technical, legal, and compliance risks. The Cloud Security Alliance (CSA) states that organizations must perform extensive due diligence to understand the risks they assume when they subscribe to a cloud service as the primary mitigation strategy for this risk.</li>
</ul>
<p>&nbsp;</p>
<h4>Conclusions</h4>
<p>Cloud-based services are exposed to many of the same threats that on-site services are. To protect against these threats, the use of established and proven mitigation strategies should be applied. It is important to recognize though that cloud-based environments are subject to additional threats such as virtualization attacks that do require additional assessment and controls to mitigate the additional security risks. If the common and specific security risks are both properly mitigated, cloud-based services should be just as safe to use as on-site services.</p>
<p>&nbsp;</p>
<p>References</p>
<p>Berry-Tayman, L. (2015, January 16). <em>3 Ways to Protect Your Company Against Malicious Insiders. </em>Retrieved July 28, 2016, from <a href="https://web.archive.org/web/20160801063521/http://idt911.com/education/blog/3-ways-to-protect-your-company-against-malicious-insiders" target="_blank" rel="noopener noreferrer">http://idt911.com/education/blog/3-ways-to-protect-your-company-against-malicious-insiders</a>.</p>
<p>Burns, S. (2015, August 05). <em>Virtualization Security Tips: Preventing Hyper Jumping</em>. Retrieved July 28, 2016, from http://www.tomsitpro.com/articles/virtual-security-tips-hyper-jumping,2-776.html.</p>
<p>CloudPatterns. (n.d.). <em>Data Link and Network Layer Trust Boundary Isolation.</em> Retrieved July 28, 2016, from http://cloudpatterns.org/candidate_patterns/data_link_and_network_layer_trust_boundary_isolation.</p>
<p>Hargrave, V. (2012, November 28). <em>What Are Man-in-the-Middle Attacks and How Can I Protect Myself From Them? </em>Retrieved July 28, 2016, from <a href="http://blog.trendmicro.com/what-are-man-in-the-middle-attacks-and-how-can-i-protect-myself-from-them/" target="_blank" rel="noopener noreferrer">http://blog.trendmicro.com/what-are-man-in-the-middle-attacks-and-how-can-i-protect-myself-from-them/</a>.</p>
<p>OWASP Prevent SQL Injection. (2016, May 25). <em>SQL Injection Prevention Cheat Sheet. </em>Retrieved July 28, 2016, from <a href="https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html" target="_blank" rel="noopener noreferrer">https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet</a>.</p>
<p>Rashid, F. (2016, March 11). <em>The dirty dozen: 12 cloud security threats.</em> Retrieved July 27, 2016, from <a href="https://web.archive.org/web/20171127225731/https://www.infoworld.com/article/3041078/security/the-dirty-dozen-12-cloud-security-threats.html" target="_blank" rel="noopener noreferrer">http://www.infoworld.com/article/3041078/security/the-dirty-dozen-12-cloud-security-threats.html</a>.</p>
<p>Schultz, G. (2006, August 03). <em>Top 10 ways to secure your stored data.</em> Retrieved July 28, 2016, from <a href="https://web.archive.org/web/20190204122333/https://www.computerworld.com/article/2546352/data-center/top-10-ways-to-secure-your-stored-data.html" target="_blank" rel="noopener noreferrer">http://www.computerworld.com/article/2546352/data-center/top-10-ways-to-secure-your-stored-data.html</a>.</p>
<p>Weiss, A. (2012, July 02). <em>How to Prevent DoS Attacks.</em> Retrieved July 28, 2016, from <a href="https://web.archive.org/web/20191022184723/https://www.esecurityplanet.com/network-security/how-to-prevent-dos-attacks.html" target="_blank" rel="noopener noreferrer">http://www.esecurityplanet.com/network-security/how-to-prevent-dos-attacks.html</a>.</p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/security-threats-cloud-based-systems/">Security Threats to Cloud–Based Systems</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/security-threats-cloud-based-systems/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">333</post-id>	</item>
		<item>
		<title>Virtualization of IT Resources. Advantages &#038; Disadvantages</title>
		<link>https://zymitry.com/virtualization-of-it-resources/</link>
					<comments>https://zymitry.com/virtualization-of-it-resources/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Tue, 29 Nov 2016 19:02:58 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[advantages]]></category>
		<category><![CDATA[desktop]]></category>
		<category><![CDATA[disadvantages]]></category>
		<category><![CDATA[networks]]></category>
		<category><![CDATA[power]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[servers]]></category>
		<category><![CDATA[storage]]></category>
		<category><![CDATA[Virtualization]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=330</guid>

					<description><![CDATA[<p>Virtualization of IT resources Virtualization of IT resources has become a popular the past few years but has been around in some form for many years. Example;  thirty years ago IBM had virtual operating systems that allowed multiple copies of an operating system to run simultaneously on mainframe computers. Virtualization is the use of hardware… <span class="read-more"><a href="https://zymitry.com/virtualization-of-it-resources/">Read More: Virtualization of IT Resources. Advantages &#038; Disadvantages &#187;</a></span></p>
<p>The post <a href="https://zymitry.com/virtualization-of-it-resources/">Virtualization of IT Resources. Advantages &#038; Disadvantages</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h2>Virtualization of IT resources</h2>
<p>Virtualization of IT resources has become a popular the past few years but has been around in some form for many years. Example;  thirty years ago IBM had virtual operating systems that allowed multiple copies of an operating system to run simultaneously on mainframe computers. Virtualization is the use of hardware and software to create environments that are perceived as one or more different entities.  Example; virtualization can make one server appear as many different machines. Virtualization can create an appearance of multiple instances of Operating Systems (OS)’s, network resources, and storage that are actually being run from a single physical machine. Virtualization is method that converts physical IT resources into virtual resources.</p>
<p>&nbsp;</p>
<h4>Server Virtualization</h4>
<p>Server virtualization makes one server appear as many different servers. Virtual servers can support multiple OS’s of the same or different type. Virtual servers make use of a software layer called a hypervisor. OS’s are installed on the hypervisor software layer instead of directly on the physical hardware. The hypervisor manages each OS’s system execution and resources. Virtual servers provide the following benefits for businesses; they consume less power, have a smaller physical footprint, generate less heat costing less to cool, and they are easier to install and configure. Virtual servers also use physical resources more efficiently particularly CPU utilization. Load balancing and scaling allow virtual servers to be created as loads increase. In contrast when loads are lighter computing resources can be used for other operations reducing waste. Microsoft Hyper-V for example allows an organization to create and manage a virtualized computing environment by using virtualization technology that is built in to Windows Server. Hyper-V allows an organization to establish or expand cloud services, better utilize hardware, improve business continuity, establish or expand a virtual desktop infrastructure (VDI), and use virtual machines to reproduce different computing environments without the need for acquiring or maintaining all the hardware you would otherwise need.</p>
<p>&nbsp;</p>
<h4>Storage Virtualization</h4>
<p>Data virtualization separates physical data storage from logical presentation that users and applications can see. It hides the physical details of the actual storage device. Virtual storage can span many different drives and devices through the use of logical drives which provide the usable space that users and application can see and use. Virtual storage allows businesses to scale storage demand as needed, pay only for resources they need and as they go, transparent backup and data replication, support most common OS’s, users can access storage from most devices anywhere they have a network or internet connection, and it allows for easy file and folder sharing. Example; Dropbox provides software that creates a local virtual drive which will synchronize with cloud storage. This model allows users and application to interact with what appears to be a standard file folder. This type of virtualization provides business users a way to access their files from the Dropbox drive from any device that has an internet connection, automatically replicates their data for protection, and provides a way for users to share files and collaborate with others.</p>
<p>&nbsp;</p>
<h4>Network Virtualization</h4>
<p>Physical networks can be segmented into logical networks such as Virtual Local Area Networks (VLAN), and Virtual Private Networks (VPN). VLANS and VPN’s allow users a way to connect to resources remotely through the creation of a logical secure network. Example; with this model a remote user can connect to datacenter resources remotely through the internet using a VPN connection. The connection itself is created across the internet, host, and user networks, but to the user and the hosted resource, it appears that they are connected via a Local Area Network (LAN). VPN’s allow organizations a way to  establish secure encrypted communications between remote users and resources, simplify communications protocols which lowers costs, scalability, and provide a method for remote employees to access company resources securely and reliably. VLANS allow organizations to segment their physical networks into logical networks. Example, computers in the business office of an organizations connected together on a separate VLAN. VLAN’s benefit organizations by increasing network performance, simplify network management, and simplify and increase network security.  The ability to create VPN’s and VLAN’s is limited to network equipment capable of creating virtual network environments. Example, Cisco offers and extensive line of enterprise networking equipment capable of creating virtual networks for customers that range from small home and office users, to large scale data centers.</p>
<p>&nbsp;</p>
<h4>Power Virtualization</h4>
<p>Virtual Uninterruptible Power Supplies (UPS) allow organization supply power where it is needed, and reduce or power down equipment that is not in use. In combination with UPS management software, organizations can use virtual UPS to automatically scale up or down, or redirect power to mechanisms such as virtual machines as they are created or shut down. Virtual UPS solutions such as Critical Power are designed to work with most major VM vendor applications.</p>
<p>&nbsp;</p>
<h4>Virtual Desktops</h4>
<p>Desktop virtualization is a way to run multiple OS’s at the same time on the same machine. This has several advantages to an organization to include; the ability to run, and switch between, separate OS’s quickly, the ability to run different type OS’s from the same machine, eliminates the need for duplicate hardware, and reduces power consumption. An example of how this can benefit an organization would be a software tester. Running test applications inside virtual desktops eliminates the need to switch between physical machines. Another type of virtual desktop is Virtual Desktop Infrastructure (VDI). VDI allows a computer to pull its OS from the network when it powers up. The benefits of VDI to a business include; multiple users can use the same OS image. This reduces OS administration since updates only need to be applied to a few images instead of several separate machines. Users can choose different OS’s to use for different purposes, example, use Windows 7 for general use, but switch to Windows XP to use a legacy application that will not run in Windows 7. Reduced hardware cost since much of the storage and computing requirements are handled by the OS server. Reduce the need to troubleshoot diverse problems associated with several physical machines. Example, an OS problem can be trouble shot and corrected at the server or in the image instead of having to perform the same operation on every machine in the facility.</p>
<p>&nbsp;</p>
<h4>Summary</h4>
<p>The following are general advantages and disadvantages of virtualization:</p>
<p><strong>Advantages;</strong></p>
<ul>
<li>Increased device utilization, particularly CPU utilization.</li>
<li>Decreased physical device footprint.</li>
<li>Decreased power consumption.</li>
<li>Simplified OS and application administration.</li>
<li>Simplified provisioning and patch management.</li>
<li>Ease of scalability.</li>
<li>Increased user access to resources.</li>
<li>Better flexibility in managing multiple different OS’s.</li>
<li>More efficient management of software licenses.</li>
<li>Better utilization reporting leading to better capacity planning.</li>
<li>Improved disaster recovery and business continuity.</li>
</ul>
<p><strong>Disadvantages;</strong></p>
<ul>
<li>Additional staff training may be required to understand the use of virtualization technology.</li>
<li>Some applications are not well suited for virtualization. Some applications require specific hardware or drivers.</li>
<li>Virtualization adds overhead to computing resources making some applications slower.</li>
<li>Applications that depend on advanced graphics such as 3D modeling software, the required drivers can slow applications noticeably.</li>
</ul>
<p>&nbsp;</p>
<p>References</p>
<p>Brooke, B. (2014, December 31). What is VPN (virtual private network) and what are its advantages and disadvantages? Retrieved July 20, 2016, from https://www.quora.com/What-is-VPN-virtual-private-network-and-what-are-its-advantages-and-disadvantages.</p>
<p>Cisco Products. (n.d.). Cisco Products and Services. Retrieved July 20, 2016, from <a href="https://web.archive.org/web/20251126235628/https://www.cisco.com/c/en_in/products/index.html" target="_blank" rel="noopener">http://www.cisco.com/c/en_in/products/index.html</a>.</p>
<p>Critical Power. (n.d.). Virtualization and UPS Power Management. Retrieved July 20, 2016, from http://www.criticalpowersupplies.co.uk/virtualization-virtual-power-management.</p>
<p>Dropbox Sharing. (n.d.). Sharing files and folders. Retrieved July 20, 2016, from <a href="https://web.archive.org/web/20170426043607/https://www.dropbox.com/help/topics/sharing_files_and_folders" target="_blank" rel="noopener">https://www.dropbox.com/help/topics/sharing_files_and_folders</a>.</p>
<p>Harbaugh, L. (2012, March 22). The Pros and Cons of Using Virtual Desktop Infrastructure. Retrieved July 20, 2016, from <a href="https://web.archive.org/web/20210926014003/https://www.pcworld.com/article/252314/the_pros_and_cons_of_using_virtual_desktop_infrastructure.html" target="_blank" rel="noopener">http://www.pcworld.com/article/252314/the_pros_and_cons_of_using_virtual_desktop_infrastructure.html</a>.</p>
<p>Mahaney, B. (n.d.). VLAN &#8211; Benefits and Limitations. Retrieved July 20, 2016, from http://www.people.eku.edu/mahaneyb/CISStudentClub/1007/index.htm.</p>
<p>TechNet Hyper-V Overview. (2016, May 31). Hyper-V Overview. Retrieved July 20, 2016, from <a href="https://technet.microsoft.com/library/hh831531.aspx" target="_blank" rel="noopener">https://technet.microsoft.com/library/hh831531.aspx</a>.</p>
<p>&nbsp;</p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener">Disclaimer</a></p>
<p>The post <a href="https://zymitry.com/virtualization-of-it-resources/">Virtualization of IT Resources. Advantages &#038; Disadvantages</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/virtualization-of-it-resources/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">330</post-id>	</item>
		<item>
		<title>IDaaS, Cloud Data Storage, and Cloud Collaboration</title>
		<link>https://zymitry.com/idaas-data-storage-collaboration/</link>
					<comments>https://zymitry.com/idaas-data-storage-collaboration/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Mon, 28 Nov 2016 22:51:37 +0000</pubDate>
				<category><![CDATA[CISSP Series]]></category>
		<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[cloud collaboration]]></category>
		<category><![CDATA[cloud computing]]></category>
		<category><![CDATA[cloud data storage]]></category>
		<category><![CDATA[collaboration]]></category>
		<category><![CDATA[Data storage]]></category>
		<category><![CDATA[IaaS]]></category>
		<category><![CDATA[identification as a service]]></category>
		<category><![CDATA[PaaS]]></category>
		<category><![CDATA[SaaS]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=327</guid>

					<description><![CDATA[<p>This article explores the concepts of IDaaS (Identification as a Service), cloud data storage, and cloud collaboration. IDaaS simplifies user identification and authentication, while cloud data storage offers scalability and accessibility. Cloud collaboration tools facilitate remote interactions and teamwork. However, it is important to consider potential risks such as single points of failure in IDaaS systems, speed limitations in cloud storage, and the risk of abandoned data accounts. Organizations and users should carefully evaluate the benefits and risks before adopting these cloud-based services.</p>
<p>The post <a href="https://zymitry.com/idaas-data-storage-collaboration/">IDaaS, Cloud Data Storage, and Cloud Collaboration</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1>IDaaS, Cloud Data Storage, and Cloud Collaboration</h1>
<p>&nbsp;</p>
<p><strong>IDaaS, Cloud Data Storage, and Cloud Collaboration</strong></p>
<p><em>Revised July 03, 2023</em></p>
<p>The emergence of wide-spread Internet access combined with the development of cloud-based infrastructure, platform, and Software as a Service (SaaS) has created an environment where organizations and everyday users have access to vast amounts of computing resources and applications at the click of a button. In addition to Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and SaaS, cloud computing also encompasses services such as Identification as a Service (IDaaS), Data Storage in the Cloud, and Collaboration in the Cloud.</p>
<h4>Identification as a Service (IDaaS):</h4>
<p>IDaaS is a service that provides cloud-based ID management, simplifying user identification and authentication processes.</p>
<p>Advantages of IDaaS:</p>
<ul>
<li>Fewer accounts and passwords for users to manage</li>
<li>Reduced password fatigue</li>
<li>Time savings by logging into multiple systems with a single sign-on</li>
<li>Centralized administration of user accounts</li>
</ul>
<p>Disadvantages of IDaaS:</p>
<ul>
<li>Single point of failure if the authentication server goes down</li>
<li>Single breach point if a user account is compromised</li>
<li>Dependence on reliable network connectivity</li>
<li>Integration challenges with existing systems</li>
</ul>
<h4>Data Storage in the Cloud:</h4>
<p>Cloud storage enables users to access their data from any internet-connected device through web browsers, client software, or APIs.</p>
<p>Advantages of cloud-based storage:</p>
<ul>
<li>Scalability to accommodate changing storage needs</li>
<li>Cost-effectiveness by paying only for the storage used</li>
<li>Data backup, redundancy, and replication provided by cloud storage providers</li>
<li>Ease of access through web-based interfaces and mapped logical drives</li>
</ul>
<p>Disadvantages of cloud-based storage:</p>
<ul>
<li>Relatively slower speed compared to local drives</li>
<li>Concerns about data security and privacy</li>
<li>Risk of data abandonment if users abandon their cloud-based accounts</li>
<li>Dependence on reliable internet connectivity</li>
</ul>
<h4>Collaboration in the Cloud:</h4>
<p>Cloud-based collaboration tools facilitate remote collaboration and eliminate the need for physical interaction.</p>
<p>Benefits of cloud collaboration:</p>
<ul>
<li>Reduced travel costs and time for business staff</li>
<li>Savings on meeting space expenses</li>
<li>Increased productivity by eliminating the need for travel</li>
<li>Expanded opportunities for participation in meetings and training</li>
<li>Efficient virtual meetings compared to face-to-face meetings</li>
</ul>
<h4>Summary</h4>
<p>IDaaS simplifies user login management through single sign-on, despite potential risks. Cloud data storage offers scalability, cost-efficiency, and easy accessibility. Cloud collaboration tools enhance remote collaboration, saving time and costs associated with physical interaction.</p>
<h4>References</h4>
<p>Palmer, G. Security Notes (2017-2023)</p>
<p>https://www.sunflower-cissp.com/glossary/cissp/2976/identity-as-a-service-or-identity-and-access-as-a-service-idaas</p>
<p><a href="https://www.techadvisor.com/article/723415/best-cloud-storage.html" target="_blank" rel="noopener noreferrer">https://www.techadvisor.com/test-centre/internet/best-cloud-storage-3614269/</a>.</p>
<p><a href="https://web.archive.org/web/20150326055014/https://www.neustar.biz/blog/what-is-single-sign-on-deployment-pros-cons" target="_blank" rel="noopener noreferrer">https://www.neustar.biz/blog/what-is-single-sign-on-deployment-pros-cons</a>.</p>
<p><a href="https://msdn.microsoft.com/en-us/library/dd586632(v=office.11).aspx" target="_blank" rel="noopener noreferrer">https://msdn.microsoft.com/en-us/library/dd586632(v=office.11).aspx</a>.</p>
<p><a href="https://web.archive.org/web/20240927045312/https://smallbusiness.chron.com/benefits-virtual-meetings-71540.html" target="_blank" rel="noopener noreferrer">http://smallbusiness.chron.com/benefits-virtual-meetings-71540.html</a></p>
<h4>Additional Articles</h4>
<p><a href="https://zymitry.com/understanding-business-continuity-planning/" target="_blank" rel="noopener">Understanding Business Continuity Planning</a></p>
<p><a href="https://zymitry.com/framework-policy-development-team/" target="_blank" rel="noopener">IT &amp; Security Framework and Policy Development Team</a></p>
<p><a href="https://zymitry.com/virtualization-of-it-resources/" target="_blank" rel="noopener">Virtualization of IT Resources. Advantages &amp; Disadvantages</a></p>
<p><a href="https://zymitry.com/artificial-intelligence-implications-exploration/" target="_blank" rel="noopener">Exploring the Implications of Artificial Intelligence</a></p>
<p><a href="https://zymitry.com/artificial-intelligence-texas-higher-ed/" target="_blank" rel="noopener">Artificial Intelligence in Texas Higher Education: Ethical Considerations, Privacy, and Security</a></p>
<p>&nbsp;</p>
<p><span style="font-size: 10pt;"><strong>Note:</strong> <em>This article has been drafted and improved with the assistance of AI, incorporating ChatGPT suggestions and revisions to enhance clarity and coherence. The original research, decision-making, and final content selection were performed by a human author.</em></span></p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p><a href="https://zymitry.com/terms-conditions-use/" target="_blank" rel="noopener">Terms and Conditions of Use</a></p>
<p>The post <a href="https://zymitry.com/idaas-data-storage-collaboration/">IDaaS, Cloud Data Storage, and Cloud Collaboration</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/idaas-data-storage-collaboration/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">327</post-id>	</item>
		<item>
		<title>Cloud Computing Models -SaaS, PaaS, IaaS</title>
		<link>https://zymitry.com/cloud-computing-saas-paas-iaas/</link>
					<comments>https://zymitry.com/cloud-computing-saas-paas-iaas/#respond</comments>
		
		<dc:creator><![CDATA[Greg Palmer]]></dc:creator>
		<pubDate>Mon, 28 Nov 2016 21:19:45 +0000</pubDate>
				<category><![CDATA[Cloud Computing]]></category>
		<category><![CDATA[cloud computing]]></category>
		<category><![CDATA[IaaS]]></category>
		<category><![CDATA[infrastructure as a service]]></category>
		<category><![CDATA[PaaS]]></category>
		<category><![CDATA[platform as a service]]></category>
		<category><![CDATA[SaaS]]></category>
		<category><![CDATA[software as a service]]></category>
		<guid isPermaLink="false">http://zymitry.com/?p=323</guid>

					<description><![CDATA[<p>Discover the different models of cloud computing - SaaS, PaaS, and IaaS. Understand the advantages and disadvantages of each model and how they can benefit your organization. Explore the scalability, cost savings, and flexibility that cloud computing offers, as well as the considerations for data security, integration with existing systems, and service agreements. Stay informed about the evolving cloud paradigm and its impact on computing in today's digital landscape.</p>
<p>The post <a href="https://zymitry.com/cloud-computing-saas-paas-iaas/">Cloud Computing Models -SaaS, PaaS, IaaS</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1>Cloud Computing Models -SaaS, PaaS, IaaS</h1>
<p>&nbsp;</p>
<p><strong>Cloud Computing Models -SaaS, PaaS, IaaS</strong></p>
<p><em>Revised July 03, 2023</em></p>
<p>Explore the different cloud computing models &#8211; Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) &#8211; and discover their advantages, disadvantages, and the impact they have on organizations.</p>
<h4>Software as a Service (SaaS)</h4>
<p>SaaS is a cloud computing model that allows users to access software, programs, and data from the cloud. Users can access SaaS services through a web browser, eliminating the need for in-house hosted applications and infrastructure. SaaS applications are typically multi-tenant solutions, where multiple organizations share the same resources, including database resources.</p>
<p><strong>Advantages of SaaS:</strong></p>
<ol>
<li>Reduction or elimination of the need for on-site data centers.</li>
<li>Elimination of application administration responsibilities.</li>
<li>Pay-per-user basis for on-demand software usage.</li>
<li>Scalability of applications, storage, and processing to accommodate higher demand.</li>
<li>Improved disaster recovery and business continuity with data stored locally and in the cloud.</li>
</ol>
<p><strong>Disadvantages of SaaS:</strong></p>
<ol>
<li>Security concerns as sensitive data is entrusted to a third-party provider.</li>
<li>Potential service outages that need to be addressed in Service Level Agreements (SLAs).</li>
<li>Compliance with specific business and security laws may be required.</li>
<li>Some applications may not be well-suited for running in a browser.</li>
<li>Availability of the SaaS application depends on reliable network connectivity.</li>
<li>Integration with existing and legacy applications may be challenging, relying on APIs and interfaces provided by the cloud vendor.</li>
</ol>
<h4>Platform as a Service (PaaS)</h4>
<p>PaaS is a cloud computing model that provides developers with software and hardware resources to build and deploy their own applications. With PaaS, organizations can eliminate the need to purchase and maintain hardware, operating systems, and databases. PaaS offers Windows-based and Linux-based solutions for application development.</p>
<p><strong>Advantages of PaaS:</strong></p>
<ol>
<li>Lower cost of ownership by eliminating the need for server, power, and storage hardware.</li>
<li>Reduced administrative overhead as maintenance and administration tasks are handled by the cloud vendor.</li>
<li>Automatic updates of system software and patches by the cloud vendor.</li>
<li>Alignment of business and IT goals, allowing IT staff to focus on solutions instead of server maintenance.</li>
<li>Scalability of cloud solutions to match demand, resulting in cost optimization.</li>
</ol>
<p><strong>Disadvantages of PaaS:</strong></p>
<ol>
<li>Data security concerns for organizations reluctant to move storage off-site.</li>
<li>Integration challenges between new cloud solutions and legacy software.</li>
<li>Risk of service agreement breaches by the PaaS provider, potentially making application migration difficult.</li>
</ol>
<h4>Infrastructure as a Service (IaaS)</h4>
<p>IaaS is a cloud computing model where the cloud vendor provides computing hardware and resources for customers to install and manage their own systems. In this model, customers have control over the operating systems and management of their environment through a web-based application. IaaS allows organizations to deploy their own data centers without the need to purchase and maintain hardware, providing control over system management and security. Customers only pay for the resources they use.</p>
<p><strong>Advantages of IaaS:</strong></p>
<ol>
<li>Elimination of data center hardware and maintenance staff.</li>
<li>Scalability to meet changing resource needs.</li>
<li>Lower hardware costs by utilizing cloud infrastructure.</li>
<li>Pay-as-you-go billing model for cost optimization.</li>
<li>Reduced IT staff requirements with easy setup of test environments using virtualization.</li>
<li>Retention of full system administration and management control.</li>
</ol>
<p><strong>Disadvantages of IaaS:</strong></p>
<ol>
<li>Higher cost compared to other cloud models due to tangible resource usage.</li>
<li>Customer responsibility for configuring load balancing, fail-over, and backups.</li>
<li>Customer management of virtual machines (VMs) required.</li>
<li>Limited control over the geographic location of data.</li>
</ol>
<p>In summary, cloud computing offers different models (SaaS, PaaS, IaaS) to meet diverse organizational needs. Each model comes with its own set of advantages and disadvantages, allowing organizations to choose the most suitable option based on their requirements.</p>
<p>&nbsp;</p>
<h4>References</h4>
<p><a href="https://aws.amazon.com/types-of-cloud-computing/" target="_blank" rel="noopener">https://aws.amazon.com/types-of-cloud-computing/</a></p>
<p><a href="https://web.archive.org/web/20241002132109/https://www.doi.gov/cloud/service" target="_blank" rel="noopener">https://www.doi.gov/cloud/service</a></p>
<p>http://aiasecurity.com/2015/09/10/advantages-and-disadvantages-of-saaspaas-and-iaas/.</p>
<p><a href="http://www.zdnet.com/article/saas-pros-cons-and-leading-vendors/" target="_blank" rel="noopener noreferrer">http://www.zdnet.com/article/saas-pros-cons-and-leading-vendors/</a>.</p>
<p>http://www.opengroup.org/cloud/cloud/cloud_for_business/why.htm.</p>
<h4>Additional Articles</h4>
<p><a href="https://zymitry.com/dns-security-threats/" target="_blank" rel="noopener">Domain Name System (DNS) Security Threats</a></p>
<p><a href="https://zymitry.com/vpn-security-monitoring-controls/" target="_blank" rel="noopener">Virtual Private Network (VPN) Security and Monitoring Controls</a></p>
<p><a href="https://zymitry.com/bastion-host/" target="_blank" rel="noopener">Bastion Host Overview</a></p>
<p><a href="https://zymitry.com/artificial-intelligence-implications-exploration/" target="_blank" rel="noopener">Exploring the Implications of Artificial Intelligence</a></p>
<p><a href="https://zymitry.com/artificial-intelligence-texas-higher-ed/" target="_blank" rel="noopener">Artificial Intelligence in Texas Higher Education: Ethical Considerations, Privacy, and Security</a></p>
<p>&nbsp;</p>
<p><span style="font-size: 10pt;"><strong>Note:</strong> <em>This article has been drafted and improved with the assistance of AI, incorporating ChatGPT suggestions and revisions to enhance clarity and coherence. The original research, decision-making, and final content selection were performed by a human author.</em></span></p>
<p><a href="http://zymitry.com/zymitry-disclaimer/" target="_blank" rel="noopener noreferrer">Disclaimer</a></p>
<p><a href="https://zymitry.com/terms-conditions-use/" target="_blank" rel="noopener">Terms and Conditions of Use</a></p>
<p>The post <a href="https://zymitry.com/cloud-computing-saas-paas-iaas/">Cloud Computing Models -SaaS, PaaS, IaaS</a> appeared first on <a href="https://zymitry.com"></a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://zymitry.com/cloud-computing-saas-paas-iaas/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
		<post-id xmlns="com-wordpress:feed-additions:1">323</post-id>	</item>
	</channel>
</rss>
