[Info Graphic] Costs: Private vs. Public Cloud

 

Here’s an interesting Info Graphic on Private vs. Public Cloud. My Favourite part is the following code snippet which is found on the left hand side of the graphic below the red light saber.

if ($CompanyWorth >= 1 billion dollar)
{
   $PrivateCloud = "Yes."
} else {
   $PrivateCloud = "Try the public cloud."
}
//end cloud computing evaluation.

[Note: Visualization was removed]

BOF05: Is my data really secure in the Cloud?

Hey Folks, Welcome to another live blog from TechEd 2011 in Atlanta, Georgia.

This is my first Birds of Feather session so it should be rather interesting, before we start lets break down the rules of engagement.

  1. “Birds Nest” – There are six chairs in the front of the room where attendees can come sit and participate in the on-going discussion. One chair will always be left empty to “invite” a new participant. If a new Participant joins the Birds Nest, one of the active participates must leave. the Moderator will facilitate attendees joining or leaving the Birds Nest.
  2. Stand-Up Microphones – There are stand-based microphone in each of the two aisles in the BOF room. Attendees will have the opportunity to line-up at either microphone to add a quick question or comment. Anyone wanting to participate in more depth will be asking to join the Birds Nest. However you do not need to ask a question at the stand-up microphone to join the birds nest.

**Lucky me, I got stuck in the birds nest.

Is Private Cloud more Secure than Public Cloud

Questions to Ask:

Public/Private Cloud Concerns

  • What are the physical security requirements?
  • Encryption of Data
    • Over the wire?
    • At Rest?
  • How do you prevent [D]DOS from your Cloud Applications
    • Anti-Hacking
      • Cloud Provider Employee Security
      • Compliance
      • Multi-tenancy
  • Disaster Recovery
    • Backup
    • Redundancy
  • Auditing& Certification
    • SAS-70
    • PCI
  • Authorization & Authentication
    • How Quickly can I change Access Control?
  • Exit Strategy
    • What happens if I change providers?
  • Data Storage
    • E-Discovery (Easy of Access)
    • Archiving
    • Data Loss

Breaking down the Concerns

Physical Security

Large Cloud Providers have a large budget and a lot of brains for providing better Virtual Security. However there are many concerns about Physical security. Should Cloud Providers allow tours? The majority of the room thinks that a tour should be provided (I think there should be Beer Provided as well).

What has the greater percentage of loss? Internal Hacking or External Hacking? Only 5% of the room was wrong and thought that External Hacking would expose more data.

A thing to note is that a typical Internal Data Loss is through a Employee of 7 plus years of Service as they know all the Security Policies, the concerns and what data would be of the most use to them.

Data Security also comes into play with Cloud providers:

  • Are you sure my data is within the regions I’ve specified
    • Can they Audit that your Data is where it should be
  • Is it a good thing that my data is distributed across many data centers?
  • Do Cloud Providers allow you to access Audit Logs
    • What is the Expiry on logs

Anti-Hacking

Can someone plug into my VM or Access my Storage nodes. Hyper-Jacking is a term that is used to explain about someone breaking into the Virtualized Sandbox where your Virtual Compute instance.

Multi-tenancy

Can the Cloud provider isolate my VMs or Storage from my competitors? Could that be part of my SLA? Should the Cloud Provider be transparent to the point that they can give away the list of their Customers in order to ensure you aren’t around your competitors.

This is a great place where you need to understand want Data you would like to publish to the Cloud and which Data you would maintain On-Premises.

Exit Strategy

It’s always good to have a Plan B, or some sort of Exit Plan.  A great point was made by an Audience member said that the SLA should Provide sort parts of your Exit Strategy.

Should a Cloud provider make it easier for you to migrate your data off of their platform? Once your data is removed from their Storage Service what level of “Removal” is provided? Would they destruct the Hard Drive?

Your exit strategy is something that should be identified upfront, if you think ahead you could ensure that your data isn’t at risk when you look to leave your particular Cloud Provider.

Resources:

A Walk Through of a Windows Azure Data Center

Note: This is by no means anything new, but I’ve been referring a lot of people to it lately so I thought that I should share it with my readership on my blog. The Following video was recorded by Scott Hanselman at PDC09.

Have you ever wondered what a Windows Azure Data Container looked like? Perhaps you’ve been curious how Microsoft keeps their services cool in these vast shipping containers we all know an love as the Windows Azure Cloud.

Patrick Yantz a Cloud Architect from Data Center Services at Microsoft gives follow Program Manager Scott Hanselman a tour of a Proof of Concept (PoC) Data Center.

A Tour of a Cloud

The video is about 16 minutes long and provides a lot of information about the Technologies Microsoft Leveraged to create their Data Centers.

Building a Cloud

Microsoft has released another video that shows how the Data Containers are built. Just incase you’re curious, here is the video that shows the production of a Windows Azure G4 Data Container.

Get Microsoft Silverlight

The video is about 3 minutes in length.

Happy Clouding!

I Propose a Change!

Many of you may have heard, when reading a fortune cookie, you should append ‘in bed’ to the end of the fortune.

I stand here today before you proposing a change. With everything moving towards Cloud Computing, I ask of you my fellow readers, to follow me in my efforts to change the appended ‘in bed’ to ‘in the cloud’.

fortune_cookie

Change is coming… in the Cloud.

OpenGuelph + OpenHalton: Open Data Hackathon

OpenGuelphOn December 4th [8:45-6:00pm], join @OpenGuelph and @OpenHalton at the Campus in Microsoft Mississauga 1950 Meadowvale Blvd. Mississauga, Ontario] for International Open Data Hackathon Day.

Register for the event soon, as our sponsors Port25.ca will be providing transportation to (and from) the Event if you live in Guelph.

For more information on the happenings at the OpenGuelph/OpenHalton Hackathon visit the wiki page.

Oh, I almost forgot to mention. To keep people motivated, fed and well exercised there will be a free pizza lunch as well as an Xbox360 with Kinect.

Cloud Camp Toronto – October 26

Photo Credit: Office Space Toronto

If you’re interested in the Cloud Computing and would like to get an a good idea of what Cloud Providers there are out there (I’d suggest Windows Azure) and how people are Architecting their Cloud Applications, Cloud Camp Toronto is the place for you.

CloudCamp is an unconference where early adopters of Cloud Computing technologies exchange ideas. With the rapid change occurring in the industry, we need a place where we can meet to share our experiences, challenges and solutions. At CloudCamp, you are encouraged to share your thoughts in several open discussions, as we strive for the advancement of Cloud Computing. End users, IT professionals and vendors are all encouraged to participate.

Be sure to Register for the Event and I look forward to seeing you there!