cloud computing: the critical...
TRANSCRIPT
Cloud Computing: the Critical issues
Kiran Sandford Head of IT Group Mishcon de Reya [email protected] + 44 207 4407066
National Institute of Standards and Technology (US) definition
A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g. networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interactions.
Overview
§ High on the corporate agenda § Different types of Cloud Computing § Critical issues in contracts with a cloud supplier § Key risks and challenges § Security and data protection issues § What makes this different from other services agreements
What is Cloud Computing
§ Delivering of IT services over the Internet § Software as a Service (SaaS) § Platform as a Service (PaaS) § Infrastructure as a Service (IaaS)
Software as a Service (Saas)
§ Remote hosting and management of software (e.g. email) § Standard product allowing a one to many model § May be most suited to SMEs § Hybrid models suitable for larger companies
Platform as a Service (PaaS)
§ Platform for third parties to host software to provide to customers § Suitable for smaller software vendors § E.g. Amazon web services, Apple, Google and Facebook
Infrastructure as a Service (IaaS)
§ Shared infrastructure resources (e.g. service and data centre facilities) § Storage § Processing § Useful for additional demand (cloud-bursting)
Cloud Computing Structure
§ Private Cloud – single tenant, private network, no shared resources § In-house IT department (customer owned, operated and managed data
centre) § Outsourced IT: customer owned, vendor managed § Public Cloud § External hosting: vendor owned – operated – managed. Example: co-
location data / computing centre
Benefits of Cloud Computing
§ Costs management / scaleability § Access anywhere anytime § Management of peaks and troughs § Elasticity
Risks
§ Standard terms § Integration § Lack of control § Potential for hidden costs § Quality -v- costs § Reliance on internet connectivity
Risks Privacy / Security
§ Practical issues § Data transfers § Data Protection issues § Security § Access to data § Security review
Negotiating the Contract
§ Defining the requirements § Vendor track record § Consider the rationale – is this right for your organisation?
Some Core Issues
§ Differences from software licensing § Standard agreements § May be room for negotiation in higher value / hybrid services
Key Operational Risks
§ Data protection / Backup § Business continuity / Disaster recovery § Privacy and security Auditing / Logging § Key contracting goals driven by objectives § SaaS - reliability of service for business critical applications essential § IaaS – flexible, accessible, scalable, computing power - critical § PaaS – reliability of platform critical with ability to control software
applications and data
Service Levels
§ Differences from standard licence § Response time / Performance and measurement § Storage, capacity § Metrics and remedies § Help desk § Security breaches § Consider levels of obligation § Remedies for SLA failures, service credits, fixed percentage or peered
Disaster Recovery
§ Critical as controlled by vendor § Consider location of back-up systems § Response time to restore
and if it goes wrong
§ Termination for convenience § Right to access data after termination and during contract § Intermission capacity
Thank you and Questions
Kiran Sandford Head of IT Group Mishcon de Reya [email protected] + 44 207 4407066