© JBOY/Shutterstock
Figures and tables are indicated by f and t following page numbers.
A
Accessibility, designing for, 279
Account management, 70
Account provisioning, 70
ADP, SaaS solution, 27
Alertra system uptime monitoring, 305–306, 305f
Amazon Elastic Compute Cloud (Amazon EC2), 8
Amazon pricing calculator, 262
Amazon Simple Storage Service (S3), 10
Amazon Web Services (AWS), 9–10, 45, 92
Antivirus software, 141–142, 141f, 163
Apache Hadoop Distributed File System, 87–89, 88f
API (application program interface), 33, 183, 233, 237, 237f
Apple iCloud, 2–3, 3f, 81–82, 82f
Application characteristics, 221
Application program interface (API), 33, 183, 233, 237, 237f
Apps
defined, 233
web applications vs., 235–236, 236f
Architecture, 182
"as-a-service" solutions, 195–197, 196f
Audit capabilities, 202
Auditing, 279–280. See also specific applications
Audit logging process, 70
Authentication, 69
Authorization, 69
Availability, designing for, 280
B
Backups
cloud-based systems, 86–88, 87f
designing for, 280
functions of, 160
Berkeley Open Infrastructure for Network Computing (BOINC), 14
Berkeley view of cloud computing, 320
Black box, 186
Blade servers, 44, 44f, 120, 122–123, 122–123f
Block storage, 92
Blogs (web logs), 109–110, 110f
Bottleneck, defined, 303
Bring your own device (BYOD), 239
Business continuity, 157–176. See also Security
defined, 164
disaster recovery plan, 170–174, 281
service-level agreements, 169–170, 194, 308
threats. See Threats
Business impact and economics, 259–271
chargebacks, 267
key performance indicators, 268, 269–270t
Moore's Law, 267
Business strategy, 246, 247, 249
BYOD (Bring your own device), 239
C
Caching, 309
CADF (Cloud Auditing Data Federation), 15
Calendar management, 113–114, 114f
California Consumer Protection Act (CCPA), 204, 204f
Call centers as a service (CCaaS), 17, 169
Capability Maturity Model (CMM), 248, 248t
Capacity planning, 206–207, 280, 308
Capital expenditures (CAPEX), 263
Carbonite cloud-based backup software, 86–88, 88f
Carbonite, SaaS solution, 28–29, 29f
CCaaS (Call centers as a service), 17
CCPA (California Consumer Protection Act), 204, 204f
CDMI (Cloud Data Management Interface), 92, 93f
CDNs (Content delivery networks), 92
Certificate of Cloud Security Knowledge, 147
Chargebacks, 267
Cisco, IBSG presentation, 321, 321f
Cloud Auditing Data Federation (CADF), 15
Cloud-based block storage devices, 92
Cloud-based database, 47
Cloud-based data storage systems, 81–87
Cloud-based network-attached storage (CloudNAS) devices, 60–61, 61, 61f
governance. See Governance issues
scalability. See Scalability
uses of, 10
virtualization. See Virtualization
Cloud Data Management Interface (CDMI), 92, 93f
Cloud elasticity, 11
Cloud Management Work Group (CMWG), 15
Cloud migration. See Migrating to cloud
Cloud-native applications, 293
Cloud provisioning, 198
Cloud Security Alliance (CSA), 147, 148f
Cloud service models, 7–10, 7t
Cloud sprawl, 198
Cloud Standards Customer Council (CSCC), 16
CloudTimes, publishing, 322
CMM (Capability Maturity Model), 248, 248t
CMWG (Cloud Management Work Group), 15
COBIT (Control Objectives for Information and Related Technology), 251, 252f
cloud-native applications, 293
cloud solution, 292, 292f, 295
continuous deployment, 293
function codes, 185
Google App Engine, 40–41, 40f, 41f
Hello, Cloud World!, 295, 295f
load testing, 293
open-source solutions, 293
overview, 291
serverless computing, 297, 297f
simple e-commerce solution, 294
Cold storage, 92
calendar management, 113–114, 114f
file sharing, 83, 105–109, 106–108f
instant messaging, 102–103, 102–103f
meetings, 27–28, 28f, 111, 111f
phone and fax systems, 103–105, 104–105f, 169, 234, 234f, 235t
presentations and lectures, 112, 112f
social media, 113
streaming media and video, 114–115
tools, 100
Committee of Sponsoring Organizations (COSO), 250–251t
Configuration management, 281
Containerization, 133
Content delivery networks (CDNs), 92
Continuous deployment, 293
Control Objectives for Information and Related Technology (COBIT), 251, 252f
Corporate Auditing, Accountability, and Responsibility Act (2002), 254
Corporate governance, 246–252, 246f. See also Governance issues
COSO (Committee of Sponsoring Organizations), 250–251t
Coupling, 185
CSA (Cloud Security Alliance), 147, 148f
CSCC (Cloud Standards Customer Council), 16
Customer relationship management (CRM), 24
D
Database as a Service (DBaas), 17
Database solutions, 89–91, 90–91f
Database system failures, 168–169, 168f
Data centers, 54–55, 54–56f, 268, 268f
Datadog cloud monitoring, 206, 206f
Datadog performance benchmark, 307, 307f
Data integration, 202
Data logging requirements, 307–308
Data privacy requirements, 203–205
backup systems (See Backups)
block storage, 92
cloud-based systems, 81–87, 160, 160f
content delivery networks, 92
database solutions, 89–91, 90–91f
file systems, 80, 81, 87–89, 88f
hot vs. cold storage, 92
network storage, 80–81, 80–81f
off-site solutions, 28–29, 29f, 59, 159
overview, 79
virtualization, 120, 132–133, 132f
Data-storage wiping, 142–143, 143f
DBaas (Database as a Service), 17
DDos (Distributed denial-of-service) attacks, 143–144, 144f
Dedicated virtual servers, 62
Denial-of-service attacks, 143
Deployment models, 6–7, 6f, 6t
Deployment of applications, 223–224, 281
development environment, 278–279
overview, 277
system requirements, 278
team identification, 278
Desktop failures, 166
Desktop virtualization, 12, 12f, 120, 125–129, 126–129f
Development environment, 278–279
Device screens, 145
Diminishing returns, 308–309, 309f
Disaster recovery, 281
Disaster recovery as a service (DRaaS), 17, 162
Disaster recovery plan (DRP), 170–174
Disgruntled employees, 165
Distributed denial-of-service (DDos) attacks, 143–144, 144f
Distributed Management Task Force Inc. (DMTF), 15, 201, 201f
Document management, 31–32, 31f, 32f
Domain-name server (DNS), 57
DRaaS (Disaster recovery as a service), 17
Dropbox, file sharing and synchronization, 83
DRP (disaster recovery plan), 170–174. See also Security
Dumb terminals, 42
E
EC2 (Amazon Elastic Compute Cloud), 8
Economics, defined, 259. See also Business impact and economics
Email, 239
Employees, disgruntled or malicious, 145–146, 165
Energy aware appliances, 323
Environmental concerns, 122, 282
European Network and Information Security Agency (ENISA), 149, 149f
F
Facebook, 34
Fax systems, 103–105, 104–105f
Federated identity management (FIDM), 69–70
File backups. See Backups
File sharing, 83, 105–109, 106–108f
File systems, 61, 80, 81, 87–89, 88f
File transfer protocol (FTP), 44, 292, 292f, 296, 296f
5 Rs, of cloud migration, 223
framework, defined, 218
FTP (File transfer protocol), 44, 292, 292f, 296, 296f
Functional requirements, 278
Function codes, 185
Future of cloud computing, 315–325
Berkeley view of, 320
location-aware applications, 319
mobile applications, 323–324, 324f
smart devices, 323
social media, 321
time to market and, 324
G
GAE (Google App Engine), 40–41, 40f, 41f
Ganglia Monitoring System, 303
General Data Protection Regulation (GDPR), 203
Generation designations of cell phone technology, 235, 235t
Global positioning system (GPS), 319
Gmail, 13
Goals and requirements of system, 217–218
GoDaddy, PaaS solution, 46, 46f
Google App Engine (GAE), 40–41, 40f, 41f
Google Cloud Platform (GCP), 13
Google Cloud Platform calculator, 265–266, 265f
Google voice phone system, 104, 105f
GoToMeeting, 112
cloud computing and, 225, 254–255
corporate environment and, 246–252, 246f
information technology and, 253–255, 253f
overview, 245
web services and, 189
GPS (global positioning system), 319
Graphics-intensive applications, 133
H
Hadoop Distributed File System (HDFS), 89
Halon systems, 164
Hardware requirements and virtualization, 133
Healthcare medical records systems, 89, 89f
Hello, Cloud World!, 295, 295f
Help desk procedures and solutions, 202, 222, 222f
Hot storage, 92
Hula, streaming content, 115
Human resources management, 26, 27
Hyperjacking attack, 146
Hypervisor, 125
I
IBSG (Internet Business Solutions Group), 321, 321f
iCloud, Apple, 2–3, 3f, 81–82, 82f
IDaaS (Identification as a Service), 17
Identification as a Service (IDaaS), 17, 67–75
mobile-identity management, 73–74
multifactor authentication, 70–72, 71f
overview, 67
ID management as a service (IDaaS). See Identification as a Service (IDaaS)
IM (instant messaging), 102–103, 102–103f
Inadequate device resources, 74
Industry-specific data storage, 89, 89f
Information Systems Audit Control Association (ISACA), 251
Information technology, 42–45, 42–45f, 253–255, 253f
Information Technology Infrastructure Library (ITIL), 208
Infrastructure as a Service (IaaS), 53–64
advantages of, 61
cloud-based NAS devices, 60–61, 61f
Infrastructure as code (IaC), 198, 281
Instant messaging (IM), 102–103, 102–103f
Integrated development environment (IDE), 47
Internet Business Solutions Group (IBSG), 321, 321f
Internet of Things (IoT), 316, 316f
Internet Protocol (IP) address, 295
Internet service providers (ISPs), 43–44, 43f
Interoperability, 186–188, 282
Intrusion detection systems (IDSs), 150
Iron Mountain, off-site tape vaulting, 159
ISACA (Information Systems Audit Control Association), 251
ISPs (Internet service providers), 43, 43f
IT governance, 253
ITIL (Information Technology Infrastructure Library), 208
iTunes, 2
J
Jitterbit cloud integration, 202
K
L
Leveraging managed service solutions, 195–197, 196f
Load-balancing, 56–58, 57–58f , 302–303, 302f
Local area network (LAN), 129, 130f
Location-aware applications, 319
Loosely coupled web services, 185
M
macOS, parallels desktop virtualization for, 126, 127f
Malicious employees, security and, 145–146
Managed service, 286
argument, 195
"as-a-service" solutions, 195–197, 196f
backups. See Backups
capacity planning, 206–207, 280, 308
cloud provisioning, 198
data privacy requirements, 203–205
help-desk procedures, 202
ITIL, 208
logs and audit capabilities, 202
overview, 193
return on investment, 205–206, 224, 264–266
scaling capabilities, 185, 186f, 206–207, 303
security policies and procedures, 203
service-level agreements, 169–170, 194–195, 195f, 308
shared responsibility, 197–198
solution testing and validation, 207
source code-escrow agreement, 199, 200f
technical support, 202
vendor lock-in, 199
Man-in-the-middle attacks, 74, 145, 145f
McAfee Security, as a Service, 141–142, 141f
Mean time between failure (MTBF), 158–159
Media presentations, 112, 114–115
Meetings, 27–28, 28f, 111, 111f
Methods (remote-procedure calls), 182
MFA (Multifactor authentication), 70–72, 71f, 238, 239f
Microservices, 183
Microsoft Azure platform, 4–5, 5f
Microsoft Azure pricing calculator, 264, 264f
Microsoft Cloud Adoption Framework, for Azure, 218, 218f
Microsoft Exchange, in Azure, 101
Microsoft Hyper-V technology, 124–125
Microsoft, impact of cloud computing, 319
Microsoft Office 365, 31–32, 31f, 32f, 107–108, 108f
Microsoft OneDrive, 83–85, 84–85f
Microsoft SharePoint Online, 108–109
Middleware, 282
application characteristics, 221
change-management practices, 226
formalizing criteria, 219
goals and requirements, 217–218
governance issues, 225, 254–255
help desk procedures and solutions, 222, 222f
reserved instances, 224
training requirements, 223
working with vendors, 219
Migration to Google Cloud, 220, 220f
Mobile cloud, defined, 233
Mobile collaboration, 237, 237f
BYOD, 239
document storage and access, 238, 238f
evolution of, 234
mobile applications, 236–237, 237f
multifactor authentication, 238, 239f
native-mode applications, 236
overview, 233
software development considerations, 240–241
streaming video content, 240, 241f
Mobile-identity management, 73–74
Monitoring
device screens, 145
systems for, 303, 305–306, 306f
Moore's Law, 267
MTBF (mean time between failure), 158–159
N
National Institute of Standards and Technology (NIST), 6, 6f
Native-mode applications, 236
Network-attached storage (NAS), 59, 60–61, 60f, 80–81, 81f, 166, 167f
Network storage, 80–81, 80–81f
Network virtualization, 120, 129–131, 130–131f
New Relic cloud-performance monitoring, 204–205, 205f
Nonfunctional requirements, 278
O
Object Management Group (OMG), 15–16, 16f
Office 365, Microsoft, 31–32, 31f, 32f
Off-site storage solutions, 28–29, 29f, 59, 159
On-demand operating system, 127, 128f
OneDrive, Microsoft, 83–85, 84–85f
Online schools, SaaS solutions, 30–31, 30f
Open-source solutions, 293
Operating systems, future of, 318–319
Operational expenses (OPEX), 263–264
Oracle MySQL Cloud, 196
Organization for Economic Cooperation and Development (OECD), 247, 247f
Outsourced server management, 5
P
Paging and page files, 121
Parallels Desktop 4 Windows and Linux, 126, 127f
Pareto principle, 302
Password bank, IDaaS solution, 71–72
Payroll processing, 27
Performance benchmarks, 307, 307f
Performance, designing for, 283
Performance indicators (business), 268, 269–270t
Performance of web services, 183–185
Performance tuning, 309
Personal health information (PHI), 203
Personally identifiable data (PII), 203
Phone systems, 103–105, 104–105f, 169, 234, 234f, 235t
Physical security, 149–151, 150f
Physical servers, 62
Pingdom site monitoring, 306, 306f
Platform as a Service (PaaS), 39–49
benefits of, 45
disadvantages of, 46
Google App Engine, 40–41, 40f, 41f
IT evolution leading to, 42–45, 42–45f
Platform, defined, 47
Point of diminishing returns, 308–309, 309f
Portability, 284
Power-aware appliances, 323
Power failures or disruptions, 160–162, 161–162f
Presentations and lectures, 112, 112f
Price, designing for, 283
Provisioning, 70
Public Company Accounting Reform and Investor Protection Act, 253
R
Rackspace, IaaS solution, 60
Recovery, designing for, 284
Recovery point objective (RPO), 158, 201
Recovery time objective (RTO), 158, 201
Redundant array of independent (or inexpensive) disks (RAID), 159–160
Reliable Adaptive Distributed Systems Laboratory, 320
Remote-procedure calls (methods), 182
Reserved instances, 224
Responsive web application, 236
Return on investment (ROI), 205–206, 224, 264–266
RingCentral, cloud-based phone system, 170
Risk mitigation, 170, 171t. See also Threats
80/20 rule (Pareto principle), 302
S
S3 (Amazon Simple Storage Service), 10
Salesforce.com, 10, 24, 25f, 113
SAML (Security Assertion Markup Language), 70, 70f
SANs (Storage area networks), 80, 80f
Sarbanes-Oxley Act (2002), 253–254, 253f
capacity planning vs., 308
diminishing returns and, 308–309, 309f
overview, 301
Pareto principle, 302
performance tuning, 309
advantages, 140
business continuity and disaster recovery, 142
data-storage wiping, 142–143, 143f
denial-of-service attacks, 143
designing for, 285
guest-hopping attacks, 146, 147f
malicious employees and, 145–146
man-in-the-middle attacks, 145, 145f
monitoring device screens, 145
physical security, 149–151, 150f
policies and procedures, 203
product solutions, 141
SQL-injection attacks, 148
Security Assertion Markup Language (SAML), 70, 70f
Security hardening, 142
Self-service, 8
Serverless computing, 297, 297f
Servers. See also Load-balancing
blade servers, 44, 44f, 120, 122–123, 122–123f
physical servers, 62
virtualization, 11, 12f, 120, 122–124f, 122–125
Service-level agreements (SLAs), 169–170, 194–195, 195f, 308
Service-oriented architecture (SOA), 29, 32–33, 33f, 182, 182f. See also Web services
Shared responsibility, 197–198
Shared virtual servers, 62
SharePoint, Microsoft, 108–109
Single sign-on (SSO), 68–69f, 68–70
Site evaluation systems, 304
Skype, VoIP messaging, 102, 103f
SLAs (service-level agreements), 169–170, 194–195, 195f, 308
Smart appliances, 323
Smart devices, 323
SNIA (Storage Networking Industry Association), 15, 16f
Social attacks, 74
Software as a Service (SaaS), 23–35
cloud-based backup systems, 86, 87f
multitenant nature of, 24–26, 25f
service-oriented architecture, 29, 32–33, 33f
Software-defined storage, 92
Solution testing and validation, 207
Source code, 292
Source code-escrow agreement, 199, 200f
Splunk, system monitoring using, 207
SQL-injection attacks, 148
SSO (Single sign-on), 68–69f, 68–70
Standards organizations, 4, 4f, 15–16, 16f
Storage area networks (SANs), 80, 80f
Storage Networking Industry Association (SNIA), 15, 16f, 92, 93f
Storage redundancy, 59–60, 59–60f
Streaming media and video, 114–115
Streaming video content, 240, 241f
Strengths, weaknesses, opportunities, and threats (SWOT) analysis, 196–197, 197f
System redundancy, 59–60, 59–60f
System requirements, 278
T
Taleo, cloud-based talent management system, 26
Tape vaulting, 159
TCO (total cost of ownership), 260–262
Technical support, 202
Television
future applications, 321, 321f
Testability, 285
Thin operating system, 319
Threats, 158–169. See also Security
database system failures, 168–169, 168f
desktop failures, 166
disgruntled employees, 165
phone system failures, 169
power failures or disruptions, 160–162, 161–162f
server failures, 166–167, 167f
Total cost of ownership (TCO), 260–262
Training, 223
Treadway Commission, 250
Type 1 hypervisor, 125
Type 2 hypervisor, 125
U
Uninterruptible power supply (UPS), 161, 161f
University of California, Berkeley, 14
UPS (Uninterruptible power supply), 161, 161f
Uptime software, 207
Usability, 286
V
Validation testing, 207
Vertical scaling, 303
Virtual desktop, 126
blade servers, 120, 122–123, 122–123f
data storage, 120, 132–133, 132f
desktops, 12, 12f, 120, 125–129, 126–129f
hardware requirements and, 133
networks, 120, 129–131, 130–131f
servers, 11, 12f, 120, 122–124f, 122–125
Virtual local area network (VLAN), 129
Virtual machine, 120
Virtual meetings, 27–28, 28f, 111, 111f
Virtual memory, 120, 121, 121f
Virtual networks, 120, 129–131, 130–131f
Virtual presentations, 112, 112f
Virtual private network (VPN), 120, 129–131, 130–131f, 130f
Virtual-server environment, 125
antivirus software, 141–142, 141f
VMware, virtual-server environment, 125
Voice over Internet protocol (VoIP), 102, 103f
VPN (virtual private network), 129–131, 130–131f
Vulnerability assessment, 151
W
War driving, 316
W3C (World Wide Web Consortium) guidelines, 279
Web applications, vs. apps, 235–236, 236f
Web-based collaboration, 101, 101f
WebEx, SaaS solution, 27–28, 28f
Web logs (blogs), 109–110, 110f
WebPagetest, site evaluation system, 304–305, 304f
Web services
as black box, 186
coupling and, 185
governance and, 189
reuse and, 185
Windows Azure, PaaS solution, 4–5, 47, 47f, 91, 91f
Windows VPN support, 130, 131f
World Wide Web Consortium (W3C) guidelines, 279
Y
YouTube, 114
Z