Cloud Computing: Evolution, Features,
Components, Benefits, Challenges
Cloud computing means
getting computer services — like data storage, processing power, and software —
through the internet, and paying only for what you use. Instead of buying and
managing your own servers or software, you use the resources provided by remote
data centers owned by cloud service companies. This system gives businesses the
ability to increase or decrease their usage quickly based on need, without
spending a lot of money upfront on physical equipment.
Evolution of Cloud Computing
• Old Computing
Methods: Earlier,
companies used big mainframe computers or client-server setups where all data
and applications were kept on local machines or private data centers.
• Start of Grid
Computing: In the late
1990s, grid computing came into use. It connected computers from different
locations to work together on large tasks. This helped in developing the ideas
of sharing resources and virtualization.
• Arrival of Utility
Computing: In the early
2000s, utility computing allowed users to take computer resources on demand,
similar to how we use electricity or water — pay as you go.
• Growth of
Virtualization: Mid-2000s saw
the rise of virtualization. This technology allowed one physical server to act
like many smaller virtual servers, improving resource usage and flexibility.
• Beginning of Cloud
Computing: Late 2000s
brought cloud computing as a new way to deliver computer services. Companies
like Amazon (AWS), Google (GCP), and Microsoft (Azure) started offering public
cloud services.
• More Cloud Services: Over time, cloud computing included many
new service types like IaaS, PaaS, and SaaS. This helped businesses get
complete computer resources without owning the infrastructure themselves.
• Use of Hybrid and
Multi-Cloud: Companies
started using both public and private clouds together (hybrid) or multiple
cloud providers at once (multi-cloud) to enjoy the benefits of each.
• New Technology
Additions: Cloud computing
has continued to change with new tools like containers, serverless computing,
edge computing, and artificial intelligence (AI).
Features of Cloud Computing
• Self-Service on
Demand: Users can set up
and use computer resources on their own, without needing to talk to any service
provider employee.
• Access from
Anywhere: Cloud services
can be reached from any location and any device (laptop, phone, tablet) using
the internet.
• Sharing of
Resources: Cloud providers
put their computing resources together and give them to many users through
virtualization.
• Quick Growth or
Reduction: Cloud capacity
can go up or down very fast based on need. If more users come, more resources
are added automatically.
• Pay for What You
Use: Cloud services
keep track of how much you use, so you pay only for what you actually take.
• Ability to Grow
Easily: Cloud makes it
easy to add more servers or storage as your business grows, without stopping
your work.
• Dependable and
Always Available: Cloud providers
keep extra copies of your data and have backup systems ready so that services
keep running even if something fails.
Basic Parts of Cloud Computing
• Infrastructure as a
Service (IaaS): Provides virtual
computer resources like servers, storage, and network over the internet. You
rent them and control everything. Example: AWS EC2, Google Compute Engine.
• Platform as a
Service (PaaS): Gives developers
a ready-to-use platform with tools to build, test, and launch applications
without worrying about the underlying hardware. Example: Google App Engine,
Azure App Service.
• Software as a
Service (SaaS): Delivers ready-made
software over the internet. You just open a web browser or app to use it.
Example: Gmail, Zoom, Microsoft 365.
• Function as a
Service (FaaS): Also called
serverless computing. You upload small pieces of code (functions), and they run
only when needed. No server management required. Example: AWS Lambda, Google
Cloud Functions.
• Cloud Storage: Lets you save files, documents, and data
on remote servers. You can access them from anywhere. Example: Google Drive,
Dropbox, AWS S3, OneDrive.
• Cloud Security: All the rules, tools, and methods to
keep data, apps, and infrastructure safe in the cloud.
• Cloud Networking: Manages network resources in the cloud
so that different devices, apps, and systems can connect easily with each
other.
Good Things (Benefits) of Cloud Computing
• Saves Money: You don't have to buy expensive
hardware. You pay only for what you use, which reduces your starting costs.
• Grows with Your
Needs: You can quickly
increase or decrease your computer resources when your business needs change.
• Better Teamwork: Cloud tools allow team members to work
together from anywhere, share files, and see updates in real time.
• Strong Backup and
Recovery: Cloud providers
keep automatic backups and have systems to recover quickly from any failure or
disaster.
• Faster Innovation: With cloud, you can test new ideas,
build applications, and launch them much faster than before.
• Access from
Anywhere: Employees can
work from home, office, or even while traveling, as long as they have internet
access.
Problems (Challenges) of Cloud Computing
• Security and Rules: Because many users share the same cloud,
there is a risk of data theft or breaking privacy laws. Following rules
(compliance) becomes more difficult.
• Managing Large
Amounts of Data: It is not easy
to manage and control huge amounts of data spread across different cloud
systems.
• Speed and
Dependability: Cloud
performance can sometimes slow down because of internet speed, too many users
at once, or server problems.
• Locked with One
Provider (Vendor Lock-in): If
you become too dependent on one cloud company, it becomes hard to switch to
another provider later.
• Unexpected Costs: If you don't track usage carefully, your
cloud bill can become very high due to unused resources or wrong setup.
• Following Laws and
Rules: Different
countries have different laws about where data can be stored and how it must be
protected. This is hard to manage in the cloud.
Cloud Computing Deployment Models
Deployment model means
how cloud services are made available to users. The choice depends on who owns
the cloud, who manages it, and who can use it.
• Public Cloud: The cloud service provider owns and runs
everything. Anyone can use it by paying a subscription or by usage. Best for
companies that want low cost and easy setup. Examples: AWS, Azure, Google
Cloud.
• Private Cloud: The cloud is used by only one
organization. It can be in their own data center or managed by an outside
company just for them. Best for companies with high security needs.
• Hybrid Cloud: This combines both public and private
clouds. Sensitive data and important work stay in the private cloud, while less
critical work is done in the public cloud. This gives both safety and
flexibility.
• Community Cloud: This cloud is shared by several
organizations that have the same goals, security needs, or rules to follow. It
is like a private cloud but for a group.
Cloud-Based Enterprise Solutions: Working,
Benefits, Example
Cloud-based enterprise
solutions means using internet-based services to run the daily work of a
business. Companies use cloud for storing data, running software, and managing
operations.
How Cloud-Based Enterprise Solutions Work
• Cloud Data Storage: Instead of keeping data on office
computers, cloud systems save it in remote data centers. The same data is
copied to many servers, so if one server fails, others keep working.
• Cloud Software
Access: Cloud software
runs on remote servers, not on your local computer. You just log in from a
browser or app. The provider adds updates and new features without you doing
anything.
• Virtualization
Method: Virtualization
allows one physical server to act like many virtual servers. This helps the
cloud provider run many applications on the same machine safely and
efficiently.
• Internet Connection: Cloud works through the internet. User
devices send requests to cloud servers, and after processing, the results come
back. Load balancers and multiple data routes keep the system working even if
one path fails.
• Cloud Security
Tools: Cloud platforms
keep data safe using encryption (coding the data), firewalls, monitoring
systems, and regular security updates. Only authorized users can log in.
Benefits of Cloud-Based Enterprise Solutions
• Low Cost (Saving
Money): Companies do not
have to buy expensive servers or install software on every computer. They only
pay for what they use.
• Easy Growth
(Scalability): If a business
gets more customers, the cloud automatically adds more resources. When demand
goes down, it adjusts back. This is very helpful during festivals, sale events,
or new projects.
• Better Teamwork and
Remote Work: Employees can
open files, run applications, and share data from any location — office, home,
or travel. Everyone works on the same updated information.
• Highly Reliable
(Always Available): Cloud stores
data in multiple data centers. If one center fails, another takes over.
Automatic backup prevents data loss from disasters or mistakes.
• Strong Security: Data is protected with encryption during
storage and transfer. Only approved users can access it. Firewalls, threat
detection, and regular security checks keep the system safe.
Examples of Cloud-Based Enterprise Solutions
• Google Workspace: Gmail, Google Drive, Docs, Sheets, Meet,
Calendar. All work is online. No software installation needed.
• Microsoft 365: Online versions of Word, Excel,
PowerPoint, Outlook, and Teams. Data saved on OneDrive gives secure backup from
anywhere.
• Salesforce CRM: Cloud-based software for managing
customers, sales, marketing, and support. All data is online. Salespeople can
update from mobiles while visiting clients.
• Amazon Web Services
(AWS): Provides
storage, databases, servers, analytics, and security tools through the
internet. Businesses use it to host websites and run applications.
• SAP S/4HANA Cloud: A complete cloud-based system for
managing finance, supply chain, inventory, sales, production, and HR in one
place.
Cloud-Based Enterprise Cost-Benefit
Analysis and Scalability
To decide whether to
move to the cloud, companies do a cost-benefit analysis. They also check
scalability, which means how easily the system can grow or shrink based on
needs.
Cost-Benefit Analysis in Cloud Systems
What is it? Comparing the total money spent on cloud
with the total benefits (savings + new value) received.
Major Savings from
Cloud:
• No Need to Buy
Hardware: Earlier,
companies had to buy expensive servers, storage devices, and networking
equipment. Cloud removes this cost completely.
• No Software
Installation Cost: Cloud software
runs online. Instead of buying licenses for every computer, you pay a simple
monthly subscription.
• Less IT Staff
Needed: Cloud provider
handles maintenance, updates, security, and backups. Your IT team is free to focus
on important business work.
• Less Downtime Cost: Cloud systems are hosted in strong data
centers with backup servers. This means fewer breaks in service and less
business loss.
• Lower Electricity
Bills: You do not need
to run servers and cooling systems inside your office, so your power bill goes
down.
Hidden Benefits That
Also Help:
·
Better
Productivity: Employees can
work from anywhere, share files instantly, and avoid delays.
·
Faster
Decisions: Real-time data
analytics help managers take better decisions quickly.
·
Easy
New Technology: Adding AI, data
analytics, or automation is much cheaper and faster in the cloud.
Scalability in Cloud Systems
Meaning: Scalability means the cloud system can
increase or decrease its capacity (storage, processing power, etc.) based on
current needs. You only pay for what you use.
Types of Scalability:
• Vertical
Scalability: Increasing power
(more memory, faster processor) within the same virtual machine.
• Horizontal
Scalability: Adding more
virtual machines to share the workload. When traffic increases, new machines
are added; when it decreases, extra machines are removed.
• Automatic
Scalability: Many cloud
platforms adjust resources automatically without any human action. The system
watches usage and changes capacity as needed.
How Scalability Helps
Businesses:
·
Handles sudden high
traffic during festivals or product launches
·
Supports business
growth without buying new hardware
·
Controls costs because
you pay only for active resources
·
Keeps applications
running fast even during peak times
·
Helps managers plan
better by adjusting resources for different projects or seasons
Cloud Security: Goals, Parts, and
Threats
Cloud security means
all the rules, tools, and actions taken to protect data, applications, and
systems in the cloud from online attacks and mistakes.
Main Goals of Cloud Security
• Keep Data Safe: Protect business data from theft, loss,
or wrong use by using encryption, monitoring tools, and secure data centers.
• Control Who Can
Access: Only authorized
people should be able to use cloud resources. This is done with strong
passwords, multi-factor authentication, role-based access, and login tracking.
• Protect Privacy: Keep personal, financial, and sensitive
information from being seen or shared by unauthorized people.
• Always Keep Services
Available: Ensure that
cloud services keep running even during attacks, hardware failures, or natural
disasters using multiple servers and backup systems.
• Quick Recovery from
Problems: Through
automatic backups and stored copies, lost or damaged data can be restored
quickly.
Important Parts (Components) of Cloud Security
• Identity and Access
Management (IAM): Decides who can
enter the cloud system. Uses passwords, multi-factor authentication, and
role-based rules.
• Data Encryption: Turns readable data into secret code.
Only someone with the correct key can read it. Used for data at rest (stored)
and data in transit (moving).
• Network Security: Protects the path through which data
travels. Uses firewalls, intrusion detection, and VPNs to block hackers.
• Security Monitoring
and Logging: Watches the
cloud system continuously. Logs record every login, file change, or data
transfer. Helps find attacks early.
• Compliance
Management: Makes sure the
cloud system follows all legal rules (like data protection laws, audit needs,
and industry standards).
• Disaster Recovery
and Backup: Keeps extra
copies of data in different places. If one copy is lost, another can be used to
restore work quickly.
• Endpoint Security: Protects the devices (laptops, mobiles,
tablets) that connect to the cloud. Uses antivirus, device checks, and remote
wipe features.
• Application
Security: Protects the
software (apps) running in the cloud from bugs or weak points. Uses secure
coding, regular testing, and updates.
Common Security Threats in Cloud Computing
• Data Breach: When unauthorized people get access to
sensitive data because of weak passwords, wrong cloud settings, malware, or
misuse by an employee.
• Account Hijacking: When attackers steal your login details
(username and password) using fake emails (phishing), weak passwords, or
malware. They then enter the system and misuse it.
• Insecure APIs: Application Programming Interfaces
(APIs) let different software talk to each other. If they are poorly made,
hackers can use them to break into the system.
• Denial of Service
Attack: Attackers send
so much fake traffic to the cloud server that it becomes slow or stops working
for real users.
• Insider Threat: A current or former employee,
contractor, or business partner uses their allowed access to steal data,
destroy files, or share secrets with outsiders.
• Wrong Cloud
Settings: Mistakes made by
users, such as keeping storage open to the public, turning off encryption, or
giving too many permissions. This is one of the most common causes of cloud
security problems.
Shared Responsibility Model
The shared responsibility
model tells who is responsible for which security tasks in the cloud.
·
Cloud
Provider takes care of: Security
of the cloud (physical data centers, servers, storage, networking, and the
basic cloud services).
·
Customer
(You) takes care of: Security in the
cloud (user access, data encryption, application security, operating system
settings, and compliance).
Cloud Governance: Meaning, Aspects,
Benefits, Principles, Problems
Cloud governance means
creating rules, policies, and processes to control how a company uses cloud
services. It makes sure that cloud resources are used safely, within budget,
and according to legal rules.
Key Parts (Aspects) of Cloud Governance
• Policy and Standards
Management: Writing clear
rules for how the company will use cloud services (data storage, security,
access, costs).
• Security and Access
Governance: Making sure
cloud resources are protected. Uses strong login methods, permission
management, and data protection.
• Compliance and
Regulatory Governance: Following
all legal rules (privacy laws, audit requirements) related to data and cloud
use.
• Cost and Resource
Governance: Controlling
cloud spending by tracking usage, finding waste, and planning budgets.
• Risk Management and
Assessment: Finding possible
dangers in cloud use (data loss, wrong settings, cyber attacks, service
failure) and taking steps to reduce them.
• Data Governance: Rules for how data is stored, accessed,
shared, and protected in the cloud (classification, backup, retention).
• Performance and
Monitoring Governance: Using
tools to watch performance (speed, uptime, response time) so that applications
run smoothly.
• Disaster Recovery
and Continuity Governance: Plans
to continue work even after a major failure (backup, recovery, alternative
systems).
Why Cloud Governance is Important
• Keeps Security and
Control: Makes sure
strong security rules are followed. Protects sensitive data with access
control, encryption, and monitoring.
• Helps Follow Laws
(Compliance): Helps companies
meet national laws and industry regulations, avoiding fines and legal problems.
• Reduces Cloud Costs
(Saves Money): Tracks usage,
finds waste, and helps choose the right pricing plans. Avoids unexpected high
bills.
• Keeps Services
Running Well: Uses monitoring
to check system speed, uptime, and response time. Fixes problems before users
notice.
• Reduces Risks: Finds risks like data loss, cyber
attacks, misconfigurations, and service failures. Takes steps to prevent them.
Principles of Cloud Governance
• Clear Rules and
Standards: All departments
follow the same written rules for cloud usage. No confusion or different
practices.
• Security First: Security is the top priority. Always use
strong authentication, encryption, network protection, and continuous
monitoring.
• Clear Responsibility
(Accountability): Every team and
person knows their role in managing cloud security, costs, and resources.
• Know Your Costs
(Transparency): All cloud
expenses should be visible and controlled. Use the right pricing models and
shut down unused resources.
• Follow the Law
(Legal Alignment): All cloud
activities must follow legal rules and industry standards. Regular audits check
this.
• Watch and Improve
(Continuous Monitoring): Always
watch performance, security, and usage. Keep updating policies based on new
findings.
Problems (Limitations) of Cloud Governance
• Hard to Set Up (Complex
Implementation): Creating all the
rules, roles, and security steps is very complex and time-consuming.
• Need Skilled People: Requires people who understand cloud
technology, security, rules, and cost management. Good training is also needed.
• Hard to Balance
Freedom and Control: Too many strict
rules slow down work. Too little control leads to security issues and high
costs.
• Multi-Cloud
Problems: If a company
uses multiple cloud providers (AWS, Azure, Google), each has different tools
and policies. Managing governance across all is difficult.
• Hard to Monitor
Everything: Cloud systems
produce huge amounts of logs, alerts, and data. Watching all this information
regularly is very hard.
Data Security in the Cloud: Importance,
Methods, Risks
Data security in the cloud
means protecting data while it is stored, processed, or sent from one place to
another.
Why Data Security is Important
• Protects Secret
Information: Customer
details, bank records, employee information, and business files. Stops theft,
misuse, identity fraud, and loss of trust.
• Lowers Cyber Attack
Risk: Uses firewalls,
login checks, and threat detection to block attacks and prevent data leaks or
account theft.
• Keeps Business
Running (Continuity): Regular backups
and recovery methods protect data during failures, attacks, or technical
problems.
• Meets Legal Rules: Helps companies follow data protection
laws (GDPR, HIPAA, etc.) by protecting privacy, keeping records, and storing
data safely.
Key Data Security Methods in the Cloud
1. Encryption: Changes readable data into secret code.
Only someone with the correct key can read it. Used for stored data (at rest)
and data moving on the internet (in transit).
2. Identity and Access
Management (IAM): Decides who can
use cloud resources. Uses strong passwords, multi-factor authentication,
role-based access, and login monitoring.
3. Firewalls and
Network Security: Watches traffic
entering and leaving the cloud. Blocks harmful traffic, suspicious requests,
and attacks. Uses VPNs and intrusion detection.
4. Data Backup and
Disaster Recovery: Keeps extra
copies of data in different places. If one copy is lost or damaged, it can be
restored quickly.
5. Security Monitoring
and Logging: Watches the
system for unusual activity. Logs record login attempts, file changes, and data
access. Helps find attacks early.
6. Data Loss
Prevention (DLP): Stops secret
data from being shared, leaked, or stolen. Scans emails, documents, and files
for sensitive information.
Major Data Security Risks in the Cloud
1. Data Breach: Unauthorized people access secret data
because of weak passwords, poor access control, wrong cloud settings, or
cyberattacks.
2. Data Loss: Important information becomes deleted,
damaged, or unavailable due to accidental deletion, technical failure,
cyberattack, or natural disaster.
3. Insecure APIs: If APIs (which connect different
software) are not made safely, hackers can use them to break into the system
and steal login details or data.
4. Account Hijacking: Attackers steal usernames and passwords
through fake emails (phishing), weak passwords, or malware, and then take
control of the account.
5. Insider Threat: Current or former employees,
contractors, or partners with access to the system misuse it to steal data or
cause damage.
6. Wrong Cloud
Settings: Mistakes by
users, such as leaving storage open to the public, turning off encryption, or
giving too many permissions.
Compliance in the Cloud: Importance,
Rules, Tools
Compliance in the
cloud means following all legal, industry, and company rules while using cloud
services for storing and managing data.
Why Compliance is Important
• Keeps Customer Data
Safe: Makes sure
customer information is stored properly and used responsibly. Reduces chances
of data leaks.
• Avoids Legal Fines: Helps companies meet legal requirements,
avoiding heavy fines, lawsuits, and government actions.
• Builds Trust: Shows customers and partners that data
is handled responsibly. Builds a good reputation.
• Improves Security: Requires strong security practices like
encryption, monitoring, backups, and access control.
Important Compliance Standards for Cloud
• GDPR (General Data
Protection Regulation): EU
law for protecting personal data. Requires strong security, user consent, right
to access data, and quick reporting of data breaches.
• HIPAA (Health
Insurance Portability and Accountability Act): US law for protecting patient health
information. Needs encryption, access control, audit logs, and strict data
sharing rules.
• PCI DSS (Payment
Card Industry Data Security Standard): Rules for companies that handle credit/debit card
payments. Needs strong encryption, secure networks, firewalls, and regular
monitoring.
• ISO 27001: International standard for information
security management. Focuses on risk management, access control, physical
security, and regular audits.
• SOC 2: Checks how well a cloud provider
protects customer data. Checks five areas: security, availability, processing
integrity, confidentiality, and privacy.
• FedRAMP: US government security standard for
cloud services. Checks encryption, access control, continuous monitoring, and
incident reporting.
• CSA STAR
Certification: Global
certification for cloud security based on the Cloud Controls Matrix.
• India-Specific Rules
(IT Act and CERT-In): Indian laws for
data protection, cybercrime, and incident reporting. Cloud services in India
must follow these.
Tools for Cloud Compliance
• Cloud Security
Posture Management (CSPM) Tools: Check if your cloud settings follow security and
compliance rules. Examples: Prisma Cloud, Wiz, Dome9.
• Cloud Access
Security Brokers (CASB): Act
as a bridge between users and cloud services. Provide encryption, threat
detection, data loss prevention, and access control. Examples: Microsoft
Defender for Cloud Apps, Netskope, McAfee CASB.
• Identity and Access
Management (IAM) Tools: Make
sure only the right people can access cloud resources. Examples: AWS IAM, Azure
Active Directory, Okta.
• Security Information
and Event Management (SIEM) Tools: Collect and analyze logs from cloud services to find
suspicious activities and threats. Examples: Splunk, IBM QRadar, Azure
Sentinel.
• Data Loss Prevention
(DLP) Tools: Stop sensitive
information from being leaked or shared without permission. Examples: Symantec
DLP, Microsoft Purview DLP, Forcepoint DLP.
Problems in Compliance
• Complex and Changing
Rules: Laws keep
changing in different countries. Keeping up with them takes time, money, and
expert knowledge.
• Lack of Visibility
and Control: Because data is
stored on cloud provider's servers, you have less direct control over it. This
makes compliance harder.
• Not Enough Security
Measures: Many companies
move to cloud without applying proper security settings. Weak access management
and no encryption make compliance impossible.
• Human Errors and
Wrong Settings: Giving too many
permissions, using weak passwords, or leaving storage open to the public are
common mistakes that break compliance rules.
Cloud Governance Frameworks: Meaning and
Uses
Cloud governance
frameworks give structured guidelines to help organizations manage their cloud
resources in a safe, organized, and cost-effective way.
Main Cloud Governance Frameworks
• AWS Well-Architected
Framework: Gives best
practices for designing secure, reliable, and efficient systems on AWS. Main
areas: security, operational excellence, reliability, performance, cost
optimization, and sustainability.
• Microsoft Cloud
Adoption Framework (CAF): A
step-by-step guide for adopting and managing cloud services on Azure. Covers
strategy, planning, preparation, migration, and governance.
• Google Cloud
Governance Model: Guidelines for
managing identity, access, security, cost, and resources on Google Cloud. Uses
folders, projects, and resource hierarchies to set structure.
Uses of Cloud Governance Frameworks
• Makes Security and
Compliance Stronger: Helps
organizations apply correct security rules and meet legal requirements. Guides
teams on access control, data protection, encryption, and monitoring.
• Controls Cloud Costs
and Stops Waste: Provides
guidelines for budgeting, tracking usage, finding unused resources, and
choosing the right pricing plans.
• Organizes Resources
Better: Shows teams how
to classify, tag, allocate, and monitor cloud assets. Supports automation to
reduce manual errors.
• Improves Decision
Making and Responsibility: Clearly
defines roles, responsibilities, and decision rules. Every action can be traced
to a specific team or person.
• Better Performance
Monitoring and Risk Management: Offers guidelines for using monitoring tools, dashboards,
and alert systems. Helps find slowdowns, failures, or unusual activity early.