Cloud computing is an abstraction of compute, storage, and network infrastructure assembled as a platform on which applications and systems can be deployed quickly and scaled on the fly. Crucial to cloud computing is self-service: Users can simply fill in a web form and get up and running.

The vast majority of cloud customers consume public cloud computing services over the internet, which are hosted in large, remote data centers maintained by cloud providers. The most common type of cloud computing, SaaS (software as service), delivers prebuilt applications to the browsers of customers who pay per seat or by usage, exemplified by such popular apps as Salesforce, Google Docs, or Microsoft Teams. Next in line is IaaS (infrastructure as a service), which offers vast, virtualized compute, storage, and network infrastructure upon which customers build their own applications, often with the aid of providers API-accessible services.

When people casually say the cloud, they most often mean the big IaaS providers: AWS (Amazon Web Services), Google Cloud, or Microsoft Azure. All three have become gargantuan ecosystems of services that go way beyond infrastructure: developer tools, serverless computing, machine learning services and APIs, data warehouses, and thousands of other services. With both SaaS and IaaS, a key benefit is agility. Customers gain new capabilities almost instantly without capital investment in hardware or softwareand they can instantly scale the cloud resources they consume up or down as needed.

Way back in 2011, NIST posted a PDF that divided cloud computing into three service modelsSaaS, IaaS, and PaaS (platform as a service)the latter a controlled environment within which customers develop and run applications. These three categories have largely stood the test of time, although most PaaS solutions now make themselves available as services within IaaS ecosystems rather than presenting themselves as their own clouds.

Two evolutionary trends stand out since NISTs threefold definition. One is the long and growing list of subcategories within SaaS, IaaS, and PaaS, some of which blur the lines between categories. The other is the explosion of API-accessible services available in the cloud, particularly within IaaS ecosystems. The cloud has become a crucible of innovation where many emerging technologies appear first as services, a big attraction for business customers who understand the potential competitive advantages of early adoption.

This type of cloud computing delivers applications over the internet, typically with a browser-based user interface. Today, the vast majority of software companies offer their wares via SaaSif not exclusively, then at least as an option.

The most popularSaaS applications for business can be found in Googles G Suite and Microsofts Office 365; most enterprise applications, including giant ERP suites from Oracle and SAP, come in both SaaS and on-prem versions. SaaS applications typically offer extensive configuration options as well as development environments that enable customers to code their own modifications and additions. They also enable data integration with on-prem applications.

At a basic level,IaaS cloud providers offer virtualized compute, storage, and networking over the internet on a pay-per-use basis. Think of it as a data center maintained by someone else, remotely, but with a software layer that virtualizes all those resources and automates customers ability to allocate them with little trouble.

But thats just the basics. The full array of services offered by the major public IaaS providers is staggering:highly scalable databases, virtual private networks,big dataanalytics, developer tools,machine learning, application monitoring, and so on.Amazon Web Serviceswas the first IaaS provider and remains the leader, followed by Microsoft Azure,Google Cloud Platform, Alibaba Cloud, andIBM Cloud.

PaaS provides sets of services and workflows that specifically target developers, who can use shared tools, processes, and APIs to accelerate the development, testing, and deployment of applications. Salesforces Heroku and Salesforce Platform (formerly Force.com) are popular public cloud PaaS offerings; Cloud Foundry and Red Hats OpenShift can be deployed on premises or accessed through the major public clouds. For enterprises, PaaS can ensure that developers have ready access to resources, follow certain processes, and use only a specific array of services, while operators maintain the underlying infrastructure.

FaaS, the cloud version of serverless computing, adds another layer of abstraction to PaaS, so that developers are completely insulated from everything in the stack below their code. Instead of futzing with virtual servers, containers, and application runtimes, developers upload narrowly functional blocks of code, and set them to be triggered by a certain event (such as a form submission or uploaded file). All the major clouds offer FaaS on top of IaaS: AWS Lambda,Azure Functions, Google Cloud Functions, and IBM Cloud Functions. A special benefit of FaaS applications is that they consume no IaaS resources until an event occurs, reducing pay-per-use fees.

A private cloud downsizes the technologies used to run IaaS public clouds into software that can be deployed and operated in a customers data center. As with a public cloud, internal customers can provision their own virtual resources to build, test, and run applications, with metering to charge back departments for resource consumption. For administrators, the private cloud amounts to the ultimate in data center automation, minimizing manual provisioning and management. VMware provides the most popular commercial private cloud software, while OpenStack is the open source leader.

Note, however, that the private cloud does not fully conform to the definition of cloud computing. Cloud computing is a service. A private cloud demands that an organization build and maintain its own underlying cloud infrastructure; only internal users of a private cloud experience it as a cloud computing service.

A hybrid cloud is the integration of a private cloud with a public cloud. At its most developed, the hybrid cloud involves creating parallel environments in which applications can move easily between private and public clouds. In other instances, databases may stay in the customer data center and integrate with public cloud applicationsor virtualized data center workloads may be replicated to the cloud during times of peak demand. The types of integrations between private and public cloud vary widely, but they must be extensive to earn a hybrid cloud designation.

Just as SaaS delivers applications to users over the internet, public APIs offer developers application functionality that can be accessed programmatically. For example, in building web applications, developers often tap into the Google Maps API to provide driving directions; to integrate with social media, developers may call upon APIs maintained by Twitter, Facebook, or LinkedIn. Twilio has built a successful business delivering telephony and messaging services via public APIs. Ultimately, any business can provision its own public APIs to enable customers to consume data or access application functionality.

Data integration is a key issue for any sizeable company, but particularly for those that adopt SaaS at scale. iPaaS providers typically offer prebuilt connectors for sharing data among popular SaaS applications and on-premises enterprise applications, though providers may focus more or less on business-to-business and e-commerce integrations, cloud integrations, or traditional SOA-style integrations. iPaaS offerings in the cloud from such providers as Dell Boomi, Informatica, MuleSoft, and SnapLogic also let users implement data mapping, transformations, and workflows as part of the integration-building process.

The most difficult security issue related to cloud computing is the management of user identity and its associated rights and permissions across private data centers and pubic cloud sites. IDaaS providers maintain cloud-based user profiles that authenticate users and enable access to resources or applications based on security policies, user groups, and individual privileges. The ability to integrate with various directory services (Active Directory, LDAP, etc.) and provide single sign-on across business-oriented SaaS applications is essential. Okta is the clear leader in cloud-based IDaaS; CA, Centrify, IBM, Microsoft, Oracle, and Ping provide both on-premises and cloud solutions.

Collaboration solutions such as Slack and Microsoft Teams have become vital messaging platforms that enable groups to communicate and work together effectively. Basically, these solutions are relatively simple SaaS applications that support chat-style messaging along with file sharing and audio or video communication. Most offer APIs to facilitate integrations with other systems and enable third-party developers to create and share add-ins that augment functionality.

Key providers in such industries as financial services, health care, retail, life sciences, and manufacturing provide PaaS clouds to enable customers to build vertical applications that tap into industry-specific, API-accessible services. Vertical clouds can dramatically reduce the time to market for vertical applications and accelerate domain-specific B-to-B integrations. Most vertical clouds are built with the intent of nurturing partner ecosystems.

The most widely accepted definition of cloud computing means that you run your workloads on someone elses servers, but this is not the same as outsourcing. Virtual cloud resources and even SaaS applications must be configured and maintained by the customer. Consider these factors when planning a cloud initiative.

Objections to the public cloud generally begin with cloud security, although the major public clouds have proven themselves much less susceptible to attack than the average enterprise data center.

Of greater concern is the integration of security policy and identity management between customers and public cloud providers. In addition, government regulation may forbid customers from allowing sensitive data off premises. Other concerns include the risk of outages and the long-term operational costs of public cloud services.

The bar to qualify as a multicloud adopter is low: A customer just needs to use more than one public cloud service. However, depending on the number and variety of cloud services involved, managing multiple clouds can become quite complex from both a cost optimization and technology perspective.

In some cases, customers subscribe to multiple cloud services simply to avoid dependence on a single provider. A more sophisticated approach is to select public clouds based on the unique services they offer and, in some cases, integrate them. For example, developers might want to use Googles TensorFlow machine learning service on Google Cloud Platform to build AI-driven applications, but prefer Jenkins hosted on the CloudBees platform for continuous integration.

To control costs and reduce management overhead, some customers opt for cloud management platforms (CMPs) and/or cloud service brokers (CSBs), which let you manage multiple clouds as if they were one cloud. The problem is that these solutions tend to limit customers to such common-denominator services as storage and compute, ignoring the panoply of services that make each cloud unique.

You often see edge computing described as an alternative to cloud computing. But it is not. Edge computing is about moving compute to local devices in a highly distributed system, typically as a layer around a cloud computing core. There is typically a cloud involved to orchestrate all the devices and take in their data, then analyze it or otherwise act on it.

The clouds main appeal is to reduce the time to market of applications that need to scale dynamically. Increasingly, however, developers are drawn to the cloud by the abundance of advanced new services that can be incorporated into applications, from machine learning to internet of things (IoT) connectivity.

Go here to read the rest:

What is cloud computing? Everything you need to know now

Private cloud is a cloud computing environment dedicated to a single customer. It combines many of the benefits of cloud computing with the security and control of on-premises IT infrastructure.

Private cloud (also known as an internal cloud or corporate cloud) is a cloud computing environment in which all hardware and software resources are dedicated exclusively to, and accessible only by, a single customer. Private cloud combines many of the benefits of cloud computingincluding elasticity, scalability, and ease of service deliverywith the access control, security, and resource customization of on-premises infrastructure.

Many companies choose private cloud over public cloud (cloud computing services delivered over infrastructure shared by multiple customers) because private cloud is an easier way (or the only way) to meet their regulatory compliance requirements. Others choose private cloud because their workloads deal with confidential documents, intellectual property, personally identifiable information (PII), medical records, financial data, or other sensitive data.

By building private cloud architecture according to cloud native principles, an organization gives itself the flexibility to easily move workloads to public cloud or run them within a hybridcloud (mixed public and private cloud) environment whenever theyre ready.

More here:

What is Private Cloud? | IBM

The private cloud is defined as computing services offered either over the Internet or a private internal network and only to select users instead of the general public. Also called an internal or corporate cloud, private cloud computing gives businesses many of the benefits of apublic cloud- including self-service, scalability, and elasticity - with the additional control and customization available from dedicated resources over a computing infrastructure hosted on-premises. In addition, private clouds deliver a higher level of security and privacy through both company firewalls and internal hosting to ensure operations and sensitive data are not accessible to third-party providers. One drawback is that the companys IT department is held responsible for the cost and accountability of managing the private cloud. So private clouds require the same staffing, management, and maintenance expenses as traditional datacenter ownership.

Two models for cloud services can be delivered in a private cloud. The first isinfrastructure as a service (IaaS)that allows a company to use infrastructure resources such as compute, network, and storage as a service. The second isplatform as a service (PaaS)that lets a company deliver everything from simple cloud-based applications to sophisticated-enabled enterprise applications. Private clouds can also be combined with public clouds to create ahybrid cloud, allowing the business to take advantage ofcloud burstingto free up more space and scale computing services to the public cloud when computing demand increases.

See the original post:

What is a Private Cloud - Definition | Microsoft Azure

1. CloudTech

Bristol, England, UKCovers SaaS news, cloud computing jobs, virtualization strategy, cloud apps and enterprise IT, private and public cloud, system security, cloud apps, CRM, and cloud communications. Cloud Tech provides the latest insight that enables CIOs to make informed decisions about IT strategy. cloudcomputing-new.. 24.3K 3 posts / week Get Email Contact

An expert's opinion, the best way to defend against scam spam, trending articles, and technology innovation of the Cloud Computing industry. CIOReview is a technology magazine that talks about enterprise solutions. cloud.cioreview.com 2K 4 posts / day Get Email Contact

USTechRepublic provides IT professionals with a unique blend of original content, peer-to-peer advice from the largest community of IT leaders. This section of the TechRepublic blog features Cloud content, resources, thought leadership, and expert guidance. techrepublic.com/t.. 921.7K 7 posts / week Get Email Contact

Seattle, Washington, USLatest news and information on AWS. Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services. aws.amazon.com/blo.. 831.3K 9 posts / month Nov 2004 Get Email Contact

Vancouver, British Columbia, CanadaCovers cloud computing, SaaS, Big Data, Wearable Tech, and the Internet of Everything news and information. CloudTweaks connects brands to an influential audience made of business owners and managers of growing businesses, entrepreneurs, and early adopters. Also in Cloud Computing Magazines cloudtweaks.com 4.3K 1 post / week Get Email Contact

Redmond, Washington, USThe latest Azure news, product updates, and announcements from Azure experts. Azure is an open and flexible cloud computing platform created by Microsoft. Also in Microsoft Blogs, Microsoft Azure Blogs azure.microsoft.co.. 665.7K 12 posts / month Sep 2008 Get Email Contact

Palo Alto, California, USThe blog about VMware cloud services, products, news, and updates. VMware is a cloud computing and virtualization technology company that provides cloud solutions. blogs.vmware.com/c.. 371.9K 9 posts / month Get Email Contact

Seattle, Washington, USA blog about building scalable and robust distributed systems. Authored by Werner Vogels, a Chief Technology Officer at Amazon.com. allthingsdistribut.. 1 post / month Get Email Contact

This section of our blog features articles that have to do exclusively with cloud computing. Cisco is the worldwide leader in IT, networking, and cybersecurity solutions. blogs.cisco.com/cloud 2M 369.3K 2 posts / month Get Email Contact

Get the latest cloud insights, news, and recommendations from the HPE GreenLake blog. Hewlett Packard Enterprise is an industry-leading enterprise technology company that simplifies Hybrid IT community.hpe.c.. 300.1K 1 post / week Dec 2020 Get Email Contact

Mountain View, California, USGoogle Cloud Platform's blog contains hundreds of articles written by Google cloud experts and actually dates back to 2008. This vast blog discusses the products, customers, and technical features of Google's cloud solution, while articles can range from product blurbs to extremely detailed technical explanations. cloud.google.com/blog 1.2M 30 posts / month Get Email Contact

San Francisco, California, USThis section of the website features articles that have to do exclusively with cloud computing news. InfoWorld is a technology media company that provides analysis and hands-on expertise in the form of reviews and how-to articles. infoworld.com/cate.. 74.3K 4 posts / week Get Email Contact

Find cloud computing News, how-tos, features, reviews, and videos on Computerworld. computerworld.com/.. 906.9K 1 post / month Get Email Contact

San Mateo, California, USSnowflake's blog Inside the Cloud Data gives you details about around the company, thought leadership, their product and technology, data warehousing, and much more. Snowflake's founders engineered Snowflake to power the Data Cloud, where thousands of organizations have seamless access to explore, share, and unlock the true value of their data. Also in Data Engineering Blogs, Data Warehousing Blogs snowflake.com/blog 13.5K 2 posts / week Get Email Contact

London, England, UKCompare the Cloud is the web's premier resource for researching cloud computing and associated technologies ranging from AI to Machine learning and IoT. comparethecloud.net 381 2 posts / week Get Email Contact

Singapore, Singapore, SingaporeThe Cloud Security Alliance (CSA) leads the industry in offering cloud security-specific research, education, certification, events, and best practices. cloudsecurityallia.. 1.9K 6 posts / week Get Email Contact

Norwalk, Connecticut, USCovers the latest expert news, reviews & resources tailored specifically for Cloud Computing. TMCnet is the leading resource in VoIP, IP, Communications, CallCenters, CRM, & Telecom. cloud-computing.tm.. 858 13 posts / month Get Email Contact

The Diversity Limited blog is written by Ben Kepes, who is a technology evangelist, investor, commentator, and business advisor. The blog provides great analysis of all the latest cloud-related tech news and commentary on newly released business software. Despite being a one-man show, the blog includes hundreds of articles and is sometimes updated a few times a day. diversity.net.nz 2.7K 1.4K 1 post / week Get Email Contact

Pompano Beach, Florida, USBoost your business with additional pace using application hosting services from Ace Cloud Hosting. Best advice, research, how-tos, and insights to help your accounting and cloud technology practices. ACE is a renowned Cloud Solutions Provider and has established itself as a leader in Application Hosting, Managed Security Services, Public Cloud, and Hosted Virtual Desktop Solutions. acecloudhosting.co.. 545 10 posts / week Get Email Contact

London, England, UKOur aim is to assist IT professionals to navigate an increasingly cluttered information landscape by understanding the real issues and consistently delivering relevant, high-quality content to enrich knowledge and expertise. Subscribe us to keep up with latest Cloud Computing Articles from ComputerworldUK computerworld.com/.. 3K 1 post / week Get Email Contact

Berlin, GermanyCovers best news, articles, tips & reviews all around the cloud. Cloudwards reviews software & privacy tools to keep your data and identity safe. cloudwards.net/art.. 625 9 posts / week Get Email Contact

SwitzerlandCharbel Nemnom is a Cloud Solutions Architect and Microsoft MVP and a totally fan of the latest's IT platform solutions. Keep up with updates on data center management solutions and a lot more. charbelnemnom.com 193 116 1 post / day Get Email Contact

Boston, Massachusetts, USRick's Cloud is a Cloud Computing Blog by Rick Blaisdell. rickscloud.com 1 post / week Get Email Contact

San Francisco, California, USStay up-to-date on the latest technology trends and best practices on everything cloud with technical cloud feature announcements, industry trends, and training material. Cloud Academy is a technology training platform for enterprise multi-cloud infrastructure. cloudacademy.com/blog 18K 6 posts / month Get Email Contact

USFounded in 2011 as one of the world's first cloud-to-cloud backup services for Google Apps and Salesforce, CloudAlly led the industry and pioneered the first commercially available Microsoft Office 365 cloud backup in 2014. The blog provides cloud to cloud backup solutions for Office 365, G Suite, Sharepoint, Box. cloudally.com/blog 4 posts / month Get Email Contact

Orlando, Florida, USBuild5Nines is your trusted source for cloud and enterprise technology information and all the tutorials, articles and videos are focused on helping you to be more productive with it. build5nines.com 2 posts / week Get Email Contact

Montreal, Quebec, CanadaThis blog includes launches, basic cloud computing articles, and any news or updates on their CloudConsole. VEXXHOST is a leading Canadian OpenStack cloud infrastructure as a service (IaaS) provider for private, public, and hybrid clouds. vexxhost.com/blog 991 1.1K 1 post / quarter Get Email Contact

Wales, UKMy name is John Lunn and I am a Microsoft Technical Architect focussed on Microsoft's Cloud Services of Azure and M365 for BT Enterprise who are my full time employer. I have always been a Science and Technology enthusiast, so working with Technology is a great way to get paid to do your hobby! I have over 20 years working experience within IT ranging from analyst to developer, from consulting to architecture. jonnychipz.com/blo.. 1 post / week Jan 2014 Get Email Contact

Kolkata, West Bengal, IndiaWelcome to CloudKatha - A platform, where we will be sharing our experience of designing, developing, and deploying applications into the AWS cloud environment. Also in AWS Blogs cloudkatha.com 214 4 posts / month Jul 2020 Get Email Contact

Maharashtra, IndiaBlazeclan is a born-in-cloud, strategic partner of choice to organizations that want to deliver business excellence using the cloud as a tool. Read the Blazeclan Blog for new ideas, the latest updates, and discussion around cloud computing from leading industry experts. blazeclan.com/blog 1.5K 1 post / week Get Email Contact

CanadaCovers cloud technology insights from cloud experts. WatServ is an IT solutions provider that helps clients digitally transform their business through cloud technologies and managed services. watserv.com/blog 69 2 posts / week Get Email Contact

Bangalore, Karnataka, IndiaStay up-to-date on the latest technology trends and best practices on Amazon Web Services (AWS). Also read articles and resources on AWS Digital transformation. Rapyder Cloud Solutions is Cloud Company, with expertise in Cloud Computing Solutions, Big Data, Marketing & Commerce, DevOps and Managed Service. rapyder.com/blogs 1.2K 3 posts / month Apr 2017 Get Email Contact

Los Angeles, California, USWe are a CIO strategic advisory firm leading companies through business and digital transformation while leveraging emerging technologies. AVOA is a research and advisory services firm that works with both enterprise end-users and vendors focusing on the intersection of business & technology. Also in CIO Blogs avoa.com 2 posts / week Get Email Contact

Chandler, Arizona, USBlog Posts and Technical Articles from Cloud Computing Technologies on topics of Agile Software Development, Microservices, and Kubernetes. cloudcomputingtech.. 1 post / week Get Email Contact

Herndon, Virginia, USIdexcel is a professional IT services and AWS cloud consulting company specializing in aws cloud services, application services and data services. idexcel.com/blog 1.8K 9 posts / year Jun 2014 Get Email Contact

Updates on enterprise insights, agile business, digital reimagination, and assurance from the cloud leader. Suneratech is a leading cloud-based platforms and enterprise solutions provider specializing in Oracle applications and technologies. suneratech.com/blog 2K 4 posts / quarter Feb 2016 Get Email Contact

ItalySilvio Di Benedetto is founder and CEO at Inside Technologies. He provides latest insight on Microsoft, Azure, Windows Server, Active Directory, Data Protection Manager, Veeam Backup & Replication, Virtualization, Windows Server 2016. His experience includes leading and managing process and operations for different kind of projects. silviodibenedetto.com 91 2 posts / quarter Get Email Contact

IndiaEverything you want to know about cloud and virtualization. Keep yourself updated with the latest cloud technologies. cloudwithease.com 9.3K 13 posts / month Get Email Contact

Posts about Cloud written by Tech Wizard (Sukhija Vikas) techwizard.cloud/c.. 1.8K 2 posts / month May 2010 Get Email Contact

Anto Online, the anything Cloud related blog! Learn about PHP, Linux, AWS and more. anto.online 1 post / month Apr 2018 Get Email Contact

At Devrims official blog, we cover all relevant Cloud Industry news, insights, App tutorials, tips, and useful resources for our users & readers. Devrims is an Aggregator of the Website Hosting Solutions with an advanced Managed Cloud Hosting Platform where users can host their websites on their Own Terms. devrims.com/blog 96 1 post / month Get Email Contact

SingaporeWe are cloud thinkers, engineers and transformation enablers. Having pioneered cloud transformation and migration projects for multi-billion dollar businesses across the globe, we bring you the best of cloud practices, frameworks and domain knowledge. We are cloud thinkers, engineers and transformation enablers. As a born-in-cloud company, everyone in the team thinks 'cloud-first'. 1cloudhub.com/blog 2 posts / month Get Email Contact

San Jose, California, USCisco is the worldwide technology leader that has been making the Internet work. Our people, products, and partners help society securely connect and seize tomorrow's digital opportunity today. Follow to keep up with cloud computing articles from Cisco. blogs.cisco.com/ta.. 2M 377.2K Jun 2010 Get Email Contact

Armonk, New York, USThoughts on Cloud is a leading source of insights, news and analysis for the cloud community, presented by IBM and powered by exclusive commentary from IBM thought leaders and industry experts, along with curated, relevant cloud computing news from around the globe. Also in IBM Blogs ibm.com/blogs/clou.. 241.4K Jun 2011 Get Email Contact

USThe blog covers a range of topics, including Amazon AWS, Azure, Cloud Hosting, Windows Cloud Servers, Windows VPS Hosting, and Hosting Enhancements. Applied Innovations is a cloud services provider specializing in Microsoft server cloud technologies. appliedi.net/blog 1.6K Get Email Contact

Washington, District of Columbia, USCloud Pundit is the blog of Lydia Leong, who covers cloud computing for Gartner as a Distinguished Analyst. This in-depth blog often discusses the findings and opinions that Lydia generates from her professional analyses, and is updated approximately once a month. cloudpundit.com 3 posts / year Get Email Contact

Virginia, USKevin Jackson is a renowned thought leader, speaker, and consultant for cloud-related technologies and business strategies. Kevin's blog discusses issues related to cloud computing and cyber security, and includes news on product launches, acquisition, and conferences. kevinljackson.blog.. Get Email Contact

West Rockport, Maine, USThe innovative THINKstrategies blog is written by Jeff Kaplan, who is its Managing Director. A leading expert in cloud computing, Jeff is a frequent guest blogger and keynote speaker on SaaS, managed services, and IOT. Also in CRM Blogs, SAAS Blogs thinkstrategies.co.. Get Email Contact

Boston, Massachusetts, USBlog posts cover industry news, cloud security, enterprise cloud storage, cloud backup, and product updates. Nasuni is the leading provider of cloud file services. nasuni.com/blog 2.1K 12 posts / year Get Email Contact

Seattle, Washington, USLearn all about Kubernetes vs Docker, K8S concepts, cloud security & compliance, and everything on Managed Kubernetes. Magalix is a cloud security enabler, leveraging security-as-code and compliance-as-code, to embed security at every stage of the software development lifecycle. magalix.com/blog 1.2K 30 posts / year Get Email Contact

USCloud Management Insider (CMI) is a community platform to keep you updated about all the disruptions happening in cloud domain. CMI exists with the sole purpose of simplifying the complex cloud ecosystem. The hunger for learning everything about Cloud; and delivering that information in the best possible way is what drives us. This is what gets us out of bed every morning and makes us hustle. cloudmanagementins.. 563 35 Get Email Contact

Atlanta, Georgia, USWe empower purposeful, performance-driven IT transformation through our portfolio of high-density colocation, managed cloud hosting, and network services. Check out quality cloud related articles here. inap.com/blog/cate.. 1.2K Get Email Contact

Cloud business reviews, trends, solutions, applications and services. cbrdigital.com 205 3 posts / year Get Email Contact

Athens, Attiki, GreeceKeep up with articles from George Markou. markou.me 5 posts / year Apr 2016 Get Email Contact

Los Angeles, California, USArticles to learn about cloud computing, VPS tips & tricks, Linux apps, and OS distros. SkySilk is a cloud services company that offers custom VPS solutions. skysilk.com/blog 2.8K Get Email Contact

Princeton, New Jersey, USThe industry's keenest insights on all news related to contemporary cloud computing. cloud-computing-to.. 3K Get Email Contact

Miami, Florida, USitopia is an automation & orchestration platform built for Google Cloud. We simplify the delivery and management of remote desktops & apps on any device itopia.com/blog 2 posts / year Get Email Contact

IndiaWe help businesses stay ahead of the curve by building solutions that enable smarter convergence of technology. indiqus.com/blog 8 posts / year Get Email Contact

AustraliaThis section of the FileWhopper Blog contains articles with reviews and fresh news on cloud storage services. FileWhopper is an online service that lets users quickly and safely transfer large files and folders over the internet. filewhopper.com/bl.. 131 Get Email Contact

Austin, Texas, USVirtasant is a leading provider of cloud, product development, and outsourcing services. We're all about the cloud. We were built in the cloud, and we function fully in the cloud. We have thousands of passionate architects, engineers, and creators working to help companies and people thrive in the cloud. With so much expert knowledge around cloud transformation, engineering, cloud architecture, cloud optimization, project management, remote work, and diversity - we have a lot to say. virtasant.com/blog 2 posts / month Jan 2020 Get Email Contact

UKContent on this site covers Cloud and all its variations of SaaS, PaaS, IaaS, Public, Private & Hybrid and its uses such as IOT (Internet of Things) and a little on sales sometimes. cloudmatters.cloud 1 post / quarter Feb 2016 Get Email Contact

GreeceStefanos Evangelou is a Cloud Computing consultant, trainer and author. Follow to get updates from this blog. stefanos.cloud/blog 29 posts / year Get Email Contact

cloudmantra is a 'born in the cloud' company that brings power of the cloud to organizations and consumers. As a leading technology services company, cloudmantra brings cutting-edge yet meaningful products & services to business and consumers globally. cloudmantra.net/blogs 360 1 post / year Get Email Contact

Amsterdam, Noord-Holland, NetherlandsThe Cloud Navigator brings diverse perspectives on the world of emerging technologies powered by the Cloud that grows in impact every day. thecloudnavigator.com 42 Get Email Contact

The cloud blog is a place where you can find all the information related to cloud transformation into the real world. thecloudblog.in Get Email Contact

CloudStack-Group solves the toughest challenges by providing unmatched services in strategy, consulting, digital, technology, and operations. We are your Cloud Experts. Cloudstack-Group, your technology partner on the journey from the data center to cloud. cloudstackgroup.co.. 962 1 post / year Get Email Contact

Nthacloud provides enterprise class private cloud technology at a per user price including hardware, operating software, support, internet service, remote desktop, data protection, and compliance requirements all for a fixed monthly price. nthacloud.com/blog 65 Get Email Contact

More Bloggers and Journalists covering Cloud Computing

Latest stories tagged with DevOps on Medium medium.com/tag/devops Starting my DevOps Journey: A Personal Account of Learning and Growth What is Elastic Beanstalk and How to host your application on Elastic Beanstalk? Linux/proc/pid Directory, Part Five Show More Medium Machine Learning The AWS WayThe Road to AWS Certifications#7. The AWS WayLearning Machine Learning 10 AI & ML Starters On AWS. Google Colab Notebooks for Data Science projects Medium Edge Computing The Rise of Edge Computing: How its Transforming the Industrial Landscape How STNO is Making lives easier in Complex Networking world. Will Edge Computing Replace Cloud Computing? Programming on Medium Creating AWS Batch Tasks with API CallsAttaching Scripts and Commands What Does it Take to Move to Cloud IDEs? An Industry Analysis K8s Robusta, K8s Troubleshooting Platform Better Programming Cloud Native Patterns Illustrated: Retry Pattern How Containers Took Over the World Understanding Your Cloud Cost Data for Better Decision Making Blockchain on Medium Fiat-Crypto Rampa de Acesso: A Implantao na Flux Ser mais Fcil do que Nunca! Fiat-Crypto OnRamp: Deploying On Flux Will Be Easier Than Ever! What is Decentralized Storage by FLUX (FluxDrive)? Medium Product Management A DAY IN THE LIFE OF A CLOUD PRODUCT MANAGER The future of B2B lies with cloud marketplaces Its time to productize your Cloud Security!

Johannesburg, Gauteng, South AfricaIT News Africa is Africa's premier ICT news and information website.We provide unparalleled insight into enterprise IT trends, innovation and technology in Africa to the most discerning professionals, entrepreneurs, investors and IT decision-makers. itnewsafrica.com 9K Channel has a key role in delivering cloud services, but data remains critical Reimagine public sector cloud services by harnessing shared, private sector skills The Key to Business Agility in 2023: Cloud-native

San Francisco, California, USReporting on the business of technology, startups, venture capital funding, and Silicon Valley. Technology news and analysis with a focus on founders and startup teams. . Best For: Founders, Tech Startups techcrunch.com 2.8M Jun 2005 While Amazon had a rocky year, AWS remains reliable cash cow Shadow launches cloud storage service Shadow Drive Akamai leads $38M round in Macrometa as the two strike partnership Show More TechCrunch Enterprise Surviving the SaaS tsunami: Optimize your tech stack to reduce risk and free up cash flow Massdriver wants to abstract away infrastructure to let devs focus on coding Tiger Global, YC back Rebills subscription payment platform for Latin America TechCrunch Social DigitalOcean says customer email addresses were exposed after latest Mailchimp breach TechCrunch Europe Incredibuild powers up with $35M to boost its distributed, faster approach to games and software development Paddle, the company that wants to take on Apple in IAP, raises $200M at a $1.4B valuation to supercharge SaaS payments Gensyn applies a token to distributed computing for AI developers, raises $6.5M

Palo Alto, California, USCovers emerging tech, cloud, AI, security, infra, blockchain, big data, apps, and IoT. SiliconANGLE is a modern data-driven digital media platform that creates authoritative & engaging social experiences for audiences. siliconangle.com Microsoft to cut thousands of engineering jobs, reports claim Cloud co-pilot helps to seamlessly deliver financial products SoftwareONE offers continued cloud optimization through FinOps

Hyderabad, Telangana, IndiaThe blog provides the latest insights on big data, data science and business analytics. analyticsinsight.net 40.5K Cloud Healthcare A Rapidly Growing Industry that is Impacting the Medical Management Sector Top 10 Cloud Computing Holiday Internships to apply for in Dec 2022 Top 10 Cloud Edge Computing Vendors to Lookout for in 2023

Bristol, England, UKCloudTech, part of the TechForge Media portfolio is a thriving community of professionals interested in cloud computing strategy and technology. We take the best industry research and put our own spin on it, a report from the frontline of cloud computing news, as well as feature contributions from companies at the heart of this revolution. Get in touch today to find out how we can help your organization. cloudcomputing-new.. 24.3K Public cloud revenues to jump by 26% YoY to $525B in 2023 Belfast Harbour sets sail with Oracle Fusion Cloud ERP Malware-delivering cloud apps almost tripled in 2022

Istanbul, Istanbul, TurkeyGet the latest Cloud Computing news: you can find the daily news, topics, bests, reviews, and, developments about Cloud Computing Tech and Industry. cloud7.news/cloud VMware integrated Venafis machine identity management into Tanzu Service Mesh PacketFabric and Unitas Global announce merger AWS launches its first Australian local zone in Perth

Austin, Texas, USRCR Wireless News has been providing wireless and mobile industry news, insights, and analysis to mobile and wireless industry professionals, decision-makers, policymakers, analysts and investors. Our mission is to connect, globally and locally, mobile technology professionals and companies online, in person, in print and on video. rcrwireless.com 5.9K Equinix CEO: The service provider world is very different Making sure you are really getting 5G (Reader Forum) Singularities in cellular (Analyst Angle)

Read more:

80 Best Cloud Computing Blogs and Websites - Feedspot Blog

OSullivan thinks it could have been his ideaafter all, why else would he later try to trademark it? He was also a constant presence at Compaqs Texas headquarters at the time. OSullivan located a daily planner, dated October 29, 1996, in which he had jotted down the phrase Cloud Computing: The Cloud has no Borders following a meeting with Favaloro that day. That handwritten note and the Compaq business plan, separated by two weeks, are the earliest documented references to the phrase cloud computing that Technology Review was able to locate.

There are only two people who could have come up with the term: me, at NetCentric, or George Favaloro, at Compaq or both of us together, brainstorming, says OSullivan.

Both agree that cloud computing was born as a marketing term. At the time, telecom networks were already referred to as the cloud; in engineering drawings, a cloud represented the network. What they were hunting for was a slogan to link the fast-developing Internet opportunity to businesses Compaq knew about. Computing was bedrock for Compaq, but now this messy cloud was happening, says Favaloro. And we needed a handle to bring those things together.

Their new marketing term didnt catch fire, howeverand its possible others independently coined the term at a later date. Consider the draft version of a January 1997 Compaq press release, announcing its investment in NetCentric, which described the deal as part of a strategic initiative to provide Cloud Computing to businesses. That phrase was destined to be ages ahead of its time, had not Compaqs internal PR team objected and changed it to Internet computing in the final version of the release.

In fact, Compaq eventually dropped the term entirely, along with its plans for Internet software. That didnt matter to Favaloro. Hed managed to point Compaq (which later merged with HP) toward what became a huge business selling servers to early Internet providers and Web-page hosters, like UUNet. Its ridiculous now, but the big realization we had was that there was going to be an explosion of people using servers not on their premises, says Favaloro. I went from being a heretic inside Compaq to being treated like a prophet.

For NetCentric, the cloud-computing concept ended in disappointment. OSullivan gave up using the term as he struggled to market an Internet fax serviceone app the spotty network cloud of the day could handle. Eventually, the company went belly up and closed its doors. We got drawn down a rathole, and we didnt end up launching a raft of cloud computing apps thats something that sticks with me, says OSullivan, who later took a sabbatical from the tech world to attend film school and start a nonprofit to help with the reconstruction of Iraq.

Favaloro now heads an environmental consulting firm in Waltham, Massachussetts. What is remarkable, he says, is that the cloud he and OSullivan imagined 15 years ago has become a reality. I now run a 15-person company and, in terms of making us productive, our systems are far better than those of any of big company. We bring up and roll out new apps in a matter of hours. If we like them, we keep them, if not, we abandon them. We self-administer, everything meshes, we have access everywhere, its safe, its got great uptime, its all backed up, and our costs are tiny, says Favaloro. The vision came true.

Excerpt from:

Who Coined 'Cloud Computing'? | MIT Technology Review

There are three types of cloud computing deployment models: private cloud, public cloud, and hybrid cloud.

Private cloud provides a proprietary cloud environment dedicated to a single business entity, with physical components stored on-premises or at a vendors datacenter. Because the private cloud is only accessible to a single business, this model offers a high degree of control. Advantages include customized architecture, advanced security protocols, and the ability to extend computing resources in a virtualized environment as needed. In many cases, an organization maintains a private cloud infrastructure on-site while delivering cloud computing services to internal users via the intranet. In other instances, the organization contracts with a third-party cloud vendor to host and maintain exclusive servers off site.

Public cloud uses the internet to store and manage access to data and applications. Its completely virtualized, providing an environment where shared resources are leveraged as needed. Because these resources are delivered over the web, the public cloud deployment model allows organizations to scale more easilythe ability to pay for cloud resources as needed is a huge advantage over local servers. In addition, public cloud service providers offer robust security measures to protect user data from being accessed by other tenants.

Hybrid cloud combines private and public cloud models, allowing organizations to leverage the benefits of shared resources while using existing IT infrastructure for critical security requirements. The hybrid cloud model allows companies to store confidential data internally and access it via applications running in the public cloud. To comply with privacy regulations, for example, an organization could store sensitive user data in a private cloud and perform resource-intensive computation in the public cloud.

In addition, businesses can choose to take a multi-cloud approach, which means they use more than one public cloud service. This approach can be used to distribute workloads across multiple cloud platforms, allowing organizations to optimize their environments for performance, flexibility, and cost savings.

Read the original:

What is Cloud Computing and How Does it Work? - Citrix

Cloud computing consists of three distinct types of computing services delivered remotely to clients via the internet. Clients typically pay a monthly or annual service fee to providers, to gain access to systems that deliver software as a service, platforms as a service and infrastructure as a service to subscribers. Clients who subscribe to cloud computing services can reap a variety of benefits, depending on their particular business needs at a given point in time. The days of large capital investments in software and IT infrastructure are now a thing of the past for any enterprise that chooses to adopt the cloud computing model for procurement of IT services. The ability to access powerful IT resources on an incremental basis is leveling the playing field for small and medium sized organizations, providing them with the necessary tools and technology to compete in the global marketplace, without the previously requisite investment in on premise IT resources. Clients who subscribe to computing services delivered via the cloud are able to greatly reduce the IT service expenditures for their organizations; and gain access to more agile and flexible enterprise level computing services, in the process.

Saas (Software as a Service) provides clients with the ability to use software applications on a remote basis via an internet web browser. Software as a service is also referred to as software on demand.

Clients can access SaaS applications from anywhere via the web because service providers hostapplications and their associated data at their location. The primary benefit of SaaS, is a lower cost of use, since subscriber fees require a much smaller investment than what is typically encountered under the traditional model of software delivery. Licensing fees, installation costs, maintenance fees and support fees that are routinely associated with the traditional model of software delivery can be virtually eliminated by subscribing to the SaaS model of software delivery. Examples of SaaS include: Google Applications and internet based email applications like Yahoo! Mail, Hotmail and Gmail.

PaaS (Platform as a Service) provides clients with the ability to develop and publish customizedapplications in a hosted environment via the web. It represents a new model for software developmentthat is rapidly increasing in its popularity. An example of PaaS is Salesforce.com. PaaS provides aframework for agile software development, testing, deployment and maintenance in an integratedenvironment. Like SaaS, the primary benefit of PaaS, is a lower cost of use, since subscriber fees require a much smaller investment than what is typically encountered when implementing traditional tools for software development, testing and deployment. PaaS providers handle platform maintenance and system upgrades, resulting in a more efficient and cost effective solution for enterprise softwaredevelopment.

IaaS (Infrastructure as a Service) allows clients to remotely use IT hardware and resources on a pay-as-you-go basis. It is also referred to as HaaS (hardware as a service). Major IaaS players include companies like IBM, Google and Amazon.com. IaaS employs virtualization, a method of creating and managing infrastructure resources in the cloud. IaaS provides small start up firms with a major advantage, since it allows them to gradually expand their IT infrastructure without the need for large capital investments in hardware and peripheral systems.

Originally posted here:

Introduction to Cloud Computing - Apprenda

Cloud computing challenges are numerous and thorny, to be sure. These days, everyone is in the cloud but that doesnt mean that theyve figured out how to overcome all the challenges of cloud computing.

In the RightScale 2018 State of the Cloud Report, 96 percent of IT professionals surveyed said their companies were using cloud computing services, and 92 percent were using the public cloud. On average, organizations are running about 40 percent of their workloads in the cloud, and that percentage is growing.

As companies move more applications to the cloud, the cloud market is booming. According to Gartner, the public cloud market will likely be worth $186.4 billion in 2018, up 21.4 percent over last year. The infrastructure as a service (IaaS) market is growing particularly fast. This segment alone could grow 35.9 percent this year to total $40.8 billion.

To evaluate the most popular solutions for cloud services, see our list of the top cloud computing companies

However, numerous surveys are finding that organizations still have concerns about cloud computing. While IT leaders are embracing the cloud because of the benefits it offers, they continue to face very significant cloud computing challenges, including the following:

Since the advent of the public cloud, enterprises have worried about potential security risks, and that hasnt changed. In the RightScale survey, it was the number one challenge cited by respondents, with 77 percent saying that cloud security is a challenge, including 29 percent who called it a significant challenge.

Cybersecurity experts are even more concerned about cloud security than other IT staffers are. A 2018 Crowd Research Partners survey found that 90 percent of security professionals are concerned about cloud security. More specifically, they have fears about data loss and leakage (67 percent), data privacy (61 percent) and breaches of confidentiality (53 percent).

Interestingly, though, security concerns appear to be waning as time passes, particularly among companies that have been using the cloud longer. The RightScale report noted, As companies become more experienced with cloud, the top challenge shifts. Security is the largest issue among cloud beginners, while cost becomes a bigger challenge for intermediate and advanced users.

And in a cloud analytics survey conducted by vendor Teradata, 46 percent of those surveyed pointed to increased security as a potential benefit rather than a challenge of cloud computing.

Vendors offer a myriad of solutions for dealing with cloud security threats. In addition, the Crowd Research Partners survey found that enterprises are relying on training and certification of their IT staff (57 percent) and the security tools offered by public cloud vendors (50 percent) to reduce their risk.

Image Source: RightScale 2018 State of the Cloud Report

As previously mentioned, the RightScale report found that for some organizations managing cloud spending has overtaken security as the top cloud computing challenge. By their own estimates, companies are wasting about 30 percent of the money they spend on the cloud.

Organizations make a number of mistakes that can help drive up their costs. Often, developers or other IT workers spin up a cloud instance meant to be used for a short period of time and forget to turn it back off. And many organizations find themselves stymied by the inscrutable cloud pricing schemes that offer multiple opportunities for discounts that organizations might not be utilizing.

Multiple technological solutions can help companies with cloud cost management challenges. For example cloud cost management solutions, automation, containers, serverless services, autoscaling features and the many management tools offered by the cloud vendors may help reduce the scope of the problem. Some organizations have also found success by creating a central cloud team to manage usage and expenses.

Lack of resources and expertise ranked just behind security and cost management among the top cloud implementation challenges in the RightScale survey. Nearly three-quarters (73 percent) of respondent listed it as a challenge with 27 percent saying it was a significant challenge.

While many IT workers have been taking steps to boost their cloud computing expertise, employers continue to find it difficult to find workers with the skills they need. And that trend seems likely to continue. The Robert Half Technology 2018 Salary Guide noted, Technology workers with knowledge of the latest developments in cloud, open source, mobile, big data, security and other technologies will only become more valuable to businesses in the years ahead.

Many companies are hoping to overcome this challenge by hiring more workers with cloud computing certifications or skills. Experts also recommend providing training to existing staff to help get them up to speed with the technology.

Governance and control were fourth in the list of cloud computing challenges in the RightScale survey with 71 percent of respondents calling it a challenge, including 25 percent who see it as a significant challenge.

In this case, one of the greatest benefits of cloud computing the speed and ease of deploying new computing resources can become a potential downfall. Many organizations lack visibility into the shadow IT used by their employees, and governance becomes particularly challenging in hybrid cloud and multi-cloud environments.

Experts say organizations can alleviate some of these cloud computing management issues by following best practices, including establishing and enforcing standards and policies. And multiple vendors offer cloud management software to simplify and automate the process.

The recent flurry of activity surrounding the EU General Data Protection Regulation (GDPR) has returned compliance to the forefront for many enterprise IT teams. Among those surveyed by RightScale, 68 percent cited compliance as a top cloud computing challenge, and 21 percent called it a significant challenge.

Interestingly, one aspect of the GDPR law may make compliance easier in the future. The law requires many organizations to appoint a data protection officer who oversees data privacy and security. Assuming these individuals are well-versed in the compliance needs for the organizations where they work, centralizing responsibility for compliance should help companies meet any legal or statutory obligations.

Most organizations arent using just one cloud. According to the RightScale findings, 81 percent of enterprises are pursuing a multi-cloud strategy, and 51 percent have a hybrid cloud strategy (public and private clouds integrated together). In fact, on average, companies are using 4.8 different public and private clouds.

Multi-cloud environments add to the complexity faced by the IT team. To overcome this challenge, experts recommend best practices like doing research, training employees, actively managing vendor relationships and re-thinking processes and tooling.

While launching a new application in the cloud is a fairly straightforward process, moving an existing application to a cloud computing environment is far more difficult. A Dimensional Research study sponsored by Velostrata found that 62 percent of those surveyed said their cloud migration projects were more difficult than expected. In addition, 64 percent of migration projects took longer than expected, and 55 percent exceeded their budgets.

More specifically, many of the companies migrating applications to the cloud reported time-consuming trouble-shooting (47 percent), difficulty configuring security (46 percent), slow data migration (44 percent), trouble getting migration tools to work properly (40 percent), difficulty syncing data before cutover (38 percent) and downtime during migration (37 percent).

To overcome those challenges the IT leaders surveyed said they wished they had performed more pre-migration testing (56 percent), set a longer project timeline (50 percent), hired an in-house expert (45 percent) and increased their budgets (42 percent).

Currently, a few vendors, namely Amazon Web Services, Microsoft Azure, Google Cloud Platform and IBM Cloud, dominate the public cloud market. For both analysts and enterprise IT leaders, this raises the specter of vendor lock-in.

In a Stratoscale Hybrid Cloud Survey, more than 80 percent of those surveyed expressed moderate to high levels of concern about the problem.

The increasing dominance of the hyperscale IaaS providers creates both enormous opportunities and challenges for end users and other market participants, said Sid Nag, research director at Gartner.

While it enables efficiencies and cost benefits, organizations need to be cautious about IaaS providers potentially gaining unchecked influence over customers and the market. In response to multicloud adoption trends, organizations will increasingly demand a simpler way to move workloads, applications and data across cloud providers IaaS offerings without penalties.

Experts recommend that before organizations adopt a particular cloud service they consider how easy it will be to move those workloads to another cloud should future circumstances warrant.

Many cloud computing services are on the cutting edge of technologies like artificial intelligence, machine learning, augmented reality, virtual reality and advanced big data analytics. The potential downside to access to this new and exciting technology is that the services dont always live up to enterprise expectations in terms of performance, usability and reliability.

In the Teradata survey, 83 percent of the large enterprises surveyed said that the cloud was the best place to run analytics, but 91 percent said analytics workloads werent moving to the cloud as quickly as they should. Part of the problem, cited by 49 percent of respondents, was immature or low-performing technology.

And unfortunately, the only potential cures for the problem are to adjust expectations, try to build your own solution or wait for the vendors to improve their offerings.

Lastly, many organizations, particularly those with hybrid cloud environments report challenges related to getting their public cloud and on-premise tools and applications to work together. In the Teradata survey, 30 percent of respondents said connecting legacy systems with cloud applications was a barrier to adoption.

Similarly, in a Software One report on cloud spending, 39 percent of those surveyed said connecting legacy systems was one of their biggest concerns when using the cloud.

This challenge, like the others mentioned in this article, is unlikely to disappear any time in the near future. Integrating legacy systems and new cloud-based applications requires time, skill and resources. But many organizations are finding that the benefits of cloud computing outweigh the potential downside of the technology.

Look for the trend toward cloud adoption to continue, despite the potential cloud computing challenges.

Also see: Shadow IT Security.

Continued here:

Cloud Computing Challenges & Issues | Datamation

When it comes to data storage, processing and collaboration, many businesses choose the flexibility and convenience of cloud computing over traditional local hosting and on-premise software.

With cloud computing, you can access and store data and applications online instead of on a hard drive. If your company uses Google Docs for editing and document collaboration, Dropbox or Google Drive for file storage, Slack for cross-team communications, or online CRM software for managing sales, youre using cloud computing.

Working in the cloud offers small businesses many benefits, including enhanced collaboration, easy access and fast turnaround. However, cloud computing drawbacks include security concerns and fewer customization options. Well explore cloud computing, how it works, cloud services to consider, and the pros and cons of cloud computing for small businesses.

Cloud computing is the on-demand delivery of computing services, including applications, data storage and data processing, over the internet. Youll usually pay for cloud computing services on a pay-as-you-go basis, so you pay only for the applications and cloud services you use. This approach helps lower your businesss operating costs and allows for flexible scaling.

In todays ever-changing business climate, small business owners must be able to access data and applications from their computers, tablets or mobile phones, whether in the office, out in the field or on the road. Cloud computing provides this anywhere access via an internet connection.

Did you know?: Cloud computing gets its name from the practice of drawing the internet infrastructure as a cloud in network flowcharts and patent diagrams from the 1990s.

Chances are, youre using cloud computing right now, even if you dont realize it. Cloud computing makes it possible behind the scenes, whether you use an online service like Gmail or Outlook 365 to send an email, collaborate on a document, store files or stream a video. [Related article: Best New Gmail Features for Business]

Here are some of the most common cloud computing uses:

Did you know?: The best POS systems for retail stores, restaurants, and mobile businesses offer affordable cloud-based SaaS subscription plans with regular updates and customer support.

A web host houses your organizations website and makes it accessible on the internet. You can choose a traditional web host or a cloud hosting service. Heres more on traditional hosting vs. cloud hosting.

A traditional web host uses physical server space to handle its clients web hosting needs. Within the traditional hosting space, services are either dedicated or shared. Each option has its merits.

While traditional web hosting relies on physical server space, cloud-based hosting carves virtual server space for each user. These are some key aspects of cloud web hosting:

Editors note: Looking for the right cloud backup service for your business? Fill out the below questionnaire to have our vendor partners contact you about your needs.

Cloud-computing services range from data storage to functional programs, including accounting software, customer service tools and remote desktop hosting. These services can be categorized into three models: infrastructure, platform and software as a service.

FYI: Aside from Google Workspace, Google business tools include Google Business Profile, Google Ads, and Google Analytics.

Cloud services store data and host services in three primary ways: public, private and hybrid cloud. Cloud services may pose a security risk if you choose a provider whose storage model doesnt align with your businesss size and needs.

Key takeaway: The three main cloud-storage service options are public, private and hybrid clouds. Choose a service that aligns with your businesss size and needs.

Business cloud computing use is on the rise. According to Foundrys 2020 cloud computing research, 92% of companies use services connected to or run in the cloud. Additionally, Flexera forecasts that two-thirds of SMB workloads will be in the cloud in 2022. Considering that the pandemic made online work ubiquitous, the trend is likely to continue.

Cloud computing can help businesses save time and money by boosting productivity, improving collaboration and promoting innovation. Here are some of the top benefits of adopting cloud services for your small business:

Tip: If you or members of your IT team are interested in enhancing their cloud expertise, consider Googles Cloud Certifications options to boost knowledge and earning potential.

While there are many benefits to moving your business operations to the cloud, you should be aware of several potential downsides.

By definition, cloud computing services require an internet connection. If you have an unstable or low-speed connection, your team will have trouble accessing the cloud applications and data they need to perform their work. Additionally, repeated downtimes, lags and errors due to a spotty internet connection may reduce their productivity.

Ensuring your team has access to a high-quality, high-speed connection can easily address this cloud computing drawback.

Even though 52% of companies experience better security in the cloud than with onsite IT environments, a perceived lack of cloud security remains a concern for many small business owners.

The key to maximizing security is finding a reputable cloud service provider, understanding its contingency plans in the event of a security breach and taking your own steps to bolster security. To improve cybersecurity, ensure theres sufficient data encryption, implement additional authentication measures, introduce a data loss prevention (DLP) solution, and establish clear communication between management, your IT team and the cloud provider to minimize security incidents and formulate a clear response plan. [Follow these cybersecurity tips that take less than an hour to implement.]

Ask cloud computing vendors these 10 security questions before signing up for their services:

Compliance is an issue for any business that uses backup services or cloud storage. In fact, according to a survey by Statista, 44% of companies consider compliance to be their biggest cloud computing challenge.

Every time your company moves data from internal storage to a cloud, it must comply with industry laws and regulations. For example, healthcare organizations must comply with HIPAA rules, retail companies must comply with SOX and PCI DSS regulations, and companies dealing with the European market must comply with GDPR standards.

While many established cloud providers have aligned themselves with relevant accreditation programs, your company is ultimately responsible for ensuring that all data processes and workloads are compliant.

Tip: Conduct a regular compliance audit that includes information from all your cloud providers.

While cloud computing offers the benefit of not managing complex infrastructure like servers in-house, saving your company time, money and effort, this means less control over your companys software, systems and computing assets.

With less oversight and control, it becomes harder to assess security system efficiency, implement incident responses, or get a complete overview of data and user activity to identify abnormal patterns and potential breaches.

To mitigate this lack of control, assess every new cloud providers allowed visibility level, and determine what measures it takes to prevent data breaches. You can also use a monitoring tool or set up an API to help you get insights into your data.

Implementing any new technology requires training personnel and establishing an effective troubleshooting system during and after the launch. Initially, you may also encounter resistance among your employees, especially those unfamiliar with cloud technology.

However, once you establish the onboarding process, determine IT team members responsible for implementing and adopting cloud services, and outline the benefits of cloud operations, you can get your company on track in no time.

Key takeaway: Do your due diligence with the services you investigate to inquire about their security protocols and compliance standards, train your staff about using the cloud solution, and follow best practices to ensure your data is safe from unauthorized users.

While we addressed potential security issues as a cloud computing drawback above, its essential to understand precisely what can go wrong in a cloud computing setup.

According to Check Points 2022 Cloud Security Report, some of the most pressing cloud security challenges are incorrect cloud infrastructure setup, unauthorized access and insecure APIs.

If youre considering moving your operations to the cloud or implementing cloud services, consider these top cybersecurity risks.

Ease of access makes cloud computing attractive to many small businesses, but its also the source of potential security risks. In many organizations, employees have varying cloud service access levels. The more people and access levels involved, the easier it is to overlook an unauthorized access setting.

Additionally, the infrastructures cloud nature means companies must rely on their providers security controls. These controls arent always straightforward, opening more avenues for misconfiguration.

To mitigate this security risk and streamline access management, track all levels of access your team members have to various cloud services. You can even create a basic tracking document in Google Sheets if you keep it updated. Conducting regular cybersecurity audits that include security details and protocols from all cloud providers can also reduce the risk.

APIs allow better control and visibility into your cloud systems and applications. However, external APIs are often insecure and provide an entry point for potential cyberattacks that can compromise confidential data and manipulate services.

According to the Salts State of API Security Report for Q1 2022, API attack traffic increased nearly 700% from December 2020 to December 2021, showing that its a serious threat to small businesses.

Building in-house APIs can significantly reduce this security risk. However, not all businesses have the internal expertise or resources to do this. To mitigate the risks, implement authentication and authorization practices, encrypt traffic using TLS/SSL, validate input, log API activity, use API firewalls, and conduct a regular audit and penetration testing to identify and fix outdated APIs.

Two-thirds of the respondents in Bitglass 2020 Cloud Security Report named data loss and leakage as their biggest cloud computing security concern. Aside from malware attacks, cloud data can be lost if the cloud provider accidentally deletes it, if theres a physical catastrophe like a fire or earthquake that damages remote servers, or if an encryption key is lost.

To reduce the risk of data loss, ensure you back up all your data stored in the cloud. At the very minimum, you should follow the 3-2-1 rule of secure backups:

Also implement a cloud DLP solution that protects your data from unauthorized access and automatically disables access when suspicious activity is detected.

Tip: To mitigate the damage of a small business data breach, get cyber insurance that protects against losses from ransomware and other cyberthreats.

The cost of cloud computing varies widely, depending mainly on the cloud service you need. Heres a general idea of typical costs:

Cloud-based software pricing also depends on the industry. Other factors that affect pricing include the number of users, how you will launch and distribute the software across the company, and priority tech support options.

View post:

How Cloud Computing Can Benefit Your Small Business

Understanding Cloud Provider And Customer Responsibilities to Ensure Cloud Security

Discover what the shared responsibility model means to you, as a cloud customer, why understanding it is vital, and how Fortinet Adaptive Cloud Security can help address the areas that you still own, whichever cloud you choose.

Whenever there is a security breach in the cloud, companies lose money, time, and resources as they try to recover. The downtime that results from a cloud breach can cause significant operational setbacks applications and data in the cloud, and cloud-connected devices and networks can be exposed to a numerous threats.

While maintaining a security system for an in-house network is often managed by an internal IT team, whenever you put data or systems on the cloud, your valuable digital assets are, essentially, under someone elses care. To minimize the resulting inherent risk, a robust cloud security system is necessary.

Here are just a few of the benefits of cloud security:

1. Safer Remote Work Environment

One of the top advantages of incorporating cloud computing into your operations is data accessibility. Anytime an employee has an internet connection, they can interact with the content or systems they need to do their jobs. This gives your company flexibility and agility.

A problem may arise, however, if employees access your cloud infrastructure through unsafe means. For example, if someone slips into a coffee shop, they may sign in using a public network. This leaves your cloud network exposed to any bad actors who may be looking for opportunities on that public, vulnerable connection.

Also, when employees use their personal devicesor take devices from work home with themthey can accidentally expose them to malicious software. When they connect to your cloud environment, anything that sneaked onto their computer or devicesuch as malware or Trojanscould be used to invade your cloud system.

The only way to guard against these kinds of inroads into your infrastructure is to institute a powerful cloud security system.

2. Ensure Safer Stores of Data

Many companies use a cloud environment to back up their data. In the event of a disaster, it is easy to get things up and running because all you have to do is connect to the cloud and grab what you need. However, if this data is not secure, you could end up downloading corrupted files. If these were allowed to penetrate your system, they could affect not just your businesss network and devices but those of customers as well.

A cloud data security system helps shield valuable data from dangerous software, organizations, or people.

3. Meet Regulatory Requirements

In certain sectors, the degree to which you keep data secure can determine whether you are on the right or wrong side of the law. For example, with current Health Insurance Portability and Accountability Act (HIPAA) and General Data Protection Regulation (GDPR) laws, a lax security system could result in the exposure of sensitive datato the extent that you fall out of line with current legislation.

A strong cloud security solution can help you prevent a security slip-up from having serious legal ramifications for your company. This is especially important in light of the fact that those who enforce the law often feel obligated to find someone to blame when things go wrong. A security breach could put your organization in the crosshairs, resulting in bad press, legal battles, and lost shareholder confidence. On the other hand, a complete cloud data security system could prevent problems before they begin.

4. Keep Data in and Attackers Out

A cloud system without thorough security measures in place can be like a data sieve. With so many users accessing the network via a wide selection of devices, it is easy for data to get leaked to the wrong person. Additionally, an unprotected cloud system is a convenient attack surface for hackers.

A cloud security system acts like the door to a vault. It keeps valuable data inside while keeping criminal elements out.

See more here:

What Is Cloud Security? Cloud Security Defined - Fortinet

Amazon (AMZN 3.81%) struck gold with its cloud computing arm, Amazon Web Services. AWS accounts for around one-third of global cloud infrastructure spending, and it's far more profitable than the company's e-commerce business. Through the first nine months of 2022, AWS generated $58.7 billion of revenue and $17.6 billion of operating income, good for a segment operating margin of 30%.

How does AWS generate such incredible profits? One reason is that customers don't pay much attention to their cloud computing bills. Flexera estimates that roughly 32% of all cloud spending from organizations is completely wasted. That waste comes from idle resources, resources that organizations have lost track of, and the over-provisioning of resources.

On top of waste, many companies likely have room to optimize their cloud computing spending. A start-up trying to get to market quickly during a period of booming demand, for example, isn't going to spend much time worrying about cloud computing costs. That start-up might write inefficient code that uses more resources or bandwidth than would otherwise be necessary for the sake of expediency, or it might use expensive services that it can get up and running quickly.

This waste and inefficiency don't matter much when companies are more focused on growth than on costs. But the environment has shifted. Sky-high inflation and recession fears are taking their toll on companies' results, and cost-cutting is now the order of the day. Reducing cloud computing expense is low-hanging fruit.

Demand for cloud infrastructure is slowing as companies grapple with the current economic environment. The cloud offers a lot of benefits, and it should be a growth market for many years to come. But that doesn't mean that the excessive profits generated by the market leader will necessarily persist.

Amazon is seeing customers take a hard look at cloud costs, and in some cases, they're moving data to cheaper storage tiers and moving workloads to cheaper instances. As companies go through their cloud spending with a fine-tooth comb, they're likely to find that they're spending substantially more than they really need to be spending.

On top of this whittling of existing workloads, enterprise customers may start to slow down or pause the digital transformation initiatives that have been all the rage over the past few years. Moving workloads from on-premises data centers to the cloud gains flexibility and a more modern IT stack, but it's certainly not a cost-cutting measure. Cloud computing can be expensive, especially compared to running workloads in data centers that already exist.

Some companies are ditching the cloud altogether, which could turn into a trend as slashing costs becomes the primary focus. A notable example is upstart email provider HEY, which announced last October that it was done with cloud computing. HEY co-founder David Heinemeier Hansson argued that the company had reached a large enough size to justify owning and operating its own infrastructure, and that he'd never heard of any organization being able to downsize their operations team simply by moving to the cloud.

As all of this is happening, energy costs are much higher than they were before the pandemic. AWS uses a lot of electricity, and the company is facing this particular cost headwind for the first time in its history.

Amazon was a first mover in the cloud infrastructure market -- one that enabled rapid innovation from start-ups and eventually drew in enterprises looking to modernize. In the long run, demand for cloud infrastructure should grow at a healthy pace.

But there's a lot more competition now than there was in the past. Microsoft Azure is catching up fast in terms of market share; Alphabet's Google Cloud is growing quickly; and a host of smaller cloud providers like DigitalOcean are going after customers looking for simpler platforms.

AWS's fat profit margins are those competitors' opportunities, to paraphrase Amazon founder Jeff Bezos. As demand for cloud infrastructure cools amid a tough economy, Amazon's most profitable business is likely to face some serious headwinds.

Suzanne Frey, an executive at Alphabet, is a member of The Motley Fool's board of directors. John Mackey, former CEO of Whole Foods Market, an Amazon subsidiary, is a member of The Motley Fool's board of directors. Timothy Green has positions in DigitalOcean. The Motley Fool has positions in and recommends Alphabet, Amazon.com, DigitalOcean, and Microsoft. The Motley Fool has a disclosure policy.

Read more:

Why Amazon's Impressive Cloud Computing Profits Could Slip

Introduction

With the proliferation and widespread adoption of cloud computing solutions, HIPAA covered entities and business associates are questioning whether and how they can take advantage of cloud computing while complying with regulations protecting the privacy and security of electronic protected health information (ePHI). This guidance assists such entities, including cloud services providers (CSPs), in understanding their HIPAA obligations.

Cloud computing takes many forms. This guidance focuses on cloud resources offered by a CSP that is an entity legally separate from the covered entity or business associate considering the use of its services. CSPs generally offer online access to shared computing resources with varying levels of functionality depending on the users requirements, ranging from mere data storage to complete software solutions (e.g., an electronic medical record system), platforms to simplify the ability of application developers to create new products, and entire computing infrastructure for software programmers to deploy and test programs. Common cloud services are on-demand internet access to computing (e.g., networks, servers, storage, applications) services. We encourage covered entities and business associates seeking information about types of cloud computing services and technical arrangement options to consult a resource offered by the National Institute of Standards and Technology; SP 800-145, The NIST Definition of Cloud Computing.[1]

The HIPAA Privacy, Security, and Breach Notification Rules (the HIPAA Rules) establish important protections for individually identifiable health information (called protected health information or PHI when created, received, maintained, or transmitted by a HIPAA covered entity or business associate), including limitations on uses and disclosures of such information, safeguards against inappropriate uses and disclosures, and individuals rights with respect to their health information. Covered entities and business associates must comply with the applicable provisions of the HIPAA Rules. A covered entity is a health plan, a health care clearinghouse, or a health care provider who conducts certain billing and payment related transactions electronically. A business associate is an entity or person, other than a member of the workforce of a covered entity, that performs functions or activities on behalf of, or provides certain services to, a covered entity that involve creating, receiving, maintaining, or transmitting PHI. A business associate also is any subcontractor that creates, receives, maintains, or transmits PHI on behalf of another business associate.

When a covered entity engages the services of a CSP to create, receive, maintain, or transmit ePHI (such as to process and/or store ePHI), on its behalf, the CSP is a business associate under HIPAA. Further, when a business associate subcontracts with a CSP to create, receive, maintain, or transmit ePHI on its behalf, the CSP subcontractor itself is a business associate. This is true even if the CSP processes or stores only encrypted ePHI and lacks an encryption key for the data. Lacking an encryption key does not exempt a CSP from business associate status and obligations under the HIPAA Rules. As a result, the covered entity (or business associate) and the CSP must enter into a HIPAA-compliant business associate agreement (BAA), and the CSP is both contractually liable for meeting the terms of the BAA and directly liable for compliance with the applicable requirements of the HIPAA Rules.

This guidance presents key questions and answers to assist HIPAA regulated CSPs and their customers in understanding their responsibilities under the HIPAA Rules when they create, receive, maintain or transmit ePHI using cloud products and services.

Yes, provided the covered entity or business associate enters into a HIPAA-compliant business associate contract or agreement (BAA) with the CSP that will be creating, receiving, maintaining, or transmitting electronic protected health information (ePHI) on its behalf, and otherwise complies with the HIPAA Rules. Among other things, the BAA establishes the permitted and required uses and disclosures of ePHI by the business associate performing activities or services for the covered entity or business associate, based on the relationship between the parties and the activities or services being performed by the business associate. The BAA also contractually requires the business associate to appropriately safeguard the ePHI, including implementing the requirements of the Security Rule. OCR has created guidance on the elements of BAAs[2]

A covered entity (or business associate) that engages a CSP should understand the cloud computing environment or solution offered by a particular CSP so that the covered entity (or business associate) can appropriately conduct its own risk analysis and establish risk management policies, as well as enter into appropriate BAAs. See 45 CFR 164.308(a)(1)(ii)(A); 164.308(a)(1)(ii)(B); and 164.502. Both covered entities and business associates must conduct risk analyses to identify and assess potential threats and vulnerabilities to the confidentiality, integrity, and availability of all ePHI they create, receive, maintain, or transmit. For example, while a covered entity or business associate may use cloud-based services of any configuration (public, hybrid, private, etc.),[3] provided it enters into a BAA with the CSP, the type of cloud configuration to be used may affect the risk analysis and risk management plans of all parties and the resultant provisions of the BAA.

In addition, a Service Level Agreement (SLA)[4] is commonly used to address more specific business expectations between the CSP and its customer, which also may be relevant to HIPAA compliance. For example, SLAs can include provisions that address such HIPAA concerns as:

If a covered entity or business associate enters into a SLA with a CSP, it should ensure that the terms of the SLA are consistent with the BAA and the HIPAA Rules. For example, the covered entity or business associate should ensure that the terms of the SLA and BAA with the CSP do not prevent the entity from accessing its ePHI in violation of 45 CFR 164.308(b)(3), 164.502(e)(2), and 164.504(e)(1).[6]

In addition to its contractual obligations, the CSP, as a business associate, has regulatory obligations and is directly liable under the HIPAA Rules if it makes uses and disclosures of PHI that are not authorized by its contract, required by law, or permitted by the Privacy Rule. A CSP, as a business associate, also is directly liable if it fails to safeguard ePHI in accordance with the Security Rule, or fails to notify the covered entity or business associate of the discovery of a breach of unsecured PHI in compliance with the Breach Notification Rule.

For more information about the Security Rule, see OCR and ONC tools for small entities[7] and OCR guidance on SR compliance.[8]

Yes, because the CSP receives and maintains (e.g., to process and/or store) electronic protected health information (ePHI) for a covered entity or another business associate. Lacking an encryption key for the encrypted data it receives and maintains does not exempt a CSP from business associate status and associated obligations under the HIPAA Rules. An entity that maintains ePHI on behalf of a covered entity (or another business associate) is a business associate, even if the entity cannot actually view the ePHI.[9] Thus, a CSP that maintains encrypted ePHI on behalf a covered entity (or another business associate) is a business associate, even if it does not hold a decryption key [10] and therefore cannot view the information. For convenience purposes this guidance uses the term no-viewservices to describe the situation in which the CSP maintains encrypted ePHI on behalf of a covered entity (or another business associate) without having access to the decryption key.

While encryption protects ePHI by significantly reducing the risk of the information being viewed by unauthorized persons, such protections alone cannot adequately safeguard the confidentiality, integrity, and availability of ePHI as required by the Security Rule. Encryption does not maintain the integrity and availability of the ePHI, such as ensuring that the information is not corrupted by malware, or ensuring through contingency planning that the data remains available to authorized persons even during emergency or disaster situations. Further, encryption does not address other safeguards that are also important to maintaining confidentiality, such as administrative safeguards to analyze risks to the ePHI or physical safeguards for systems and servers that may house the ePHI.

As a business associate, a CSP providing no-view services is not exempt from any otherwise applicable requirements of the HIPAA Rules. However, the requirements of the Rules are flexible and scalable to take into account the no-view nature of the services provided by the CSP.

All CSPs that are business associates must comply with the applicable standards and implementation specifications of the Security Rule with respect to ePHI. However, in cases where a CSP is providing only no-view services to a covered entity (or business associate) customer, certain Security Rule requirements that apply to the ePHI maintained by the CSP may be satisfied for both parties through the actions of one of the parties. In particular, where only the customer controls who is able to view the ePHI maintained by the CSP, certain access controls, such as authentication or unique user identification, may be the responsibility of the customer, while others, such as encryption, may be the responsibility of the CSP business associate. Which access controls are to be implemented by the customer and which are to be implemented by the CSP may depend on the respective security risk management plans of the parties as well as the terms of the BAA. For example, if a customer implements its own reasonable and appropriate user authentication controls and agrees that the CSP providing no-view services need not implement additional procedures to authenticate (verify the identity of) a person or entity seeking access to ePHI, these Security Rule access control responsibilities would be met for both parties by the action of the customer.

However, as a business associate, the CSP is still responsible under the Security Rule for implementing other reasonable and appropriate controls to limit access to information systems that maintain customer ePHI. For example, even when the parties have agreed that the customer is responsible for authenticating access to ePHI, the CSP may still be required to implement appropriate internal controls to assure only authorized access to the administrative tools that manage the resources (e.g., storage, memory, network interfaces, CPUs) critical to the operation of its information systems. For example, a CSP that is a business associate needs to consider and address, as part of its risk analysis and risk management process, the risks of a malicious actor having unauthorized access to its systems administrative tools, which could impact system operations and impact the confidentiality, integrity and availability of the customers ePHI. CSPs should also consider the risks of using unpatched or obsolete administrative tools. The CSP and the customer should each confirm in writing, in either the BAA or other documents, how each party will address the Security Rule requirements.

Note that where the contractual agreements between a CSP and customer provide that the customer will control and implement certain security features of the cloud service consistent with the Security Rule, and the customer fails to do so, OCR will consider this factor as important and relevant during any investigation into compliance of either the customer or the CSP. A CSP is not responsible for the compliance failures that are attributable solely to the actions or inactions of the customer, as determined by the facts and circumstances of the particular case.

A business associate may only use and disclose PHI as permitted by its BAA and the Privacy Rule, or as otherwise required by law. While a CSP that provides only no-view services to a covered entity or business associate customer may not control who views the ePHI, the CSP still must ensure that it itself only uses and discloses the encrypted information as permitted by its BAA and the Privacy Rule, or as otherwise required by law. This includes, for example, ensuring the CSP does not impermissibly use the ePHI by blocking or terminating access by the customer to the ePHI.[11]

Further, a BAA must include provisions that require the business associate to, among other things, make available PHI as necessary for the covered entity to meet its obligations to provide individuals with their rights to access, amend, and receive an accounting of certain disclosures of PHI in compliance with 45 CFR 164.504(e)(2)(ii)(E)-(G). The BAA between a no-view CSP and a covered entity or business associate customer should describe in what manner the no-view CSP will meet these obligations for example, a CSP may agree in the BAA that it will make the ePHI available to the customer for the purpose of incorporating amendments to ePHI requested by the individual, but only the customer will make those amendments.

As a business associate, a CSP that offers only no-view services to a covered entity or business associate still must comply with the HIPAA breach notification requirements that apply to business associates. In particular, a business associate is responsible for notifying the covered entity (or the business associate with which it has contracted) of breaches of unsecured PHI. See 45 CFR 164.410. Unsecured PHI is PHI that has not been destroyed or is not encrypted at the levels specified in HHS Guidance to Render Unsecured Protected Health Information Unusable, Unreadable, or Indecipherable to Unauthorized Individuals [12] If the ePHI that has been breached is encrypted consistent with the HIPAA standards set forth in 45 CFR 164.402(2) and HHS Guidance [13] the incident falls within the breach safe harbor and the CSP business associate is not required to report the incident to its customer. However, if the ePHI is encrypted, but not at a level that meets the HIPAA standards or the decryption key was also breached, then the incident must be reported to its customer as a breach, unless one of the exceptions to the definition of breach applies. See 45 CFR 164.402. See also 45 CFR 164.410 for more information about breach notification obligations for business associates.

Generally, no. CSPs that provide cloud services to a covered entity or business associate that involve creating, receiving, or maintaining (e.g., to process and/or store) electronic protected health information (ePHI) meet the definition of a business associate, even if the CSP cannot view the ePHI because it is encrypted and the CSP does not have the decryption key.

As explained in previous guidance,[14] the conduit exception is limited to transmission-only services for PHI (whether in electronic or paper form), including any temporary storage of PHI incident to such transmission. Any access to PHI by a conduit is only transient in nature. In contrast, a CSP that maintains ePHI for the purpose of storing it will qualify as a business associate, and not a conduit, even if the CSP does not actually view the information, because the entity has more persistent access to the ePHI.

Further, where a CSP provides transmission services for a covered entity or business associate customer, in addition to maintaining ePHI for purposes of processing and/or storing the information, the CSP is still a business associate with respect to such transmission of ePHI. The conduit exception applies where the only services provided to a covered entity or business associate customer are for transmission of ePHI that do not involve any storage of the information other than on a temporary basis incident to the transmission service.

OCR does not endorse, certify, or recommend specific technology or products.

If a covered entity (or business associate) uses a CSP to maintain (e.g., to process or store) electronic protected health information (ePHI) without entering into a BAA with the CSP, the covered entity (or business associate) is in violation of the HIPAA Rules. 45 C.F.R 164.308(b)(1) and 164.502(e). OCR has entered into a resolution agreement and corrective action plan with a covered entity that OCR determined stored ePHI of over 3,000 individuals on a cloud-based server without entering into a BAA with the CSP.[15]

Further, a CSP that meets the definition of a business associate that is a CSP that creates, receives, maintains, or transmits PHI on behalf of a covered entity or another business associate must comply with all applicable provisions of the HIPAA Rules, regardless of whether it has executed a BAA with the entity using its services. See 78 Fed. Reg. 5565, 5598 (January 25, 2013). OCR recognizes that there may, however, be circumstances where a CSP may not have actual or constructive knowledge that a covered entity or another business associate is using its services to create, receive, maintain, or transmit ePHI. The HIPAA Rules provide an affirmative defense in cases where a CSP takes action to correct any non-compliance within 30 days (or such additional period as OCR may determine appropriate based on the nature and extent of the non-compliance) of the time that it knew or should have known of the violation (e.g., at the point the CSP knows or should have known that a covered entity or business associate customer is maintaining ePHI in its cloud). 45 CFR 160.410. This affirmative defense does not, however, apply in cases where the CSP was not aware of the violation due to its own willful neglect.

If a CSP becomes aware that it is maintaining ePHI, it must come into compliance with the HIPAA Rules, or securely return the ePHI to the customer or, if agreed to by the customer, securely destroy the ePHI. Once the CSP securely returns or destroys the ePHI (subject to arrangement with the customer), it is no longer a business associate. We recommend CSPs document these actions.

While a CSP maintains ePHI, the HIPAA Rules prohibit the CSP from using or disclosing the data in a manner that is inconsistent with the Rules.

Yes. The Security Rule at 45 CFR 164.308(a)(6)(ii) requires business associates to identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the business associate; and document security incidents and their outcomes. In addition, the Security Rule at 45 CFR 164.314(a)(2)(i)(C) provides that a business associate agreement must require the business associate to report, to the covered entity or business associate whose electronic protected health information (ePHI) it maintains, any security incidents of which it becomes aware. A security incident under 45 CFR 164.304 means the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system. Thus, a business associate CSP must implement policies and procedures to address and document security incidents, and must report security incidents to its covered entity or business associate customer.

The Security Rule, however, is flexible and does not prescribe the level of detail, frequency, or format of reports of security incidents, which may be worked out between the parties to the business associate agreement (BAA). For example, the BAA may prescribe differing levels of detail, frequency, and formatting of reports based on the nature of the security incidents e.g., based on the level of threat or exploitation of vulnerabilities, and the risk to the ePHI they pose. The BAA could also specify appropriate responses to certain incidents and whether identifying patterns of attempted security incidents is reasonable and appropriate.

Note, though, that the Breach Notification Rule specifies the content, timing, and other requirements for a business associate to report incidents that rise to the level of a breach of unsecured PHI to the covered entity (or business associate) on whose behalf the business associate is maintaining the PHI. See 45 CFR 164.410. The BAA may specify more stringent (e.g., more timely) requirements for reporting than those required by the Breach Notification Rule (so long as they still also meet the Rules requirements) but may not otherwise override the Rules requirements for notification of breaches of unsecured PHI.

For more information on this topic, see the FAQ about reporting security incidents(although directed to plan sponsors and group health plans, the guidance is also relevant to business associates); [16] as well as OCR breach notification guidance [17]

Yes. Health care providers, other covered entities, and business associates may use mobile devices to access electronic protected health information (ePHI) in a cloud as long as appropriate physical, administrative, and technical safeguards are in place to protect the confidentiality, integrity, and availability of the ePHI on the mobile device and in the cloud, and appropriate BAAs are in place with any third party service providers for the device and/or the cloud that will have access to the e-PHI. The HIPAA Rules do not endorse or require specific types of technology, but rather establish the standards for how covered entities and business associates may use or disclose ePHI through certain technology while protecting the security of the ePHI by requiring analysis of the risks to the ePHI posed by such technology and implementation of reasonable and appropriate administrative, technical, and physical safeguards to address such risks. OCR and ONC have issued guidance on the use of mobile devices and tips for securing ePHI on mobile devices. [18]

No, the HIPAA Rules generally do not require a business associate to maintain electronic protected health information (ePHI) beyond the time it provides services to a covered entity or business associate. The Privacy Rule provides that a business associate agreement (BAA) must require a business associate to return or destroy all PHI at the termination of the BAA where feasible. See 45 CFR 164.504(e)(2)(ii)(J).

If such return or destruction is not feasible, the BAA must extend the privacy and security protections of the BAA to the ePHI and limit further uses and disclosures to those purposes that make the return or destruction of the information infeasible. For example, return or destruction would be considered infeasible if other law requires the business associate CSP to retain ePHI for a period of time beyond the termination of the business associate contract.[19]

Yes, provided the covered entity (or business associate) enters into a business associate agreement (BAA) with the CSP and otherwise complies with the applicable requirements of the HIPAA Rules. However, while the HIPAA Rules do not include requirements specific to protection of electronic protected health information (ePHI) processed or stored by a CSP or any other business associate outside of the United States, OCR notes that the risks to such ePHI may vary greatly depending on its geographic location. In particular, outsourcing storage or other services for ePHI overseas may increase the risks and vulnerabilities to the information or present special considerations with respect to enforceability of privacy and security protections over the data. Covered entities (and business associates, including the CSP) should take these risks into account when conducting the risk analysis and risk management required by the Security Rule. See 45 CFR 164.308(a)(1)(ii)(A) and (a)(1)(ii)(B). For example, if ePHI is maintained in a country where there are documented increased attempts at hacking or other malware attacks, such risks should be considered, and entities must implement reasonable and appropriate technical safeguards to address such threats.

No. The HIPAA Rules require covered entity and business associate customers to obtain satisfactory assurances in the form of a business associate agreement (BAA) with the CSP that the CSP will, among other things, appropriately safeguard the protected health information (PHI) that it creates, receives, maintains or transmits for the covered entity or business associate in accordance with the HIPAA Rules. The CSP is also directly liable for failing to safeguard electronic PHI in accordance with the Security Rule [20] and for impermissible uses or disclosures of the PHI. [21]. The HIPAA Rules do not expressly require that a CSP provide documentation of its security practices to or otherwise allow a customer to audit its security practices. However, customers may require from a CSP (through the BAA, service level agreement, or other documentation) additional assurances of protections for the PHI, such as documentation of safeguards or audits, based on their own risk analysis and risk management or other compliance activities.

No. A CSP is not a business associate if it receives and maintains (e.g., to process and/or store) only information de-identified following the processes required by the Privacy Rule. The Privacy Rule does not restrict the use or disclosure of de-identified information, nor does the Security Rule require that safeguards be applied to de-identified information, as the information is not considered protected health information. See the OCR guidance on de-identificationfor more information.[22]

[1] See http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf

[3] As adapted from NIST Special Publication 800-144, vi:

A Public cloud is open for use by the general public and may be owned, managed, and operated by any organization. Examples are the message storage services offered by major email providers, photo-sharing sites, and certain EMR providers. Many large organizations use Private clouds that exclusively serve their business functions. A Community cloud serves exclusively a specific community of users from organizations that have shared concerns. A Hybrid cloud is a combination of any of the above, bound together by standardized or proprietary technology that enables data and application portability.

[9] 78 Fed. Reg. 5,566, 5,572 (January 25, 2013).

[10] A key used to encrypt and decrypt data, also called a cryptographic key, is [a] parameter used in conjunction with a cryptographic algorithm that determines its operation in such a way that an entity with knowledge of the key can reproduce or reverse the operation, while an entity without knowledge of the key cannot. See NIST SP 800-47 Part 1 Revision 4, Recommendation for Key Management Part 1: General (January 2016). Available at http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf

[19] 67 Fed. Reg. 53181, 53254 (August 14, 2002).

[20] See Section 13401 of the HITECH Act.

[21] See 45 CFR 164.502(a)(3).

Originally posted here:

Cloud Computing | HHS.gov

Theres no single, perfect cloud architecture or infrastructure. All clouds require operating systemslike Linuxbut the cloud infrastructure can include a variety of bare-metal, virtualization, or container software that abstract, pool, and share scalable resources across a network. This is why clouds are best defined by what they do rather than what theyre made of. Youve created a cloud if youve set up an IT system that:

You can build a private cloud on your own or use prepackaged cloud infrastructure like OpenStack, and there are thousands of cloud service providers all over the world. Here are some of the most popular:

Creating a hybrid cloud strategy requires some degree of workload portability, orchestration, and management. Application programming interfaces (APIs) and virtual private networks (VPNs) have been the standard ways to create these connections. Many of the major cloud providers even give customers a preconfigured VPN as part of their subscription packages:

Another way of creating a hybrid cloud is to simply run the same operating system in every environment and build containerplatform-based, cloud-native apps that are managed by a universal orchestration engine like Kubernetes. The operating system abstracts all the hardware while the management platform abstracts all the apps. So you deploy almost any app in almost any environment without retooling the app, retraining people, splitting management, or sacrificing security.

More here:

Understanding cloud computing - Red Hat

The global data volume is growing very fast. Whereas cloud computing happens mostly in large data-centres today, by 2025 this trend will reverse: 80% of all data is expected to beprocessed in smart devices closer to the user, known as edge computing.

The availability ofboth edge and cloud computing isessential in a computing continuum to ensure that data isprocessed in the most efficient manner. Energy-efficient and trustworthy edge and cloud infrastructures will be fundamentalfor the sustainable use of edge and cloud computing technologies.

Cloud computing is a key objective to increase Europe's data sovereignty as outlined in the European CommissionsData Strategy,Digital Strategy,Industrial Strategyand theEU recovery plan.

The European Commission has launched aEuropean Alliance on Industrial Data, Edge and Cloud, which will feature the development of several work streams, related to key EU policy goals:

EU countrieshave signedajoint declaration on cloudwhere they expressed their will to collaborate towards the creation of a European cloud.

Other initiatives related tocloud computing are:

In parallel, cloud computing and edge computing will be among those digital technologies that will contribute to achieving the sustainability goals of the EuropeanGreen Dealin areas such as farming, mobility, buildings and manufacturing.

The European Union also supports the development of cloud computing in Europe with research and innovation actions under theHorizon 2020 programme.

EU-funded projects will work on novel solutions for federating cloud infrastructures. New cloud-based services will have to respond to high-standard requirements with regard to data protection, performance, resilience and energy-efficiency. The services and infrastructures will have to meet the future digitisation needs of industry and the public sector. Addressing these challenges will also be part of and contribute to the technological ambitions of theNext Generation Internet(NGI).

In addition, the EU intends to invest 2bn via theEuropean Data Strategyin a European High Impact Project that will federate energy-efficient and trustworthy cloud infrastructures and related services. Cloud technologies that have been developed within Horizon 2020-funded research and by market actors will be deployed via the Connecting Europe Facility 2 (for cloud infrastructures interconnection) and Digital Europe (for cloud-to-edge services and cloud marketplaces) Programme.

See the original post:

Cloud computing | Shaping Europes digital future

Infrastructure as a service (IaaS)

The most basic category of cloud computing services. With IaaS, you rent IT infrastructureservers and virtual machines (VMs), storage, networks, operating systemsfrom a cloud provider on a pay-as-you-go basis.

Platform as a service refers to cloud computing services that supply an on-demand environment for developing, testing, delivering, and managing software applications. PaaS is designed to make it easier for developers to quickly create web or mobile apps, without worrying about setting up or managing the underlying infrastructure of servers, storage, network, and databases needed for development.

Overlapping with PaaS, serverless computing focuses on building app functionality without spending time continually managing the servers and infrastructure required to do so. The cloud provider handles the setup, capacity planning, and server management for you. Serverless architectures are highly scalable and event-driven, only using resources when a specific function or trigger occurs.

Software as a service is a method for delivering software applications over the Internet, on demand and typically on a subscription basis. With SaaS, cloud providers host and manage the software application and underlying infrastructure, and handle any maintenance, like software upgrades and security patching. Users connect to the application over the Internet, usually with a web browser on their phone, tablet, or PC.

Read the original post:

What Is Cloud Computing? A Beginners Guide | Microsoft Azure

1. Microsoft warns of cloud computing slowdown  Financial Times
2. Microsoft Azure's Slower Growth Shows 'Winter Is Here' for the Cloud  Barron's
3. Microsoft stock: MSFT rocked by warning of cloud computing slowdown  Capital.com
4. The slowdown has come for the cloud business  Yahoo Finance
5. Microsoft tumbles on warning of cloud-computing slowdown  BusinessLIVE
6. View Full Coverage on Google News

See the original post here:

Microsoft warns of cloud computing slowdown - Financial Times

Microsoft Said Revenue Growth at Its Azure Cloud-computing Unit Will Drop by Five ... - Latest Tweet by  LatestLY

Read more from the original source:

Microsoft Said Revenue Growth at Its Azure Cloud-computing Unit Will Drop by Five ... - Latest Tweet by - LatestLY

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics (On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, Measured Service); three service models (Cloud Software as a Service (SaaS), Cloud Platform as a Service (PaaS), Cloud Infrastructure as a Service (IaaS)); and, four deployment models (Private cloud, Community cloud, Public cloud, Hybrid cloud). Key enabling technologies include: (1) fast wide-area networks, (2) powerful, inexpensive server computers, and (3) high-performance virtualization for commodity hardware.

The Cloud Computing model offers the promise of massive cost savings combined with increased IT agility. It is considered critical that government and industry begin adoption of this technology in response to difficult economic constraints. However, cloud computing technology challenges many traditional approaches to datacenter and enterprise application design and management. Cloud computing is currently being used; however, security, interoperability, and portability are cited as major barriers to broader adoption.

The long term goal is to provide thought leadership and guidance around the cloud computing paradigm to catalyze its use within industry and government. NIST aims to shorten the adoption cycle, which will enable near-term cost savings and increased ability to quickly create and deploy enterprise applications. NIST aims to foster cloud computing systems and practices that support interoperability, portability, and security requirements that are appropriate and achievable for important usage scenarios

Read the original here:

NIST Cloud Computing Program - NCCP | NIST

The ongoing mass adoption of cloud computing has been a key driver of many of the most transformative tech trends, including artificial intelligence (AI), the internet of things (IoT), and remote and hybrid working. Going forward, we can expect to see it becoming an enabler of even more technologies, including virtual and augmented reality (VR/AR), the metaverse, cloud gaming, and even quantum computing.

The Top 5 Cloud Computing Trends In 2023

Cloud computing makes this possible by removing the need to invest in buying and owning the expensive infrastructure required for these intensive computing applications. Instead, cloud service providers make it available "as-a-service," running on their own servers and data centers. It also means companies can, to some extent, avoid the hassle of hiring or training a highly specialized workforce if they want to take advantage of these breakthrough technologies.

In 2023 we can expect to see companies continuing to leverage cloud services in order to access new and innovative technologies as well as drive efficiencies in their own operations and processes. Heres a rundown of some of the trends that I believe will have the most impact.

Increased investment in cloud security and resilience

Migrating to the cloud brings huge opportunities, efficiencies, and convenience but also exposes companies and organizations to a new range of cybersecurity threats. On top of this, the growing pile of legislation around how businesses can store and use personal data means that the risk of fines or (even worse) losing the trust of their customers is a real problem.

As a result, spending on cyber security and building resilience against everything from data loss to the impact of a pandemic on global business will become even more of a priority during the coming year. However, as many companies look to cut costs in the face of a forecasted economic recession, the emphasis is likely to be on the search for innovative and cost-efficient ways of maintaining cyber security in order to get the most "bang for the buck." This will mean greater use of AI and predictive technology designed to spot threats before they cause problems, as well as an increase in the use of managed security-as-a-service providers in 2023.

Multi-cloud is an increasingly popular strategy

If 2022 was the year of hybrid cloud, then 2023 could be the year that businesses come to understand the advantages of diversifying their services across a number of cloud providers. This is a strategy known as taking a multi-cloud approach, and it offers a number of advantages, including improved flexibility and security.

It also prevents organizations from becoming too tied in to one particular ecosystem - a situation that can create challenges when cloud service providers change the applications they support or stop supporting particular applications altogether. And it helps to create redundancy that reduces the chance of system errors or downtime from causing a critical failure of business operations.

Adopting a multi-cloud infrastructure means moving away from potentially damaging business strategies such as building applications and processes solely around one particular cloud platform, e.g., AWS, Google Cloud, or Microsoft Azure. The growing popularity of containerized applications means that in the event of changes to service levels, or more cost-efficient solutions becoming available from different providers, applications can be quickly ported across to new platforms. While back in 2020, most companies (70 percent) said they were still tied to one cloud service provider, reports have found that 84% of mid-to-large companies will have adopted a multi-cloud strategy by 2023, positioning it as one of the years defining trends in cloud computing.

The AI and ML-powered cloud

Artificial intelligence (AI) and machine learning (ML) are provided as cloud services because few businesses have the resources to build their own AI infrastructure. Gathering data and training algorithms require huge amounts of computing power and storage space that is generally more cost-efficient to rent as-a-service. Cloud service providers are increasingly relying on AI themselves for a number of tasks. This includes managing the vast, distributed networks needed to provide storage resources to their customers, regulating the power and cooling systems in data centers, and powering cyber security solutions that keep their data safe. In 2023, we can expect to see continued innovation in this field as hyper scale cloud service providers like Amazon, Google, and Microsoft continue to apply their own AI technology to create more efficient and cost-effective cloud services for their customers.

Low-code and no-code cloud services

Tools and platforms that allow anybody to create applications and to use data to solve problems without getting their hands dirty with writing computer code are increasingly popular. This category of low-code and no-code solutions includes tools for building websites, web applications and designing just about any kind of digital solutions that companies may need. Low-code and no-code solutions are even becoming available for creating AI-powered applications, drastically lowering the barriers to entry for companies wanting to leverage AI and ML. Many of these services are provided via the cloud meaning users can access them as-a-service without having to own the powerful computing infrastructure needed to run them themselves. Tools like Figma, Airtable, and Zoho allow users to carry out tasks that previously would have required coding experience, such as designing websites, automating spreadsheet tasks, and building web applications, and I see providing services like this as an area where cloud technology will become increasingly useful in 2023 and beyond.

Innovation and consolidation in cloud gaming

The cloud has brought us streaming services like Netflix and Spotify, which have revolutionized the way we consume movies, TV, and music. Streaming video gaming is taking a little longer to gain a foothold but is clearly on its way, with Microsoft, Sony, Nvidia, and Amazon all offering services in this field. It hasnt all been plain sailing, however Google spent millions of dollars developing their Stadia streaming gaming service only to retire it this year due to lack of commercial success. One of the problems is the networks themselves streaming video games clearly requires higher bandwidth than music or videos, meaning it's restricted to those of us with good quality high-speed internet access, which is still far from all of us. However, the ongoing rollout of 5G and other ultra-fast networking technologies should eventually solve this problem, and 2023 could be the year that cloud gaming will make an impact. Google themselves have said that the technology itself that powers Stadia will live on as the backbone of an in-development B2B game streaming service that will allow game developers to provide streaming functionality directly to their customers. If, as many predict, cloud gaming will become the killer app for 5G in the same way that streaming video was for 4G and streaming music was for 3G, then 2023 could be the year when we start to see things fall into place.

To stay on top of the latest on the latest business and tech trends, make sure to subscribe to my newsletter, follow me on Twitter, LinkedIn, and YouTube, and check out my books Tech Trends in Practice and Business Trends in Practice, which just won the 2022 Business Book of the Year award.

Visit link:

The Top 5 Cloud Computing Trends In 2023 - Forbes