Tech Talk: Demystifying the Cloud

June 2020 – Vol. 39, No. 5

Mike Robey, MS, AAO-HNS/F Senior Director, Information Technology

Since the outbreak of the coronavirus pandemic, business continuity has been on a lot of people’s minds. To comply with social distancing many organizations were forced to move to teleworking almost overnight. Staff having remote access to their programs and data is essential for continuing operations. Business continuity demands that IT resources be cloud-based. But what is the cloud? The purpose of this article is to explain and demystify this modern service paradigm.

Two underlying technology advancements have made cloud computing possible: (1) high-speed internet access and (2) server virtualization. Long gone are the days of dial-up modems. Speeds up to 1 gigabit per second are common even in residential settings. Without adequate access speed, cloud computing simply would not work.

The second technological innovation making cloud computing possible is server virtualization. Traditional servers have the operating system (OS) installed directly on top of the hardware. Virtualization inserts a software layer between the hardware and OS. The OS still thinks it is “talking” to the hardware, but in fact the OS is dialoging with a hypervisor software layer. This abstraction of the OS from the hardware opens many possibilities. Servers are no longer tied to specific hardware. Additional resources can be added in real time to boost performance. Figure 1 shows the technology layers associated with physical and virtual servers.

The combination of high-speed internet access and virtualization has made it possible to host equipment in vast warehouse-like facilities and provide scalable computing services. These facilities are the cloud. Enterprises no longer need their own on-premise servers. Instead, businesses can take advantage of economies of scale while still providing their users access to the operational tools needed.

Some may equate cloud computing with time-sharing. It is true that time-sharing has been around since the 1970s when one organization owned a computer, and another dialed into it to consume resources. However, there are major differences with cloud computing. The National Institute of Standards and Technology (NIST) defines two of the most significant differences:

  • On-demand self-service. The consumer can request and provision resources as needed.
  • Rapid elasticity. Modern virtualization technologies enable the rapid deployment of additional computing and storage resources.

Most cloud-based offerings can be classified into one of the following NIST-defined cloud service models:

  • Software-as-a-service (SaaS)
  • Platform-as-a-service (PaaS)
  • Infrastructure-as-a-service (IaaS)

Figure 2 shows the differences in these models by highlighting the layers the cloud provider is responsible for (orange) and the ones the customer is responsible for (blue). With the infrastructure-as-a-service model, the consumer is responsible for managing the OS, data, and applications. Amazon Web Services (AWS) is an example of IaaS. With platform-as-a-service, the cloud provider is responsible for the OS. An example of PaaS is Microsoft Azure. With software-as-a-service, the cloud provider is responsible for all the layers. The consumer is an end user of the service. Probably the biggest example of SaaS is Salesforce. Some offerings may be a blending of these models. As an example, a SaaS service may use AWS as its infrastructure layer—the Lego effect of the cloud.

There are drawbacks to cloud computing. Setting aside the obvious vendor lock-in, where is your data? Regardless of the cloud model, your data is in the provider’s enclave. If you have multiple SaaS services, then your data is in multiple places. How are you going to join the different data sources together? Are the cloud providers offering adequate backups for your data? How are you going to get your data back if you need to switch providers?

Another issue to be addressed are changes to your operational procedures (business processes). You need to align how you do things to the functionality of the chosen cloud solution. This can be very advantageous since most cloud-based software applications are basically collections of automated business processes. Standardizing these off-the-shelf solutions can help streamline your operations. However, this means changes to the way things are handled now.

Moving to the cloud is a must for business continuity. It also frees staff to concentrate on the use of technology, not maintaining the underlying layers. Because of the implications the cloud has to business operations plus data protection and governance concerns, finding a seasoned consultant who understands your business and the cloud is the first step in optimizing how your organization uses technology.