Cloud computing & services

Cloud computing is the on-demand availability of computer system resources, especially data storage (cloud storage) and computing power, without direct active management by the user. The term is generally used to describe data centres available to many users over the Internet. Large clouds, predominant today, often have functions distributed over multiple locations from central servers. If the connection to the user is relatively close, it may be designated as an edge server. Clouds may be limited to a single organization (enterprise clouds) or be available to multiple organizations (public cloud). They can also be combined with own servers that are on premise (hybdrid cloud).

Though service-oriented architecture advocates for ‘Everything as a service’ (with the acronyms EaaS or XaaS, or simply aas), cloud-computing providers offer their "services" according to different models. The three standard models are 'Infrastructure as a Service (IaaS)', 'Platform as a Service (PaaS)', and 'Software as a Service (SaaS)'. Claimed benifits include: low start capital needed, flexibility, place-independent collaborative work, low maintenance costs, high performance and security. 

Cloud security refers to all policies, technologies, applications and controls utilized to protect cloud-based data, applications, services and computing infrastructure. (Cyber)security providers may also offer their services through the cloud, but then it is mostly Software as a Service. For small and medium enterprises and non-specialist IT-users it is advocated that cloud based services are often more secure, since security patches and software updates are installed by the cloud service provider. However, badly configured cloud services and bad access management can make cloud solutions just as vulnerable as other architectures. Cloud solutions may also pose privacy concerns: who can access the data and which privacy rules apply? If the server is physically placed is the US, Russia or China, local laws may apply (including access by state actors such as security services). And depending on the contract the cloud provider may access the data that is stored or have legal ownership. Digital forensics in the cloud may prove cumbersome and traffic intense when it is not native to the cloud service.

Related Keywords: cloud services, cloud architecture, cloud access security brokerage services, hybrid cloud solutions, Cloud Workload Protection (CWPP), Cloud Security Posture Management (CSPM).