What and Where is The Cloud

Guest Blogger | Date: March 31, 2021 | 4 minute read

Share

The term Cloud Computing, also known as The Cloud, was introduced at an industry conference(1) in August 2006 by the then Google CEO Eric Schmidt. Although there is some debate about who actually coined the phrase(2), it wasn't introduced into the Oxford English Dictionary until June 2012. For most people there is still some confusion about what it actually is.  In the fifth blog from Cyber Security Partner IASME, we get to find out one explanation of "What and Where is The Cloud".

what-and-where-is-the-cloud-blog

(1) Google CEO Eric Schmidt introduced the term to an industry conference. 
(2) Who coined 'Cloud Computing'?

What is the cloud?

The cloud is used as a term for a series of on demand, remote access, subscription services that exist on the internet. One commonly used cloud service is data storage. Instead of storing information directly on your own personal computer or phone, cloud-based data is stored elsewhere, not on clouds, but on servers* housed in massive data centres. Examples are: Google Drive, Dropbox, OneDrive, Apple iCloud, and IDrive.

*A server is a bit like a powerful computer that provides one specific job to other computers.

Where is the Cloud?

The cloud is a metaphor for the internet and for services that can seem quite abstract. The image of a cloud suggests ethereal, natural, and benign, it is everywhere but nowhere and belongs to no one or everyone. This metaphor is misleading, as in reality, the cloud exists as row upon row of powerful computers with cables that radiate all over the world. It is owned by a few of the world’s largest private organisations such as Amazon, Microsoft, Google or Apple and keeps millions of people's data that is made accessible to them via the internet. The biggest data storage servers in the world are located in China, USA and India, some are even situated at the bottom of the ocean.

Cloud Computing 'as a service model'

A widely used service available in cloud computing is office software and web-based applications, which is known as Software as a Service or SaaS. An example of SaaS is Gmail and Yahoo email and Office 365 and Google Docs. If we take Office 365 as an example, you can sign into your Microsoft account on any machine and access Microsoft Word where you will find your files. Neither the application Microsoft Word, nor those files are stored on your computer, but in the cloud, and this makes them accessible remotely from any computer as long as there is an internet connection. Cloud computing allows users the flexibility to collaborate with others from any location.

Examples of other services that run their operations from the cloud include Youtube, Facebook, Zoom, Netflix and Spotify. Most will be located with the biggest cloud service providers, Amazon Web Services, Google Cloud Platform and Microsoft Azure.

In addition to SaaS, businesses that need to create websites and applications, can rent cloud-based hardware and operating systems needed to run applications, this is known as Platform as a Service or PaaS. With PaaS, consumers do not have the responsibility of managing, updating and maintaining the platform that hosts the application and can therefore focus more on software development or providing other services to customers.

Infrastructure-as-a-Service or IaaS is the most comprehensive cloud platform and is mainly used by full time developers or large businesses. The cloud provider hosts the infrastructure components that were traditionally present in an on-premises data centre, including powerful servers, almost limitless storage, and networking.

Benefits of Cloud services

When a business has a subscription for any of these services with a Cloud Service Provider (CSP), once they have made the initial cost to deploy their business across to the cloud, it saves them costly outlay for technology that may become out of date in a few years. Another benefit of the 'as a service' model, is that because a professional company is managing your technology, their level of support and maintenance, means more of your budget and time can be spent on business strategy and less on IT and security.

Security Risks of the Cloud

The chances are, your data is more secure in the cloud than on your own device within your own premises. The logic behind this comment is that most big cloud service providers spend millions of pounds managing and maintaining the security of their services. There are some customer responsibilities, however, and it’s worth noting that failure to meet consumer responsibilities is a leading cause of security incidents in cloud-based systems.

Some basic procedures can be followed to minimise risks.

#1 - Use Multifactor Authentication
If you can access your data remotely, so can cyber criminals. Multifactor Authentication (MFA) gives a crucial layer of added security when logging into your cloud accounts. Instead of just a password, MFA asks a user to provide another form of authentication, this might be a password plus a code received as an SMS or a fingerprint scan.

#2 - Limit and monitor the access of your users.
Limiting access can limit the impact when account information like user-names and passwords are stolen or a disgruntled employee wants to cause harm.

#3 - Provide anti-phishing and security training.
It is important that the individuals who use the system are educated about best practice behaviour and the tactics used by people who send 'phishing' emails. 'Phishing' is a term that describes the use of deception to manipulate people into revealing their security information. Phishing attacks are a common way that hacker’s access even the most secure cloud database.

#4 - Organise data back-up.
Most Cloud Service Providers give significant guarantees against loss of data; however, no system is perfect. Major cloud providers have accidently lost customer data. Ensure that your chosen CSP has data backup and recovery processes that meet your organisation's needs.

As more of our information and activities go online, cyber security has become a necessary part of life that keeps us safe from crime. Just like learning anything new, it can be broken down into small steps and implemented in bite sized chunks. Businesses of all sizes are at particular risk of cyber crime and would benefit from working towards Cyber Essentials which is a Government approved scheme. By implementing just five core controls that protect against most cyber attacks, businesses can ensure they are on the right track as well as demonstrating to their customers and suppliers that they are serious about cyber security. Find out more about the IASME Cyber Essentials scheme.


Thank you IASME team for the insight. This blog was published on Friday 12th March and is duplicated with permission from IASME. Original publication located at https://iasme.co.uk/cyber-blog/what-and-where-is-the-cloud/.

Takeaways

  • Chances are that at home and at work you are using Cloud based applications and storage.
  • The Cloud is another word for the Internet, but in personal terms, the benefit of cloud computing is your files and applications are stored and used on the internet, and can be accessed from any device, rather than on your personal computer.
  • An advantage of Cloud Computing as a service is that it can provide a robust strategy for businesses to facilitate using the latest technologies and software.
  •  Security is an important factor of computing whether used in-the-cloud or on-premise.

IASME are a chosen partner of the National Cyber Security Centre (NCSC) and are responsible for Cyber Essentials Certification delivery in the UK. Learn more about IASME.

Concise Technologies are an IASME Certification Body that can assist you with delivering Cyber Essentials and Cyber Essentials Plus. Contact us today to learn how we can help with your certification.

 

Get in touch and discover how we can help make things easier.

Call us on 01606 336200, or fill in the form below.