Page 265 - Using MIS
P. 265
Q6 How Can Organizations Use Cloud Services Securely? 233
VPN
Private Cloud
Users
Figure 6-23 Organization’s Private
Accessing Private Cloud over a Computing Infrastructure
Virtual Private Network
Private clouds provide security within the organizational infrastructure but do not provide
secure access from outside that infrastructure. To provide such access, organizations set up a
VPN and users employ it to securely access the private cloud as shown in Figure 6-23.
Private clouds provide the advantages of elasticity, but to questionable benefit. What can
organizations do with their idle servers? They could realize some cost savings by shutting down
the idle servers. But unlike the cloud vendors, they cannot repurpose them for use by other
companies. Possibly a large conglomerate or major international company could balance pro-
cessing loads across subsidiary business units and across different geographical regions. 3M, for
example, might balance processing for its different product groups and on different continents,
but it is difficult to imagine that, in doing so, it would save money or time. A small company like
AllRoad Parts is very unlikely to develop a private cloud.
Microsoft, Amazon.com, Oracle, IBM, and other major cloud service vendors employ
thousands of highly trained, very highly skilled personnel to create, manage, administer, and
improve their cloud services. It is unimaginable that any noncloud company, even large ones
like 3M, could build and operate a cloud service facility that competes. The only situation in
which this might make sense is if the organization is required by law or business custom to
maintain physical control over its stored data. Even in that case, however, the organization is
unlikely to be required to maintain physical control over all data, so it might keep critically sen-
sitive data on-premises and place the rest of the data and related applications into the facilities
of a public cloud vendor. It might also use a virtual private cloud, which we consider next.
Using a Virtual Private Cloud
A virtual private cloud (VPC) is a subset of a public cloud that has highly restricted, secure ac-
cess. An organization can build its own VPC on top of public cloud infrastructure like AWS or
that provided by other cloud vendors. The means by which this is done are beyond the scope of
this text, but think of it as VPN tunneling on steroids.
Using a VPC, an organization can store its most sensitive data on its own infrastructure and
store the less sensitive data on the VPC. In this way, organizations that are required to have physical
control over some of their data can place that data on their own servers and locate the rest of their
data on the VPC as shown in Figure 6-24. By doing so, the organization gains the advantages of cloud
storage and possibly cloud processing for that portion of its data that it need not physically control.
