| June 15 | Mick Symonds | Managed Services | 1 Your business technologists. Powering progress©...

| Apr 18, 2023 | Mick Symonds | Managed Services |1Your business technologists. Powering progress © Confidential

Mick Symonds18 Apr 2023

Cloud for DefenceMick Symonds

| Apr 18, 2023 | Mick Symonds | Managed Services |2

Clouds and NATO: NIAG study

▶ Earlier this year, Atos took part in a NIAG Study Group for NATO, looking at the suitability of Cloud Computing


Summary of NIAG Study conclusions

▶ Cloud does have some attractive attributes, which could be of selective value

▶ There could be opportunities in Cloud when restructuring and reorganising ▶ The current NATO orientation around ownership of particular “boxes” is an

obstruction▶ And the transfer over to dependence on services is thus a significant

inhibitor


Long-term service trend


» And to support those, there are the Cloud Computing facilities used to deliver those services

Cloud, Cloud Services and Cloud Computing

» Cloud Services underlie and support that concept

» Cloud is a word very much hyped and in fashion but used very loosely


Why you might want to use Cloud

▶ Cloud in general:– full mobility, Web 2.0, social media, real-time

web, SOA, electronic ticketing and payments, etc., etc.

– you can access “your stuff” from wherever you are, using whatever devices

▶ Cloud Services– facilities are provided by various suppliers to

enable you to do those things– often “for free”, subsidised by advertising, etc.– or just paid for per user or even “per tick”

▶ Cloud Computing– you don’t have to invest capital in data centres

full of servers and storage– you can just use as much or as little as you

need, on a pay-as-you-go basis


Definition – Cloud Service Models

▶ IaaS; IaaS involves the provision of the basic hardware and associated systems software: processing, storage and network access to and between them. It is made useable as a service by providing a portal for control and internet access

▶ PaaS; Platform is provided to allow people to build and deploy applications, usually but not always to run on top of IaaS and deliver a SaaS service. They are generally used at two stages of the lifecycle: to develop or enhance an application in the first place and then to provide a suitable run-time environment once it is built

▶ SaaS; There is a wide range of SaaS offerings, which provide access to a multi-tenant application, usually via a thin client or a web browser. It is essentially the same as the well-established concept of Application Service Providers (ASP’s)

Software as a Service (SaaS)

Platform as a Service (PaaS)

Infrastructure as a Service (IaaS)

e.g.: CRM, Email

e.g.: CPU, Storage Atos Cloud Infra. ServicesAmazon.com

Google Apps, Force.com,Microsoft Azure

Salesforce.com

e.g.: LAMP, .net, database, Message Queue, API,

Application Server


How Cloud Computing is delivered

▶ IaaS

» PaaS

» SaaS

» “… In reality, the cloud is giant buildings full of computers and diesel generators … There’s not really anything white or fluffy about it.”

» Mike Manos(Former Microsoft data centre manager

speaking to the New York Times)

» “… In reality, the cloud is giant buildings full of computers and diesel generators … There’s not really anything white or fluffy about it.”

» Mike Manos(Former Microsoft data centre manager

speaking to the New York Times)

» IaaS


So, what’s stopping organisations going to Cloud?

▶There are scare stories about:– security– legal compliance– service levels – governance– interoperability– scalability

(yes, really)– and ...


... turkeys and Christmas

▶ “Cloud is the new outsourcing”, according to Gartner

▶ and some IT Managers are not yet ready to give up their empires


Location, location, location

▶ One of the key attributes of Cloud is supposed to be location independence– You have no idea where your data actually

is▶ But there are strict controls over personal and

other sensitive data within the EU– And it needs to remain in a particular

jurisdiction▶ Most major Cloud providers are American

– Although some are opening European data centres (e.g. in Dublin)

▶ They are therefore subject to the American Patriot Act– Giving American government agencies

access to the data, wherever it is held▶ There are thus concerns raised within the NL

Government


So, what is the solution

▶ Various means of providing “the best of both worlds” are being worked on▶ European Cloud 2020:

– An initiative, spearheaded by ESA and CERN, with the support of the EC, to develop a major European Cloud capability

▶ Open Data Center Alliance:– A customer-led organisation to define standards for cloud services and how

they are used, to make the decision as to which provider to use more open and flexible

▶ The concept of Private and Community Clouds:– Which can be used by one large organisation: e.g. government agencies– Or those within a particular sector, with common compliance and security

concerns: e.g. finance, healthcare, defence, …


Security and Identity Services

▶ There are risks related to cloud computing▶ Your data is hiding somewhere, but you don’t know where exactly▶ Your data is neighbouring the data of many others, which makes it attractive to

hackers▶ Cloud environments are ever more being used as a launching platform for:

– DDOS (Distributed Denial Of Service) attacks– Botnet attacks

▶ Just like any other organisation, cloud providers are not excluded from insider threats either

▶ Through virtualization malware can ‘leak’ to your data▶ Browsers and mobile devices belong to the most vulnerable IT components and

are, hence, popular targets of hackers


Security and Identity Services

▶ Here are some measures you can take▶ You need to learn about the security controls of your cloud provider. Use your

own policies and procedures as a reference▶ Make clear agreements with your cloud provider about ownership, protection

and deletion (at the end of the contract) of your data▶ Encrypt your sensitive data where possible▶ Protect your client applications and mobile devices. Have these included in your

security programs▶ There are some very fancy identity management technologies available – based

on open standards - which are worthwile to evaluate:– SAML (Security Assertion Markup Language): used for authentication– SPML (Service Provisioning Markup Language): used for account

management– XACML (eXtended Access Control Markup Language): used for fine-grained

authorization


A range of Infrastructure ServicesProcessing, storage and connectivity on a pay-per-use basis

TRADITIONAL

Traditional infrastructure

services

Cloud implemented for only one customer, on premises or in

Atos DC

Cloud based processing & storage, but hardware is

dedicated per customer

Dedicated connection

Shared multi-customer

environment

Dedicated connection or

Internet

DEDICATED CLOUD

PRIVATE CLOUD

SHARED CLOUD

Greater resource sharing and increased agility

Increased use of dedicated resources

Atos Sphere

Atos Sphere

Atos Sphere

Atos Sphere

Atos Sphere

Atos Sphere

Shared enterprise and

consumers environment

Only Internet connection

PUBLIC CLOUD


www.atos.net

Your business technologists. Powering progress © Confidential

Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGridare registered trademarks of Atos SA. June 2011© 2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it, may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.

startslide.ppt

Mick SymondsPrincipal Solutions Architect/Loose Cannon AtosB.5.L08, Papendorpseweg 93, 3528 BJ Utrecht The [email protected] +31 651 755 779

| June 15 | Mick Symonds | Managed Services | 1 Your business technologists. Powering progress©...

Documents

Transcript of | June 15 | Mick Symonds | Managed Services | 1 Your business technologists. Powering progress©...