Seite 31 - Cloud Migration Version 2012 english

31 
a private Cloud IT approach often leads to discussions about Thindevices, 
remote access, Bring your own and a reliable authentication system.  
Build a Public Cloud Service 
If a company is in the software business for instance, then they might 
consider building a Public Cloud service, so they and their customers could 
benefit from the Cloud technology. Typically such a company uses an 
external datacentre to host the infrastructure (IaaS), or use development 
platforms such as Microsoft Azure (an example of Platform as a Service 
(
PaaS)). The service which they then offer to their customers is typically 
Software as a Service (SaaS).  It is also common that those companies run 
their own software development infrastructure and their software testing 
environment in the Cloud.  
A consumer will consider a service useful when it fulfills the needs of the 
business or their personal needs. It is important to understand on which 
device, on which network and under what circumstances this service is 
consumed. Sometimes a lower quality service is acceptable, when it is not 
required on a daily basis or for business critical processes. 
Smart devices and public networks, in the context of Cloud services bring up 
some questions about data security, data protection and usability. The 
security related questions could be easily answered if the user access 
devices are well controlled company owned assets. However, this becomes 
a lot harder to answer if these are personally owned assets, brought in by 
the young digitally‐savvy workforce. Usability depends on the performance 
of the device, the network and the data entry needed.  
Offering a Cloud Service, or using a Cloud service has some more technical 
aspects to consider, most of them are covered in detail in Part III of this 
book, but should be initially mentioned here. Technically, there is a dramatic 
change in the way IT security is designed and enforced, especially bring your 
own (BYOD) segments the former homogeneous environment. Technical 
solutions will not be sufficient to get IT security in Cloud systems right. End‐
users must be informed and instructed about security policies and 
procedures. In some cases security problems that occur need investigating 
and require specialist Cloud forensic analysis skills to be understood.