While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
One problem area for cloud management is the provisioning and deprovisioning of cloud environments, the acquisition and the release of these resources. Technical issues can arise with either provisioning or deprovisioning, but organizations also face serious operational problems associated with these processes.
Most enterprises conduct three main types of provisioning. The first is self-provisioning, in which a cloud customer fills out an online request for services with the cloud provider, which then sets aside cloud resources for the customer. This tends to be the most expensive arrangement per transaction, because a separate contract must be established for each effort to provision services.
Also, because self-provisioning customer organizations generally make no commitments on the amount of services to be used, they typically receive no discounts. More important, an organization loses control when its constituent units and workers arrange their own cloud services. Maintaining separate agreements, securing them effectively and otherwise ensuring that cloud services are appropriately managed becomes a logistical nightmare.
The second type is provisioning in advance. A cloud customer contacts a provider and signs a contract allocating a certain amount of resources per unit of time (for example, per month) to that customer. The cloud customer receives a discounted rate for purchasing a set level of services in advance.
Unfortunately, unless the cloud customer has very stable usage patterns, the actual use of the cloud is likely to vary significantly from the planned consumption. If the customer uses far less resources than expected, it is paying for something that it is not consuming. If the customer attempts to use more resources than expected, the provider may charge a penalty, or it simply may not have any additional resources available.
The third type, whose use has become widespread, is dynamic provisioning. In this model, the cloud customer dynamically receives the requested level of resources on an as-needed basis. When the customer needs more resources, the provider delivers them, and when the customer needs fewer resources, the provider takes some away. Customers pay for the resources that they actually consume, and they have the power to raise or lower this resource threshold as often as needed. This model is also known as autoscaling.
Many cloud customers have identified a need to automate this provisioning and deprovisioning as much as possible so that the IT resources are minimized, thus reducing costs. Ideally, the provisioning or deprovisioning should be fully automatic, but this arrangement leaves open the question of who is allowed to trigger provisioning.
If the organization does not place limits on who can do so and how many resources can be provisioned, costs can rapidly escalate, and the cloud implementation can become unmanageable. One benefit of using cloud management tools is that they can institute a fully managed system for provisioning resources that controls who can allocate which resources and maps each provisioned resource back to a responsible party, so that chargebacks can be conducted accordingly.
Want to learn more? Check out CDW’s Tech Insights App on Cloud Computing.