If there’s one concern that has been regularly rearing it’s head over the years whenever Cloud computing is mentioned, it is the protection of sensitive company data physically stored off-premise. The natural anxieties expressed at a time when MS deskbound computing was the predominant operating system and most business data was stored on software physically installed in the CPU under your desk or locked in the room next to the stationery cupboard just sound a little out of step, these days.

As we head into 2011 and deeper into the age of mobile apps, iPad downloads, Near Field Technology, Google Goggles and augmented reality, it’s fairly evident that the concept of accessing a ‘cloud resource’ of stored remote data, as and when required, onDemand, or as a service on a static or more likely, a mobile platform ‘reader’ or indeed, ‘thin client’, is already here in all but name.

The reality is that the various forms of Cloud computing, which we are all used to using in the form of email, VPN, Flickr and Facebook, for example, actually provides SMEs more protection, IT support and potential network security benefits from the cloud vendor than their own, often limited or non-existent in-house resources and budgets.

On a daily basis, the centralisation of company data provides reduced data leakage as a result of lost, corrupted, crashed, faulty or stolen CPUs, laptops, disks, USBs, back up tapes and remote hard drives. As thin client technology, such as DesktopLive, becomes prevalent, small, temporary caches pose less risk than transporting ‘data buckets’ in the form of laptops and USB datasticks.

Centralisation
In addition, central storage is easier to monitor, control and implement disaster recovery prevention contingencies . For example, a Cloud server can be instantly cloned by ‘forensic’ software if compromised, eliminating or reducing any service downtime. Inevitably, increased competition and business consumer demand will mean that Cloud service vendors will constantly strive to optimise performance by developing ever more efficient security software.

Security Testing
Change control builds, pre-strengthened and ‘secure’, are also primarily a proactive IT benefit of virtualisation based Cloud computing. Reduced exposure within production environments through patching offline means it is easier to test impact of security changes by producing a copy of your production environment, implementing a security change and testing the impact at low cost, with minimal startup time.

Economies of Scale
Deployed within a ‘public cloud’ service and thus, sharing the same application as a service, means only paying a percentage of security testing costs of the Software as a Service (SaaS) provider. Similarly with Platform as a Service (PaaS), there are potential cost economies of scale, as with password strength testing times, which are decreased by restricting activities to dedicated non-production machines, preventing the mixing of sensitive credentials with other workloads.

When proactive IT jargon makes it to the status of the latest buzz words heard freely being circulated at meetings and presentations or appearing on the blogs of related industry sectors, then the implication is that the concept from which these terms have been abstracted is gaining currency by familiarity of use and gently promotes wider acceptance.

Certainly, ‘Software As A Service’ ( SaaS) appears to have been adopted as a handy description that references Cloud computing yet unfortunately, is causing a little confusion, as it is now being erroneously assumed that SaaS is a substitute term for Cloud computing.

With the recent announcement from Google that they are offering their own Cloud as a resource for application provision and media headlines promising superfast broadband is imminent across the UK, the era of Cloud seems to be on the brink. In real terms, of course, we have all been using cloud applications from the moment we sent or received our very first email, and are quite happily downloading mobile apps, watching catch-up TV, etc.

A significant development and a further sign of cloud acceptance – in the US at least – was the November announcement that Cloud computing would be the ‘default approach to IT’ for US government agencies, to take immediate effect. This follows hot on the heels of government reforms already set into motion one year earlier and which are intended to ‘close the IT gap’ between the public and private sectors. Implementing cloud is expected to cut costs, improve security and performance, and speed up deployment of new applications by a 40 per cent reduction in 2,000 plus data centre infrastructure.

As clearly demonstrated by the US policy for radical IT reform, Cloud computing is a term which refers to the ‘enormous scalability’ concept. Thus, Cloud should be understood as a process facilitating use of the internet to access technology-enabled services and applications that run on the web, from location-independent, multiple areas and onDemand rather than on your desktop. This may be readily exemplified by a DesktopLive thin-client set up.

While, it is certainly true that many SaaS applications may be defined by their huge scalability potential, they are still essentially, the software owned, delivered, and managed remotely by one or more Cloud providers. It may be described as basically, enabling the sharing of application processing and data access and storage resources on a pay-per-use or as a subscription service, according to user need.

The fast growth of data analytics allied to complex modelling and simulation now demands powerful and sophisticated, remotely operated computing power required by new generation software.  Inevitably, this means delivering a higher level of IT support, which can no longer be feasibly or economically supported by maintaining on premise hardware. Typically, this might be localised as an IT support Manchester or regionalised as IT support Midlands, etc.

Contrary to abiding anxieties over losing control over sensitive data, security is actually improved due to centralisation, increased security-focused resources and near impossibility of accessing audit logs, far superior to most company own network security systems.

Throughout 2010, reports have been surfacing, which strongly suggest that SMEs are very much in the frontline of Cloud computing take-up. Unencumbered by existing IT infrastructure compared with their more larger business counterparts, around a sixth of small to mid size companies have recognised the need for a proactive IT attitude which will help them accommodate and work flexibly with the rapidly expanding data/information environment.

In addition to the cost efficiency question, choosing the right Cloud service provider as an integral IT support partner is crucial and a number of key factors will need to be addressed to satisfy concerns over IT continuity applications, access and network security, and disaster recovery.

Key factors:

Applications: SME critical applications will be invariably, focused on word processing, spreadsheet analysis, and presentation tools. Prerequisites extend to email, image, video, small business and personal data storage, extending to Cloud SaaS for publishing, yearly tax-return software, POS (point of sale) systems, and small/medium business bookkeeping tools.

Encryption: A big issue is always secure protection of sensitive data. Encryption is imperative to prevent cloud-vendors or Internet providers (ISPs) from seeing private or personal data on the storage area network (SAN) or network attached storage (NAS) system.

Data Recovery: Another core concern is that no email, small business, tax return or personal data be compromised, corrupted, or lost in an exceptional circumstance. Whereas, SMEs tend to keep data on a DAS direct attached storage (DAS) drive or a small NAS drive which can be vulnerable to crash, Cloud vendor redundant architectures enables quick user and/or recovery of data.

Access:  Granular access controls are essential to restrict access to cloud data. Only the small/medium business or home office user should be able to access their own data stored in the Cloud so that corruption of one individual’s email or personal data will not impact anothers’ email or personal data.

Certification: Web-facing applications such as word processing, spreadsheets and tax data should be annually certified to ensure that vendor applications are protected from data phishing and all known cyber-attacks within the certificated period.

For most SMES, a cost-effective IT and future proof growth solution will be provided by a basic SaaS ( Software As A Service) as the simplest, most direct route to get into “cloud computing”. A DesktopLive thin-client approach offers an external or Public Cloud application maintained by an external cloud vendor and accessed through the Internet.

Remote access computing, whether from multiple offices or geographically dispersed field worker locations, will often be accompanied by some form of basic protection and retention of generated electronic information. The issue of remotely stored data protection and recovery is number one on any SME or mid sized enterprise agenda as the percentage of processed total data in remote offices rapidly increases.

In many instances, the present systems of protection may be in serious need of review and upgrade to more adequately deal with a company’s ongoing, yet expanding data accessing, processing and network security storage. In today’s rapidly changing IT environment a proactive IT policy is now a critical service level constant which maintains deployment efficiency and security standards.

A “remote office” may be defined as a staffed location with one or more Microsoft Windows servers – a file and print server and, depending on the level of operations, may also include:

• A Microsoft Exchange Server for e-mail management.
• An application server running a database program like Microsoft SQL Server.
• Another application server to support business-specific, mission-critical applications.
• A backup server attached to a tape drive or autoloader.

There are many factors to consider when designing an overall solution to the remote data protection problem, including the types of applications to be protected, the potential risks, and specific data recovery objectives.

Applying the same level of protection to all the applications and services running in each office may seem simpler to implement, but it could be cost prohibitive. Each application and the data that it generates or manages needs to be evaluated and relative priorities set for individual protection.

For example, many remote offices probably have a shared file and print server. Losing data from this system probably won’t put the organisation in jeopardy, although it may be inconvenient trying to recover or recreate that data.

Most companies still rely on tape backups for data protection and recovery. However, in remote offices, the manual processes used in operating the tape backup system may not be as reliable as they are often performed by non-technical staff who may have little or no training in backup and recovery procedures. Data recovery in remote offices from tape backups can also be problematic and often require outsourcing IT expertise.

Identifying and implementing necessary data protection is an important cost investment, but beyond hardware and software costs, an overall remote offices solution needs to consider the impact of data protection decisions and the application of an integrated IT support.

The shift towards the concept of Cloud began with the ready mass acceptance of hosted email, progressing to online shopping and banking – all without a physical database or application software on personal or workplace computers.

Today’s widespread rapid deployment of mobile apps brings the acquaintanceship with relinquishing control of data utility another step closer. Faster broadband, mobile devices, remote working and data growth signal that the computing concept is shifting away from the late 20th century on-premises IT model and the way we handle information. Cloud computing is essentially defined as ‘clouds’ of on-demand, computing power applications – which are both server and data centre – accessed over the internet at dispersed locations, typically a thin client, DesktopLive system.

Present computer network management is commonly a muddled mix of  inhouse with outsourcing IT. The latter, a reflexive policy to address unexpected or ongoing system problems rather than taking a fully monitored, proactive IT approach to pre-empt network security compromise or disaster recovery. Cloud computing opens up the vital IT support and maintenance cost question which currently prevents many budget conscious enterprises constrained by the imperatives of additional software license and hardware purchasing for new employees and new locations.

Key daily business activities such as document sharing and setting up temporary project working groups can be easier with cloud-based applications where before additional software tools would need to be purchased. Adopting a cloud computing concept brings the immediate benefits of low start-up costs plus low cost for irregular use, especially to the SME and medium sized organisation. In addition, some cloud-based business services, e.g. Google Apps, do not require to be purchased for one-off or infrequent computing.

Scalability allied to device and location independence allows for the differing ways a cloud can be accessed, e.g. desktop, smartphone and the expansion of the number of users and locations – at modest cost. The data protection issue is one hotly debated but essentially, in a cloud-based software environment, physical security is actually stronger because the loss of a client side system does not compromise data or software as would be the current scenario. A third-party Cloud supports high availability, continuity, disaster recovery, power consumption, and the ongoing technical and physical infrastructure management.

It has been estimated that worldwide, there are currently over one billion computers and five billion mobile phones in active use. With 226 million new Internet users this year, 162 million of whom are from developing nations, it is predicted that the number of Internet users will exceed 2 billion before the end of 2010.

Given that the current world population is estimated to be 6.9 billion, this figure suggests that 30 per cent of planet Earth’s population will be online by New Years Day, 2011.

Looking ahead, it is further predicted that by 2020, a staggering total of 20 billion computing devices will be hooked up to the Internet. Cisco, however, forecast that fifty times the predicted figure – one trillion devices – will be connected by 2013, seven years earlier and only 25 months away!

Undoubtedly, the Internet has in just two decades, established itself as the dominant communication and information exchange system for how our economy and society operates. The predicted, uncontrollable explosion of growth will be the driving factor to accelerating the next evolutionary step – the inevitable move into the Cloud.

Already we are witnessing the unprecedented rise of mobile apps and the Smartphone, a mini computer ‘thin client’ in its own right, capable of sending and receiving multi media data from a central provider. The spectacular growth of closed platform, aggregation sites like Facebook alongside the likes of Google and Apple, are already positioned as the predominant, controlling global network and content provider to most of the world’s online population.

For SME and mid-sized company alike, the urgency for IT managers to forward plan to accommodate the expected rapid expansion of data transfer and storage requirement is now time critical. The recent Virgin Media announcement of their Superfast fibre-optic broadband rollout of 100Mbps capability to homes and businesses is bound to be followed by competitors. Trying to keep up with the explosion of data will be impossible, both technically and financially for all but the largest organisations.

The recognition that outsourcing IT services to an external storage provider, e.g. through regionally supplied IT support, is now very much on the horizon for the overwhelming majority of enterprises of whatever size, has to be confronted. The provision of a proactive IT cloud supplier to partner is essential to creating an integrated data strategy for individualised, business requirements.

In addition, the necessity of a flexible infrastructure providing needs-based cloud as a resource, will be vital when network data and application structures demand to be sustained at increasing levels of speed and capacity.

The issue of data protection and network security can be found to be at the source of much of the misinformation and other myths attendant on deploying a cloud computing service infrastructure, such as DesktopLive. It’s also evident that the distinctions between deploying a private cloud or public cloud application are becoming confused in their varying appropriate utilities according to business domain needs.

Private Cloud
An early preconception is to take a view of private clouds as not providing the same elasticity and value as public clouds. This is assumed because they are not obtained from an outside provider using significantly considerable amounts of IT resources and not under private ownership. However, there is no reason to prevent the building of an IT architecture within the company itself that does appropriate same design patterns and, thus, the same value attributes of public clouds, including elasticity.

The assertion of an illegality issue that may be applied to individual industry sectors are ill informed, and notwithstanding adherence to compliancy guidelines applied to the storage of personal medical information and financial information, the rules do not extend to commercial/enterprise data. Key to a proactive IT stance, for example, will underpin the allowing of a cloud user to specify where data will reside.

It’s critical to understand that private cloud functionality is much more than simple virtualisation and supports a true multitenant architecture. Importantly, private clouds provide most of the features and functions of public clouds.

Public Cloud
Another contentious issue surrounds reliability although it is readily recognised that public clouds perform on a regional basis more reliably then most business/ enterprise IT infrastructure. The standard of IT support from cloud providers will focus more on ‘redundancy’ and thus provide superior IT services continuity monitoring to ensure sustained uptime than many private organisation systems.

It is often assumed that public clouds are always less expensive than private clouds. Lower costs may be reflected in the ability to use applications, development platforms, and infrastructure from a pay-as-you-go subscription service. But whilst this will always be more cost efficient than a company simply purchasing, installing, and supporting their own hardware and software, each type of application and service offering needs to be evaluated over a long term duration.

Hybrid Cloud
Hybrid clouds are essentially two or more separated clouds, e.g. private and public, linked by technology for data and application portability. They should not be considered as providing an easy method to migrate from a private cloud to the public cloud. Localisation of application and data in either or both can make this highly prohibitive.

Cloud computing is not a one size fits all applications model and is more than just shared, multi-tenant infrastructures. Key to understanding its different ways of being applied is to be aware that each approach possesses unique characteristics and economics that can help optimise application to how the service might best serve a given objective.

Whilst public clouds may be viewed as delivering best value, scaled cost efficiencies, their shared infrastructure model can limit configuration, and be less suitable for services using sensitive data subject to compliancy. Internal clouds will sit within a data centre behind company-built protections and tend to be less automated. A hosted cloud operates at a service provider behind enhanced resources protection. Although still managed as a pool, as a cloud provider service, increased custom protection with greater economies of scale can be delivered.

Companies adopting a hybrid cloud strategy will best optimise their business service usage to requirement. Taking a flexible, proactive IT approach, Cloud computing allows an increasing versatility which matches infrastructure service options to specific business applications more efficiently and cost effectively than previous static arrangements.

Integration between different deployment infrastructures can be seen as delivering the greatest value. Cloud platforms are essentially a portfolio of operating options, whereby cloud resources composed of public, internal, and hosted cloud resources can link together with traditional uses via a virtual private cloud.

Partnering with a cloud provider developer is critical as any web infrastructure will likely range across a data centre, content delivery network, and an IT support hosting provider. By determining what types, parts of applications and data sets best match specific cloud use options, a joined up map can be assembled to guide appropriate use as new applications are integrated within a cloud system.

It’s critical to build a network security model by understanding the dimensions of protection which must be taken for different data types and to determine where applications can safely be used. Security policy awareness is essential for cloud resource use as applications are developed whether a private cloud is internal or hosted.

As a more durable, yet flexible needs-based networking concept, which advances the principle of a virtual private network (VPN), cloud computing, as with the implementation of a DesktopLive model, is a scalable method for extending a secure trust based network over a series of resources regardless of usage, business service and locations.

Recent news that HP and McCartney Productions Limited (MPL) had agreed to digitally convert and deliver the music library of ex-Beatle, Paul McCartney via a private cloud, may be seen as representing a very public statement, vindicating belief in and acceptance of the shift towards cloud technology as the future of comprehensive, universal data storage and access.

The McCartney library collection includes a wealth of images, artwork, paintings, film and videos, and in addition to changing how music fans and artists will interact, the digitization of McCartney’s library is intended to help preserve the iconic, musical history and its legacy for future generations.

Whilst SMEs have been quicker to see the accelerated capability for data and resource applications to be easily obtained independently of location, say via DesktopLive, for many traditional businesses, Cloud computing – where services are no longer tied to dedicated hardware – is still viewed as a major departure from the understood IT service delivery model and indigenous network security.

Servers, network devices, and storage can be considered ‘virtualised’ resources. By abstracting from the hardware, they move freely about an infrastructure, delivering services when and where they are needed. Implementation of cloud computing does not mean a complete reinvention of a company’s entire IT arrangements. IT support for industries underpins essential IT services continuity.

For proactive IT cloud providers, the imperatives of delivering structural IT support are intrinsic to assured, service delivery. The key planks being the achievement of extreme agility in responding to tailored business demands, the driving down of service delivery costs, and the minimisation of risk.

Inevitably, understandable concerns over security of releasing sensitive/highly confidential information from behind their own secured firewall is more likely to lead to companies adopting the private cloud. This means that the physical hardware remains within a company’s own premises, for daily system operation, maintenance, and security to be run in house.

However, more confident enterprises have embraced cloud computing by augmenting the private cloud with the possibilities offered from public cloud providers. The hybrid cloud approach consists of a private and public cloud which however, remains separate but work together to provide infinite data and application portability.

The hybrid cloud approach also has a stringent service management requirement to achieve the necessary performance, security, and compliance. Consequently, it’s important to choose a reliable IT supplier of public cloud, that can extend service management capabilities to an organisation.

The future predicted by many proactive IT professionals has to be Cloud shaped. The entire Web will be completely transformed into one endless storage cloud where data is constantly uploaded and downloaded and thus, the concept of data ownership will become meaningless in a virtual world where everyone will have access to everything.

Data storage and remote access are becoming ever more urgent issues as emergent technology platforms and channels for instant, interactive message and media exchange accelerate demand for capacity. From SMEs to Corporates, the challenge for information storage space is unending. Simplistic solutions like stockpiles of DVDs, data sticks, larger hard drives or wholesale deletion of old files are now no longer tenable.

Cloud storage, or the saving of data to an off-site storage system maintained by a third party, or cloud provider, is now the only realistic way forward in the 21st century. Essentially, this means no longer storing information on a computer’s own hard drive or another local storage device, but instead saves to a remote database and the Internet provides the connection between the two. A cloud storage system simply needs just one data server connected to the Internet.

Data can then be accessed from any location with Internet access without the need of a physical storage device or using the same computer to save and retrieve information. In addition, cloud storage is a supremely efficient method to create data backups for a company’s own computer system. Customising the right storage system, for example, with a DesktopLive system, allows for multiple, remote access for collaborative work.

The transformation of traditional business environments into virtual, interactive hubs across geographically dispersed locations is constantly attended by 24/7 monitoring with national IT support at regional level, e.g. IT support London or IT support Manchester.

Although Cloud storage systems generally rely on hundreds of data servers to store the same information on multiple machines using different power supplies, there are still mostly unwarranted concerns over reliability, security and ability to access information. The resistance against the relinquishing of onsite company data, applications and servers is a further area of contention, which the urgent necessities of growing storage requirement will ultimately resolve.