Network Security in Cloud Computing

Comparatively, cloud networking features more security than traditional networking. Some of the security benefits include the option to encrypt data, provide multi-factor authentication, install firewalls, and enable data loss prevention.

Researchers identifies the following four principles of network security in cloud computing:

  1. Isolation between multiple zones should be guaranteed using layers of firewalls.
  2. Network controls for traffic to and from their applications.
  3. End-to-end transport level encryption should be used by applications.
  4. Standard secure encapsulation protocols such as IPSEC, SSH, SSL should be used when deploying a virtual private cloud.

In addition to these four principles, it’s essential to hold public cloud service provider accountable to their service level agreements (SLA). According to one of them “an SLA by itself is not enough to guarantee that your organization receives the level of service promised. Since it is not in the provider’s interest to inform a client when its quality of service fails, we must rely on an independent view of WAN link connections.” Investing in network performance management (NPM) tools gives enterprises access to monitor network performance and ensures that the cloud service provider is fulfilling requirements.

Challanges in Managing Hetrogenous Cloud

The newest cloud trend dominating IT strategy discussions? Multi-cloud. Tired of data lock-in and the reduced value of one-size-fits-all services over niche alternatives, tech-savvy companies are turning to a mix of cloud providers rather than simply cloud types. Yet with one cloud vendor for security, a mix of solutions for new and legacy applications, separate dev and testing environments,  and several overlaps for storage and backup, how do businesses make sure they’re getting the best value for their budget?

Here’s a look at tackling the top multi-cloud challenges.

Multi-Cloud Challenge No. 1: Unique Portals

One of the greatest benefits of multi-cloud also presents one of its greatest challenges. Multi-cloud allows organizations to deploy the environment for each and every critical business applications, but in doing so, adds several layers of management complexity.  Every vendor deployment comes with its own unique portals and processes that companies need to manage. Consider that even something as seemingly simple as Identity and Access Management can be complicated if different providers demand differing password complexities or authentication measures.

The simplest solution here? A multi-cloud management platform that brings unique resources under a single umbrella, and helps avoid problems with platform and process sprawl. While a good start, such platforms typically are never a one-stop shop. Meaning, you might find great multi-cloud monitoring platform, but still rely on manual security patching or provider portals for advanced configuration.

Multi-Cloud Challenge No. 2: Cloud Skills Gap

The exponential growth of AWS and Azure is fueling huge demand for admins and architects who’ve mastered the platforms. In fact, AWS-certified IT professionals are commanding 28 percent higher salaries than their peers. Companies looking to harness the public cloud as a major pillar of their multi-cloud strategies must account for these unique skill sets, and be prepared to make the necessary investments, or alternatively, partner with a managed service provider with a proven track record of multi-cloud expertise.

Multi-Cloud Challenge No. 3: App Sprawl

Multi-cloud environments make it easier than ever to lose track of which applications are running, where and how much this costs you day to day. For example, employees may be partial to a particular cloud for certain workloads, but across your entire staff, this choice may not be consistent. This means you could end up with three, four or more of the same app, open across multiple clouds. The solution? According to Tech Republic you’re well served following apps to the cloud, rather than trying to push apps into the cloud based on falling storage or compute prices.

Multi-Cloud Challenge No. 4: Migration

How do you get from “here” to “there?” If you’re moving apps and services from an existing hybrid deployment of public and private cloud solutions and spreading them out across multiple clouds, you’re facing a migration problem: How do you ensure that the result matches expectations and doesn’t simply pad expenses? The right multi-cloud management solution can help you prepare automatic deployment of existing standards and policies across your new cloud network, rather than forcing you to complete this task one deployment at a time.

Multi-Cloud Challenge No. 5: Compliance

HIPAA. PCI DSS. FISMA. SOX. For most companies, multiple compliance requirements apply to some or all of their data — and these requirements don’t disappear in the cloud. As a result, you need to ensure that specific providers are able to meet compliance needs before making them part of your multi-cloud infrastructure. Verify that they can satisfy compliance needs and are willing to sign all necessary business associate or other agreements, or consider the help of a cloud service brokerage (CSB) to find your best fit.

Multi-Cloud Challenge No. 6: Security

No discussion of multi-cloud is complete without mentioning secure environments for the cloud. As noted by Computer Weekly, it’s critical to have a detailed security discussion with your potential vendor prior to signing any SLA — find out what’s covered under provider responsibilities along with its specific response in the case of a security breach or data loss: Is the vendor prepared to help with remediation efforts or does it simply shell out a set penalty? Both options are viable, but it pays to know before you start moving data.

Multi-cloud offers businesses the ability to create powerful and secure cloud environments outside the traditional compute framework. Maximizing the impact of multi-cloud, however, means tackling the challenges of unique portals, app sprawl, migration, compliance and security head-on.

Additionally, IT is confronted with the fact that business unit owners know longer need to go through IT to acquire compute resources. Referred to by many as “Shadow IT,” the trend opens organizations to significant vulnerabilities due to a lack of oversight and adherence to standard security protocols. To bring rogue infrastructure out of the shadows, IT leaders must build relationships with business units and define clear policies for self-service IaaS solutions.

Multi-Cloud Challenge No. 7: Controlling Costs

Mastering multi-cloud economics is perhaps the greatest challenge of all. Each platform has its own unique set of variables that make optimization a full-time job – billing systems, pricing models, instance/VM sizing differences, data egress fees, etc. The multi-vendor sprawl of billing itself can induce budgeting nightmares for IT management. Partnering with a managed multi-cloud provider to consolidate billing and provide application-specific cost analysis, however, can simultaneously ease a lot of this burden and keep IT’s relationship with the finance department healthy. (Always a good idea!)  

Cloud Security Companies and Vendors

Here we go with a brief overview of each individual cloud Security services.

#1) Sophos

Sophos Logo

Sophos is a Hardware and Software Security Company that provides co-ordinated security between firewalls and the endpoints with real-time aptitude. Sophos Cloud has now been termed as Sophos Central.

  • Sophos Central offers services like modernized plan or aim, improved safety, locating the threats more rapidly and exploring them, simplified enterprise-level security solutions etc.
  • Sophos also offers few other security solutions that include email, web, mobiles, servers, Wi-Fi etc.
  • Sophos was established in 1985, and as per the 2016 annual report, there are about 2700 employees in the company
  • Sophos Central is available for a 30-day free trial
  • As per the financial reports for 2016, the yearly revenue of Sophos was $478.2 million

#2) Hytrust

Hytrust Logo

Hytrust is a Cloud Security Automation company that has automated the security controls related to networking, computing etc through which it attained the maximum point of visibility and data protection.

  • Hytrust offers various services like cloud and virtualization security, cloud encryption, encryption key management, automated compliance etc.
  • Hytrust’s main motto is to facilitate reliable communications across public and private clouds
  • Few of the Chief clients of Hytrust are IBM Cloud, Cisco, Amazon Web Services, and VMware etc.
  • Hytrust Company was established in 2007 and presently they have around 51 – 200 employees in their organization.

#3) Cipher Cloud

Cipher Cloud Logo

CipherCloud is a privately held leading cloud security company that protects your data flawlessly and more effectively by incorporating data monitoring & protection, risk analysis, and cloud detection.

  • CipherCloud has extended its services across various sectors like financial, healthcare & pharmaceutical, government, insurance and telecommunications etc.
  • This Company offers a wide range of services like cloud computing and security, data loss prevention, tokenization, cloud encryption gateway etc to the above sectors as mentioned in the previous point
  • CipherCloud was founded in 2010, and now there are approximately 500 employees in that company
  • CipherCloud protects Google drive, Dropbox, OneDrive, Office 365, SAP etc.

#4) Proofpoint

Proofpoint Logo

Proofpoint is a foremost security and Compliance Company that offers enterprise and corporate level cloud-based encryption solutions.

  • Proofpoint protects the sensitive data related to business through cloud-based email security and compliance solutions
  • Using Proofpoint solutions one can stop the attacks through attachments to a maximum extent
  • The solutions offered by Proofpoint are a bit complex and it includes more modules. Such numerous modules may cause few problems for smaller companies
  • This company was established in 2002 and it has around 1800 employees at present
  • Proofpoint’s total revenue for the year 2016 was $375.5 million.

#5) Netskope

Netskope Logo

Netskope is a chief cloud security company that uses some patented technology to provide security over various networks like remote, corporate, mobile etc.

  • Netskope’s cloud security is trusted by many of the larger enterprises or organizations because of its rough security policies, advanced cloud technologies, unique cloud-scale architecture etc.
  • Few of the leading clients of Netskope are Toyota, Levi’s, IHG, Yamaha etc.
  • Netskope is the only Cloud Access Security Broker (CASB) that provides complete sophisticated threat protection for cloud services by some multi-level risk discovery
  • Netskope is a privately held American based software company established in 2012 with 500 employees approximately

#6) Twistlock

Twistlock Logo

Twistlock is a privately held Information Technology and Services company that provides uninterrupted and end-to-end security for containerized applications.

  • Twistlock’s sophisticated, highly developed intelligence and centralized platform protects the environment from next-generation threats, malware, exploits, etc.
  • Twistlock extends its services to few of the reputed customers like Amazon Web Services (AWS), Aetna, InVision, AppsFlyer etc.
  • The safety solutions offered by Twistlock are Automated Runtime defense, Vulnerability Management, Proprietary Threat feeds etc.
  • Twistlock was established in 2015 with present staff count of around 200 employees

#7) Symantec

Symantec Logo

Symantec is the world’s foremost Computer Software and Cyber Security Company that safeguards the vital data of the organizations. To characterize the potential of cybersecurity, Symantec has acquired Blue Coat Systems (Leader in highly developed enterprise security) in 2016.

  • With the acquisition of Blue Coat by Symantec they became the leader in data loss prevention, cloud generation security and website security, email, endpoint etc.
  • Symantec and Blue Coat together are solving the greatest challenges faced by their customers like Safeguarding the mobile labor force thereby avoiding the advanced threats etc.
  • Few of the incorporated products by Symantec which offer supreme protection to minimize the risk are Messaging Security, Endpoint & Hybrid Cloud Security, Information protection and Secure Web gateway (SWG) etc.
  • Symantec is a Public Company that was launched in 1982. Approximately there are 11,000 employees in that organization at present

#8) Fortinet

Fortinet Logo

Fortinet is a Computer and Network Security Company that develops and promotes firewalls, anti-virus, security gateways and also other cybersecurity software to safeguard your Public, Private and Hybrid Cloud.

  • FortiCASB (Fortinet Cloud Access Security Broker) is an important module of Fortinet’s Cloud Security Solution
  • FortiCASB is planned to afford data security, visibility, threat protection and compliance for the cloud data of all sized enterprises
  • Few of the Featured Customers who are utilizing the services of Fortinet are Panasonic, Edward Jones, Harley Davidson Dealer Systems (HDDs), and Cash Depot etc.
  • This company was established in the year 2000. And now the company size has extended up to 5000 employees
  • Revenue of Fortinet for the year 2016 was $1.28 billion.

#9) Cisco Cloud

Cisco Cloud Logo

Cisco is world’s foremost Computer Networking Company that makes, expands and sells high technology products & services, networking hardware, domain security etc.

  • Cisco Cloud Security helps its users to protect their data and application by blocking the threats in advance, extending its protection wherever the user goes and access the internet
  • It also enables the compliance and protects it against malware, data breaches etc.
  • Cisco Cloudlock is a CASB that uses automated approaches to handle the threats in the cloud app security eco-system
  • Cisco was established in the year 1984.  And presently there are around 71,000 employees in the company

#10) Skyhigh Networks

Skyhigh Networks Logo

Skyhigh Networks is the leader in Cloud Access Security Broker (CASB) that helps enterprises to tackle data security challenges in the cloud by enforcing data security policies and defending against the threats.

  • With Skyhigh cloud data security, the organizations can spot and rectify the confidential user threats, insider threats, unofficial cloud entries etc.
  • Using Skyhigh data encryption approach one can protect the data that is already uploaded to the cloud and the data that is to be uploaded
  • Few of the customers who have adapted Skyhigh Networks cloud security are Western Union, HP, Honeywell, Perrigo, Directv, and Equinix etc.
  • Skyhigh Network is a Computer and Network Security Company which started in 2012 with a present staff count ranging from 201 to 500 employees

Top Security Issues in Cloud Computing

First on the list is data breaches. To illustrate the potential magnitude of this threat, CSA pointed to a research paper from last November describing how a virtual machine could use side-channel timing information to extract private cryptographic keys in use by other VMs on the same server. A malicious hacker wouldn’t necessarily need to go to such lengths to pull off that sort of feat, though. If a multitenant cloud service database isn’t designed properly, a single flaw in one client’s application could allow an attacker to get at not just that client’s data, but every other clients’ data as well.

The challenge in addressing this threats of data loss and data leakage is that “the measures you put in place to mitigate one can exacerbate the other,” according to the report. You could encrypt your data to reduce the impact of a breach, but if you lose your encryption key, you’ll lose your data. However, if you opt to keep offline backups of your data to reduce data loss, you increase your exposure to data breaches. 

The second-greatest threat in a cloud computing environment, according to CSA, is data loss: the prospect of seeing your valuable data disappear into the ether without a trace. A malicious hacker might delete a target’s data out of spite — but then, you could lose your data to a careless cloud service provider or a disaster, such as a fire, flood, or earthquake. Compounding the challenge, encrypting your data to ward off theft can backfire if you lose your encryption key.

Data loss isn’t only problematic in terms of impacting relationships with customers, the report notes. You could also get into hot water with the feds if you’re legally required to store particular data to remain in compliance with certain laws, such as HIPAA. 

The third-greatest cloud computing security risk is account or service traffic hijacking. Cloud computing adds a new threat to this landscape, according to CSA. If an attacker gains access to your credentials, he or she can eavesdrop on your activities and transactions, manipulate data, return falsified information, and redirect your clients to illegitimate sites. “Your account or services instances may become a new base for the attacker. From here, they may leverage the power of your reputation to launch subsequent attacks,” according to the report. As an example, CSA pointed to an XSS attack on Amazon in 2010 that let attackers hijack credentials to the site.

The key to defending against this threat is to protect credentials from being stolen. “Organizations should look to prohibit the sharing of account credentials between users and services, and they should leverage strong two-factor authentication techniques where possible,” according to CSA. 

Fourth on the list of threats are insecure interfaces and APIs. IT admins rely on interfaces for cloud provisioning, management, orchestration, and monitoring. APIs are integral to security and availability of general cloud services. From there, organizations and third parties are known to build on these interfaces, injecting add-on services. “This introduces the complexity of the new layered API; it also increases risk, as organizations may be required to relinquish their credentials to third parties in order to enable their agency,” the report notes.

Denial of service ranks as the fifth-greatest security threat to cloud computing. DoS has been an Internet threat for years, but it becomes more problematic in the age of cloud computing when organizations are dependent on the 24/7 availability of one or more services. DoS outages can cost service providers customers and prove pricey to customers who are billed based on compute cycles and disk space consumed. While an attacker may not succeed in knocking out a service entirely, he or she “may still cause it to consume so much processing time that it becomes too expensive for you to run and you’ll be forced to take it down yourself,” the report says. 

No. 6 on the list is malicious insiders, which can be a current or former employee, a contractor, or a business partner who gains access to a network, system, or data for malicious purposes. In an improperly designed cloud scenario, a malicious insider can wreak even greater havoc. From IaaS to PaaS to SaaS, the malicious insider has increasing levels of access to more critical systems and eventually to data. In situations where a cloud service provider is solely responsible for security, the risk is great. “Even if encryption is implement, if the keys are not kept with the customer and are only available at data-usage time, the system is still vulnerable to malicious insider attack,” according to CSA. 

Seventh on the list is cloud abuse, such as a bad guy using a cloud service to break an encryption key too difficult to crack on a standard computer. Another example might be a malicious hacker using cloud servers to launch a DDoS attack, propagate malware, or share pirated software. The challenge here is for cloud providers to define what constitutes abuse and to determine the best processes for identify it. 

Eight on the list of top security threats to cloud computing is insufficient due diligence; that is, organizations embrace the cloud without fully understanding the cloud environment and associated risks. For example, entering the cloud can generate contractual issues with providers over liability and transparency. What’s more, operational and architectural issues can arise if a company’s development team isn’t sufficiently familiar with cloud technologies as it pushes an app to the cloud. CSA’s basic advice is for organizations to make sure they have sufficient resources and to perform extensive due diligence before jumping into the cloud. 

Last but not least, CSA has pegged shared technology vulnerabilities as the ninth-largest security threat to cloud computing. Cloud service providers share infrastructure, platforms, and applications to deliver their services in a scalable way. “Whether it’s the underlying components that make up this infrastructure (e.g. CPU caches, GPUs, etc.) that were not designed to offer strong isolation properties for a multi-tenant architecture (IaaS), re-deployable platforms (PaaS), or multi-customer applications (SaaS), the threat of shared vulnerabilities exists in all delivery models,” according to the report.

If an integral component gets compromised — say, a hypervisor, a shared platform component, or an application — it exposes the entire environment to a potential of compromise and breach. CSA recommends a defensive, in-depth strategy, including compute, storage, network, application, and user security enforcement, as well as monitoring.

Cloud Computing Security Architecture for IaaS, SaaS, and PaaS.

Securing the cloud starts with the cloud architecture. The critical piece to building the cloud computing security architecture is planning the visibility portion, aka the performance management strategy, of the cloud network. Visibility provides insight into potential flaws, traffic blockages, or locates suspicious activities in the network. SAN Org states it best: “Visibility is the key takeaway here, because you cannot protect systems you cannot see.”

Cloud security falls into a shared cloud responsibility model, meaning that both the provider and the consumer possess responsibility in securing the cloud. The best practice is for enterprises to carefully review the cloud service provider’s (CSP) service level agreement (SLA) to understand the enterprise’s responsibility of enforcing security measures. For all cloud service models, ResearchGate recommends these items for a secure cloud architecture:

  1. Apply Single Sign-On for multiple accounts with various service providers to make it easier on the IT administration staff to monitor the cloud.
  2. Use virtual firewalls instead of first-generation firewalls
  3. Incorporate data loss prevention tools

In addition to the advice from ResearchGate, enterprises should further protect the cloud by implementing a Security Information and Event Management (SIEM), a Denial-of-Service (DDoS) Attack Protection, and Anti-Virus Software.

How the Cloud Computing Security Architectures Vary Based on Cloud Service Models

While all cloud architecture models require performance management tools and strategy, the security architecture varies based on the type of cloud model — software-as-a-service (SaaS), infrastructure-as-a-service (IaaS), or platform-as-a-service model (PaaS). It’s important to distinguish the different service models, as The Cloud Security Alliance notes: “IaaS is the foundation of all cloud services, with PaaS building upon IaaS, and SaaS in turn building upon PaaS.”

The Cloud Computing Security Architecture for IaaS, SaaS, and PaaS.

Source: Cloud Security Alliance

IaaS Cloud Computing Security Architecture

This infrastructure provides the storage and networking components to cloud networking. It relies heavily on application programming interfaces (APIs) to allow enterprises to manage and interact with the cloud. However, cloud APIs tend to be insecure as they’re open and readily accessible on the network.

The CSP handles the security of the infrastructure and the abstraction layers. The enterprise’s security obligations include the rest of the stack, including the applications.

Deploying network packet brokers (NPB) in an IaaS environment provides the visibility into security issues within a cloud network. NPB’s direct traffic and data to the appropriate network performance management (NPM) and security tools.  Along with deploying NPB to gather wire data, enterprises should log wires to view issues occurring at the endpoints in a network.

IaaS cloud computing service models require these additional security features:

  • Virtual web application firewalls placed in front of a website to protect against malware.
  • Virtual network-based firewalls located at the cloud network’s edge that guards the perimeter.
  • Virtual routers
  • Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS)
  • Network segmentation

SaaS Cloud Computing Security Architecture

SaaS centrally hosts software and data that are accessible via a browser. The enterprise normally negotiates with the CSP the terms of security ownership in a legal contract.

Cloud Access Security Brokers (CASB) play a central role in discovering security issues within a SaaS cloud service model as it logs, audits, provides access control, and oftentimes includes encryption capabilities.

Other security features for the SaaS cloud environment include:

  • Logging
  • IP restrictions
  • API gateways

PaaS Cloud Computing Security Architecture

CSA defines PaaS as the “deployment of applications without the cost and complexity of buying and managing the underlying hardware and software and provisioning hosting capabilities.”

The CSP secures a majority of a PaaS cloud service model. However, the security of applications rests with the enterprise. The essential components to secure the PaaS cloud include:

  • Logging
  • IP restrictions
  • API gateways

For detail on security reference model refer the link

Major Challenges of Cloud Computing

Cloud computing is used for enabling global access to mutual pools of resources such as services, apps, data, servers, and computer networks. It is done on either a third-party server located in a data center or a privately owned cloud. This makes data-accessing contrivances more reliable and efficient, with nominal administration effort.

Because cloud technology depends on the allocation of resources to attain consistency and economy of scale, similar to a utility, it is also fairly cost-effective, making it the choice for many small businesses and firms.

But there are also many challenges involved in cloud computing, and if you’re not prepared to deal with them, you won’t realize the benefits. Here are six common challenges you must consider before implementing cloud computing technology.

1. Cost

Cloud computing itself is affordable, but tuning the platform according to the company’s needs can be expensive. Furthermore, the expense of transferring the data to public clouds can prove to be a problem for short-lived and small-scale projects.

Companies can save some money on system maintenance, management, and acquisitions. But they also have to invest in additional bandwidth, and the absence of routine control in an infinitely scalable computing platform can increase costs.

2. Service Provider Reliability

The capacity and capability of a technical service provider are as important as price. The service provider must be available when you need them. The main concern should be the service provider’s sustainability and reputation. Make sure you comprehend the techniques via which a provider observes its services and defends dependability claims.

3. Downtime

Downtime is a significant shortcoming of cloud technology. No seller can promise a platform that is free of possible downtime. Cloud technology makes small companies reliant on their connectivity, so companies with an untrustworthy internet connection probably want to think twice before adopting cloud computing.

4. Password Security

Industrious password supervision plays a vital role in cloud security. However, the more people you have accessing your cloud account, the less secure it is. Anybody aware of your passwords will be able to access the information you store there.

Businesses should employ multi-factor authentication and make sure that passwords are protected and altered regularly, particularly when staff members leave. Access rights related to passwords and usernames should only be allocated to those who require them.

5. Data privacy

Sensitive and personal information that is kept in the cloud should be defined as being for internal use only, not to be shared with third parties. Businesses must have a plan to securely and efficiently manage the data they gather.

6. Vendor lock-in

Entering a cloud computing agreement is easier than leaving it. “Vendor lock-in” happens when altering providers is either excessively expensive or just not possible. It could be that the service is nonstandard or that there is no viable vendor substitute.

It comes down to buyer carefulness. Guarantee the services you involve are typical and transportable to other providers, and above all, understand the requirements.

Cloud computing is a good solution for many businesses, but it’s important to know what you’re getting into. Having plans to address these six prominent challenges first will help ensure a successful experience.

Business Intelligence in the Cloud

In the wake of economic slowdown, organizations are aiming to make the most of their existing resources—to make every input a viable source. In such a strategy, modern technologies such as Cloud Services and Business Intelligence (BI) are regarded to be prerequisite platforms. Such technologies not only prepare companies to become efficient but also make them ready to maintain a competitive stance. BI and cloud work in sync to form hypotheses and predictions to be prepared for market competition. Researchers believe that the future of BI will be very bright when it is used on existing cloud platforms; it may also exhibit computing advantages based on daily data accumulating of large volumes.

Cloud-based BI is different from traditional BI in the sense that it implements expensive and complicated software on-site; it is accessible anywhere on any device in a so-called software-as-a-service model. Cloud BI doesn’t require additional hardware or software nor a strict restriction on space. The system can also auto-select storage according to current computing needs – this elastic scaling and ever-ready availability are the perks that make cloud-based BI so powerful.

BI involves making better decisions through the use of people, data, processes, and related tools and methodologies. Recently, BI has come to rely on near real-time operational data of systems such as ERPs, CRMs, supply chains, and so on. Operational BI is often tied to performance management and business process management with natural undertones of maintaining data quality, consistency, and the monitoring of these two. BI prompts intelligent reports based on a market analysis which may also involve geography based investment decision for MNCs or buying behavior of consumers for producers.

The ability to operate on BI involves intensive data management and computationally expensive data analysis. With the help of the cloud, BI bypasses these hurdles without impacting the quality of the processes negatively. Instead, it improves efficiency, reduces error, and expenditure.

The analytics performed on the cloud platform will affect BI in the following ways:

• Accelerating the adoption of BI services due to rising lucrative intents involved.

• Easier evaluation of the data and analytics through real-time analysis at lightning-fast speed.

• Increased short-term ad-hoc analysis through avoiding data marts spawning. The data mart can be created whenever needed, and after the job, it can be eliminated from a cloud cluster without causing redundancy.

• BI will also make the process very flexible through avoidance of long-term business commitments. The companies will be autonomous in catering to the needs of data usage.

• Consideration of probable growth through ongoing analysis of data staged on an architecture functionally efficient, elastic and platform such as cloud.

BI in the cloud also has some benefits that might be instrumental in transforming its future, especially in its broad adoption. These benefits include:

• Fast, easy and inexpensive deployment resulting from non-requirement of infrastructural setup.

• No extra expenditure on hardware and software setup, which will inevitably result in low Total Cost of Ownership (TCO).

• Higher reliability will be extended as cloud computing can be used at reliable and secure locations for data storage against the threat of accidental data loss.

• Multi-tenancy environments where the resources could be better exploited to their optimum usage will result in cost reduction and higher customer reach.

• Free automated software upgrades and maintenance would attract wise brains in adopting the cloud for BI.

• Flexibility and scalability of the cloud needed are not just smart but also economical. Reduction in a waste of cloud space will help save both energy and money.

• Cloud types such as SaaS allow the consumers to pay for only what is used; this would result in the elimination of waste and reduced costs.

• Specific cloud solutions come with personalized needs for data handling. From large numbers of simultaneous users to a minimal amount of users, the consumer will indulge in fast and easy scalability.

• Cloud computing allows easy cross-location data sharing and remote data access even when they are deployed outside a company’s firewall.

With such astounding benefits, it seems convincing to agree with the researchers who proclaim a rapid growth of cloud-based business intelligence in the near future. As the world is progressing and advancing towards the betterment of the technology, it wouldn’t be entirely wrong to predict the improvement of current benefits of cloud-based BI. Cloud-based BI enhances efficiency and productivity of business intelligence. In the future, BI will be further assisted by web 3.0 technology, making its future even brighter.

Definition of Business Intelligence & its Example

What is Business Intelligence?

BI(Business Intelligence) is a set of processes, architectures, and technologies that convert raw data into meaningful information that drives profitable business actions.It is a suite of software and services to transform data into actionable intelligence and knowledge.

BI has a direct impact on organization’s strategic, tactical and operational business decisions. BI supports fact-based decision making using historical data rather than assumptions and gut feeling.

BI tools perform data analysis and create reports, summaries, dashboards, maps, graphs, and charts to provide users with detailed intelligence about the nature of the business.

Why is BI important?

  • Measurement: creating KPI (Key Performance Indicators) based on historic data
  • Identify and set benchmarks for varied processes.
  • With BI systems organizations can identify market trends and spot business problems that need to be addressed.
  • BI helps on data visualization that enhances the data quality and thereby the quality of decision making.
  • BI systems can be used not just by enterprises but SME (Small and Medium Enterprises)

How Business Intelligence systems are implemented?

Here are the steps:

Step 1) Raw Data from corporate databases is extracted. The data could be spread across multiple systems heterogeneous systems.

Step 2) The data is cleaned and transformed into the data warehouse. The table can be linked, and data cubes are formed.

Step 3) Using BI system the user can ask quires, request ad-hoc reports or conduct any other analysis.

Examples of Business Intelligence System used in Practice

Example 1:

In an Online Transaction Processing (OLTP) system information that could be fed into product database could be

  • add a product line
  • change a product price

Correspondingly, in a Business Intelligence system query that would beexecuted for the product subject area could be did the addition of new product line or change in product price increase revenues

In an advertising database of OLTP system query that could be executed

  • Changed in advertisement options
  • Increase radio budget

Correspondigly, in BI system query that could be executed would be how many new clients added due to change in radio budget

In OLTP system dealing with customer demographic data bases data that could be fed would be

  • increase customer credit limit
  • change in customer salary level

Correspondingly in the OLAP system query that could be executed would be can customer profile changes support support higher product price

Example 2:

A hotel owner uses BI analytical applications to gather statistical information regarding average occupancy and room rate. It helps to find aggregate revenue generated per room.

It also collects statistics on market share and data from customer surveys from each hotel to decides its competitive position in various markets.

By analyzing these trends year by year, month by month and day by day helps management to offer discounts on room rentals.

Example 3:

A bank gives branch managers access to BI applications. It helps branch manager to determine who are the most profitable customers and which customers they should work on.

The use of BI tools frees information technology staff from the task of generating analytical reports for the departments. It also gives department personnel access to a richer data source.

Four types of BI users

Following given are the four key players who are used Business Intelligence System:

1. The Professional Data Analyst:

The data analyst is a statistician who always needs to drill deep down into data. BI system helps them to get fresh insights to develop unique business strategies.

2. The IT users:

The IT user also plays a dominant role in maintaining the BI infrastructure.

3. The head of the company:

CEO or CXO can increase the profit of their business by improving operational efficiency in their business.

4. The Business Users”

Business intelligence users can be found from across the organization. There are mainly two types of business users

  1. Casual business intelligence user
  2. The power user.

The difference between both of them is that a power user has the capability of working with complex data sets, while the casual user need will make him use dashboards to evaluate predefined sets of data.

Advantages of Business Intelligence

Here are some of the advantages of using Business Intelligence System:

1. Boost productivity

With a BI program, It is possible for businesses to create reports with a single click thus saves lots of time and resources. It also allows employees to be more productive on their tasks.

2. To improve visibility

BI also helps to improve the visibility of these processes and make it possible to identify any areas which need attention.

3. Fix Accountability

BI system assigns accountability in the organization as there must be someone who should own accountability and ownership for the organization’s performance against its set goals.

4. It gives a bird’s eye view:

BI system also helps organizations as decision makers get an overall bird’s eye view through typical BI features like dashboards and scorecards.

5. It streamlines business processes:

BI takes out all complexity associated with business processes. It also automates analytics by offering predictive analysis, computer modeling, benchmarking and other methodologies.

6. It allows for easy analytics.

BI software has democratized its usage, allowing even nontechnical or non-analysts users to collect and process data quickly. This also allows putting the power of analytics from the hand’s many people.

BI System Disadvantages

1. Cost:

Business intelligence can prove costly for small as well as for medium-sized enterprises. The use of such type of system may be expensive for routine business transactions.

2. Complexity:

Another drawback of BI is its complexity in implementation of datawarehouse. It can be so complex that it can make business techniques rigid to deal with.

3. Limited use

Like all improved technologies, BI was first established keeping in consideration the buying competence of rich firms. Therefore, BI system is yet not affordable for many small and medium size companies.

4. Time Consuming Implementation

It takes almost one and half year for data warehousing system to be completely implemented. Therefore, it is a time-consuming process.

Trends in Business Intelligence

The following are some business intelligence and analytics trends that you should be aware of.

Artificial Intelligence: Gartner’ report indicates that AI and machine learning now take on complex tasks done by human intelligence. This capability is being leveraged to come up with real-time data analysis and dashboard reporting.

Collaborative BI: BI software combined with collaboration tools, including social media, and other latest technologies enhance the working and sharing by teams for collaborative decision making.

Embedded BI: Embedded BI allows the integration of BI software or some of its features into another business application for enhancing and extending it’s reporting functionality.

Cloud Analytics: BI applications will be soon offered in the cloud, and more businesses will be shifting to this technology. As per their predictions within a couple of years, the spending on cloud-based analytics will grow 4.5 times faster.

Hypervisor and there types used in Cloud Computing

It is the part of the private cloud that manages the virtual machines, i.e. it is the part (program) that enables multiple operating systems to share the same hardware. Each operating system could use all the hardware (processor, memory) if no other operating system is on. That is the maximum hardware available to one operating system in the cloud.

Nevertheless, the hypervisor is what controls and allocates what portion of hardware resources each operating system should get, in order every one o them to get what they need and not to disrupt each other.


Virtualization is changing the mindset from physical to logical.

What virtualization means is creating more logical IT resources, called virtual systems, within one physical system. That’s called system virtualization. It most commonly uses the hypervisor for managing the resources for every virtual system. The hypervisor is a software that can virtualize the hardware resources.

Virtualization, changing the mindset from physical to logical.

There are two types of hypervisors:

  • Type 1 hypervisor: hypervisors run directly on the system hardware – A “bare metal” embedded hypervisor,
  • Type 2 hypervisor: hypervisors run on a host operating system that provides virtualization services, such as I/O device support and memory management.

how type 1 and type 2 hypervisors differ

Type 1 hypervisors:

1. VMware ESX and ESXi

These hypervisors offer advanced features and scalability, but require licensing, so the costs are higher.

There are some lower-cost bundles that VMware offers and they can make hypervisor technology more affordable for small infrastructures.

VMware is the leader in the Type-1 hypervisors. Their vSphere/ESXi product is available in a free edition and 5 commercial editions.

2. Microsoft Hyper-V

The Microsoft hypervisor, Hyper-V doesn’t offer many of the advanced features that VMware’s products provide.
However,  with XenServer and vSphere, Hyper-V is one of the top 3 Type-1 hypervisors.

It was first released with Windows Server, but now Hyper-V has been greatly enhanced with Windows Server 2012 Hyper-V. Hyper-V is available in both a free edition (with no GUI and no virtualization rights) and 4 commercial editions – Foundations (OEM only), Essentials, Standard, and Datacenter. Hyper-V

3. Citrix XenServer

It began as an open source project.
The core hypervisor technology is free, but like VMware’s free ESXi, it has almost no advanced features.
Xen is a type-1 bare-metal hypervisor. Just as Red Hat Enterprise Virtualization uses KVM, Citrix uses Xen in the commercial XenServer.

Today, the Xen open source projects and community are at Today, XenServer is a commercial type-1 hypervisor solution from Citrix, offered in 4 editions. Confusingly, Citrix has also branded their other proprietary solutions like XenApp and XenDesktop with the Xen name.

4. Oracle VM

The Oracle hypervisor is based on the open source Xen.
However, if you need hypervisor support and product updates, it will cost you.
Oracle VM lacks many of the advanced features found in other bare-metal virtualization hypervisors.

Type 2 hypervisor

1. VMware Workstation/Fusion/Player

VMware Player is a free virtualization hypervisor.

It is intended to run only one virtual machine (VM) and does not allow creating VMs.
VMware Workstation is a more robust hypervisor with some advanced features, such as record-and-replay and VM snapshot support.

VMware Workstation has three major use cases:

  • for running multiple different operating systems or versions of one OS on one desktop,
  • for developers that need sandbox environments and snapshots, or
  • for labs and demonstration purposes.

2. VMware Server

VMware Server is a free, hosted virtualization hypervisor that’s very similar to the VMware Workstation.
VMware has halted development on Server since 2009

3. Microsoft Virtual PC

This is the latest Microsoft’s version of this hypervisor technology, Windows Virtual PC and runs only on Windows 7 and supports only Windows operating systems running on it.

4. Oracle VM VirtualBox

VirtualBox hypervisor technology provides reasonable performance and features if you want to virtualize on a budget. Despite being a free, hosted product with a very small footprint, VirtualBox shares many features with VMware vSphere and Microsoft Hyper-V.

5. Red Hat Enterprise Virtualization

Red Hat’s Kernel-based Virtual Machine (KVM) has qualities of both a hosted and a bare-metal virtualization hypervisor. It can turn the Linux kernel itself into a hypervisor so the VMs have direct access to the physical hardware.