CIS 500ACCT

Case Study 2: Cloud Computing

Jamia Yant

Predictive Analysis and Data Mining Benefits

Predictive analytics is using business intelligence data for forecasting and modeling. It is a way
to use predictive analysis data to predict future patterns. It is used widely in the insurance,
medical and credit industries. Assessment of credit, and assignment of a credit score is probably
the most widely known use of predictive analytics. Using events of the past, managers are able to
estimate the likelihood of future events.
Data mining aids predictive analysis by providing a record of the past that can be analyzed and
used to predict which customers are most likely to renew, purchase, or purchase related products
and services.
Business intelligence data mining is important to your marketing campaigns. Proper data mining
algorithms and predictive modeling can narrow your target audience and allow you to tailor your
ads to each online customer as he or she navigates your site. Your marketing team will have the
opportunity to develop multiple advertisements based on the past clicks of your visitors.
Predictive analytics can aid in choosing marketing methods, and marketing more efficiently. By
only targeting customers who are likely to respond positively, and targeting them with a
combination of goods and services they are likely to enjoy, marketing methods become more
efficient. In the best cases, predictive analytics can reduce the amount of dollars spent to close a
sale.

Associations Discovery and Data Mining Benefits

Amazon Elastic Compute Cloud (Amazon EC2) provides a complete environment, a
processor, memory, and preconfigured software. It offers scalability within minutes on a pay-asyou-go basis. It also reduces the time required to obtain and boot new server instances to
minutes, allowing you to quickly scale capacity, both up and down, as your computing
requirements change. Amazon EC2 changes the economics of computing by allowing you to pay
only for capacity that you actually use. Amazon EC2 provides developers the tools to build
failure resilient applications and isolate themselves from common failure scenarios. (Amazon
Web Services, 2012)

Amazon S3
Amazon S3 is simply storage for the Internet. It is designed to make Web-scale computing easier
for developers. It provides a simple Web services interface that can be used to store and retrieve

Case Study 2: Cloud Computing

Jamia Yant

any amount of data, at any time, from anywhere on the Internet. It gives any developer access to
the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses
to run its own global network of Web sites. The service aims to maximize benefits of scale and to
pass those benefits on to developers. Amazon S3 is built to be flexible so that protocol or
functional layers can easily be added. Reliability is backed with the Amazon S3 Service Level
Agreement. As with most cloud services, you pay for what you use. (Amazon Web Services,
2012)

Rightscale
Rightscale acts as the bridge between your applications and your cloud infrastructure.
Rightscale cloud management enables organizations to easily deploy and manage businesscritical applications across public, private, and hybrid clouds. Right Scale provides efficient
configuration, monitoring, automation, and governance of cloud computing infrastructure and
applications. (Crunch Base, 2012) One of its features enables the user to monitor, scale, and
manage entire server deployments efficiently and reliably. (Rightscale Cloud Management,
2012) Right Scale offers automation during the entire deployment lifecycle. There is also
complete visibility into each level of the deployment. Managing, monitoring, testing,
troubleshooting and re-launching applications all offer complete control. It offers the freedom
and flexibility to keep a business from getting locked into a single provider because it is portable.
(Amazon Web Services, 2012)

Security Concerns for Cloud-based Services and Methodologies for

Handling Them
There are several potential security concerns with regard to cloud-based services: privileged user
access, regulatory compliance, data location, data segregation, recovery, investigative support
and long-term viability.

Case Study 2: Cloud Computing

Jamia Yant

Privileged user access. Because the vendor is controlling the cloud, the
organization should ask for detailed information concerning vendor employees and
administrators who have access to the organizations data. The organization should
know the number of vendor employees with data access, as well as their level of
training and expertise, degree of authority, and overall responsibility within the

vendor setting.

Regulatory compliance. The organization is ultimately responsible for the security

and integrity of its own data. Therefore, the organization should insist the cloud

vendor will provide for specific external audits and security certifications.
Data location. It is possible that the organization will not know the physical
location of the cloud. In all actuality it could be in another country, far from the
organizations location. Therefore, the organization may want to specify acceptable
location(s) whenever possible, and ensure the vendor agrees to commit, by contract,

to local privacy requirements.

Data segregation. Many times, the organizations data and information in the cloud
reside alongside other companies data. There should be a clear delineation and
segregation of that information through any number of encryption techniques.
Furthermore, the organization should insist that whatever encryption scheme is

utilized, it is designed and tested by experienced specialists.

Recovery. The vendor should offer a specified plan of action to the organization in
the event of a disaster. A specific and detailed disaster recovery plan should be in

place as part of the agreement between both parties.

Investigative support. Any agreement or contract should include the availability
of, and allowance for, a third-party investigation in the event of a specific problem
requiring investigation. The agreement should allow specific information to be locked
down at the organizations request; the vendor should not be allowed to destroy or

Case Study 2: Cloud Computing

Jamia Yant

change such information. Access to metadata can confirm the unaltered state of the
information.

Long-term viability. The vendor chosen by the organization should have long-term
viability and experience in cloud computing. In addition, there should be a specific
contract-based understanding of the consequences should a vendor participate in a
merger and/or routine, day-to-day functioning of the cloud.

One security methodology that can be used for cloud security is known as the layered
approach. It works to insure the vendor and the organization both have multiple levels of
protection for all data and physical assets. This method offers several layers of protection so the
company is not dependent on a single countermeasure, but relies on multiple defenses at various
levels. These levels would include:

Level 1 physical security: There should be procedures to control, monitor, and

protect the physical facility where servers and other required physical equipment are
located.

Level 2 network security: The vendor should have 24-hour trained security and
network personnel monitoring and managing network filters, which are placed at
various network locations. The competence and skill sets of the personnel managing

the network are crucial at this level.

Level 3 intrusion detection: The vendor should have some form of detection
capability located at multiple points within the network to monitor traffic flow into
and out of the cloud. The vendor should be queried about the possibility of
implementing intrusion detection based upon pre-set parameters negotiated between
the organization and the vendor.

Case Study 2: Cloud Computing

Jamia Yant

Level 4 firewall management: The organization should provide specific firewall

policies unique to its needs. Firewalls can provide an additional level of security into

the organizations specific portion of the cloud.

Level 5 data encryption: Organizations should maintain encryption techniques
within and outside the cloud.

It is important to consider that confidential and sensitive material will be transmitted to the
cloud. It is imperative that the proper and appropriate level of security is provided and
maintained by the vendor, per the organizations requirements and specifications. (Arma
International, 2010)

Scalability, Reliability, and Cost Issues Associated with

Cloud Computing
The primary vehicle for cloud infrastructure is virtualization. This equates to running virtual
servers in large data centers removing the need to buy and maintain expensive hardware and
sharing Infrastructure resources. This allows the businesses to take advantage of economies of
scale and reap some cost savings. Cloud storage offers a number of benefits, such as the ability
to store and retrieve large amounts of data in any location at any time. Data storage services are
fast, inexpensive, and very scalable; but, reliability can be an issue. Every system at some time
experiences down time. Another possible issue could be the cost of developing the application to
synchronize data between the application and the Cloud. Choosing to support both an offline
and online experience for the end users will add additional cost to the project. (Chantry, 2009)
Although promising cost efficiency with its "pay as you need" model, the cost of implementing
cloud computing can skyrocket when the expense of reliable and secure connectivity with
sufficient bandwidth delivered via private WANs (Gottlieb, 2011) I think detailed research into

Case Study 2: Cloud Computing

Jamia Yant

what it would take to implement such a system can reduce the shock of the actual cost of
implementation. Investigate the number of service interruptions your service provider has
experienced. Look at the security concerns and remember to scrutinize the contracts for any
additional costs that could arise. Systems such as these can be implemented in phases to bring
certain departments and processes on line in their order of importance. Most of the benefits
outweigh any issue and issues will arise with any system. Like service interruptions, it is just a
matter of time. Being able to stay on top of change in this age of business is essential for success.
Platforms like the one Amazon offers has allowed many businesss like Ericsson thrive.

Resources:

Amazon Web Services (2012) About AWS, http://aws.amazon.com/what-is-aws/

Amazon Web Services (2012) Amazon Elastic Compute Cloud,

http://aws.amazon.com/ec2/
Amazon Web Services (2012) Amazon Simple Storage

Servicehttp://aws.amazon.com/s3/
Rightscale Cloud Management (2012) A Bridge Between Your Apps and

Infrastructure, http://www.rightscale.com/products/
Crunch Base (2012) http://www.crunchbase.com/company/rightscale

Case Study 2: Cloud Computing

Jamia Yant

Arma International (2010) Information Management: Putting a Lock on Cloud Based

Information, http://content.arma.org/IMM/JulyAug10/IMM0710puttingalockoncloud-

basedinformation.aspx
Chantry, D. (2009) Mapping Applications to the Cloud,

http://msdn.microsoft.com/en-us/library/dd430340.aspx
Gottlieb, A. (2011) Cloud Computing Journal: Beware the Network Cost Gotchas of

Cloud Computing, http://cloudcomputing.sys-con.com/node/1872933

Amazon Web Services (2012) https://aws.amazon.com/solution-

providers/isv/rightscale
Amazon Web Services (2012) http://aws.amazon.com/solutions/case-studies/ericsson/