Abstract
Cloud computing is synonymous with outsourced data center management and agile solution architecture that improves the scalability for delivery of services for enterprises. It has the capability to revolutionize how data is delivered from commodity to Information Technology as a service. At its core, Cloud computing is a new approach to distributed computing and shared pooling of IT infrastructure linked together to offer centralized IT services on demand. Companies that provide Cloud computing services manage multiple virtualized computation systems that allow for dynamic on-demand provisioning of IT delivery as services. This chapter presents a study of the factors that influence the adoption of Cloud computing in enterprises based on managements' perception of security, cost-effectiveness, and IT compliance. The results of a linear regression analysis testing are presented, which indicate that managers' perceptions of cost-effectiveness and IT compliance are more significantly correlated to the enterprise adoption of Cloud computing than security.
TopIntroduction
The traditional network delivery of IT services requires rigid capacity planning and limiting the ability to offer on-demand software management and related IT functionality. However, the Cloud computing model improves IT service delivery, but adds complexities in security and IT compliance integration with the organization’s procedures (Lombardi & Di Pierto, 2011). The elastic nature of Cloud computing provides customers with resources such as CPU and storage space on demand, thereby, creating an illusion of unlimited computing and network capacity and availability (Armbrust et al., 2010).
The need for Cloud computing arises from the deluge of raw data, demand for high compute intensive applications, requirement of high availability of systems, and the desire for cost-effective IT delivery solutions. Such applications include particle physics, biology, chemistry, knowledge base databases, big data requirements, enterprise resource planning, customer resource management, and financial research that mandate the use of large computer infrastructures to achieve performance gains for organizations (Ekanayake et al., 2010), among others. The adoption of Cloud computing provides benefits to organizations that include pay-as-you-go billing, on-demand capabilities, and reduction in IT operational expenses (Anderson & Swager, 2004).
This study was intended to provide data on security, cost-effectiveness, and IT compliance factors influencing adoption of Cloud computing (Truong, 2010) in enterprises. The security risks associated with the existing Cloud adoption model involve issues of determining data ownership, confidentiality, integrity, privacy, and virtualization (Subashini & Kavitha, 2010). Compliance requirement exists in every facet of IT, requiring rigorous enforcement of policies to encourage organizations to maintain acceptable processes to protect customer and personal identifiable data from unlawful access (Luthy & Forcht, 2006). For instance, violation of the Health Insurance Portability and Accountability Act and Sarbanes Oxley Act of 2002 compliance requirements, carries penalties ranging from fines to imprisonment (Hoffman & Podgurski, 2007).
In Cloud computing, however, the compliance assurance process is not clear when data ownership and storage locations are not under the control of the enterprise organization. IT compliance for Cloud-enabled networks includes internal IT processes such as system logging, log analysis, authentication, and authorization; as well as data archiving, image back-ups, and physical security of servers in the Cloud (Jarrell, Welker, Silsbee, & Tucker, 2008). Compliance risks associated with IT have been prevalent in outsourced services (Ahmed, 2011; Blaskovich & Mintchik, 2011) and the recent increase in the number of data security breaches has made security requirements a priority consideration for Cloud adoption (Burns & Peterson, 2010).
The shared resources nature of Cloud computing delivery hinders security processes such as data confidentiality and data integrity, as well as data availability requirements, because multiple customers use the same resources to access their data (Chakraborty, Ramireddy, Raghu, & Rao, 2010). Reliability can be a serious problem for Cloud users. Salesforce.com, for example, left customers without service for six hours in February 2008. Amazon’s Simple Storage Service (S3) and Elastic Compute Cloud (EC2) suffered a three hour outage in the same month. In early 2009, Google’s Gmail went down for three hours, thereby preventing its 113 million users from accessing their emails or the documents that they store online on Google Docs.
This chapter is structured as follows. The background section provides general information on Cloud computing adoption and delivery models. This is followed by a discussion on the security, cost-effectiveness, and compliance aspects of Cloud computing. The chapter then delves into the details of the enterprise Cloud adoption study methodology and explains the observed results. Finally, future research directions are explored and conclusions are presented.
Key Terms in this Chapter
Utility Computing: A metered service on remote servers paid on demand. It allows users to lease access to a virtualized resource from Cloud service providers that places the users’ data under the control of Cloud providers.
Elasticity: Ability to dynamically deploy and scale systems resources based on need in real time. This provides an illusion of infinite amount of resources to consumers allowing the consumer to purchase only what they need.
Software as a Service (SaaS): Software as a service is an application delivery concept that provides pay-as-you go pricing structure for software licenses and access for users instead of traditional installation of software on local computers or through client server network model.
Private Cloud: Private Cloud is a proprietary Cloud infrastructure that is wholly operated for an organization to offer secure computing services either on the organization’s premises or in a third-party vendor offsite location.
Cost-Effectiveness: Cost-effectiveness is the ability to experience an operational cost reduction. Cloud adoption achieves cost effectiveness by the use of on-demand IT services and shared multi-tenant resources.
Platform as Service (PaaS): Platform as a service is an application development solution offered by Cloud providers that includes operating systems and development tools that IT staff can use to manage infrastructure applications.
Cloud Computing: Most researchers define Cloud computing as an innovative way of enhancing IT’s capacity to provide pay-as-you-go billing, on-demand computing, IT utility and automated delivery service. The National Institute of Standards and Technology (NIST, 2012 AU136: The in-text citation "NIST, 2012" is not in the reference list. Please correct the citation, add the reference to the list, or delete the citation. ) sees Cloud computing as a business model of enabling ease of on-demand access to a pool of shared services (e.g., data center, networks, servers, storage, virtualized application services) that can be provisioned dynamically with minimal support.
Information Security: Information security consists of rules for maintaining confidentiality, integrity and availability of data and electronic transactions. Information security is always associated with prevention and detection of unauthorized activities in the networks or systems.
Infrastructure as a Service (IaaS): Infrastructure as a service is defined as the ability to commoditize IT infrastructure resources as services to organizations on demand. It provides organizations with the ability to re-direct resources to long-term strategic business goals while outsourcing the day-to-day IT functions, such as archiving and business continuity to Cloud providers.
IT Compliance: IT compliance consists of meeting the policies and procedures mandated by governmental and organizational requirements with expectation of penalties for violation.
Hybrid Cloud: The hybrid Cloud is a combination of private, community, and public Clouds used by organizations that host non critical data on public Cloud that remain as unique entities but connected by public or proprietary middleware to enable application portability.
Technology adoption: Adoption of technology theory examines individuals or business leaders’ decisions to accept or not to accept a given technology for integration of that technology into the entire organization.
Public Cloud: Public Clouds are network infrastructure designed to provide software access through Web based portals to general public for access to hardware, networking, and software. The Cloud infrastructure is shared by multiple organizations and offer specific non-customizable services.