Cross-Region Replication and Geo-Redundancy in Amazon, Microsoft and Google Cloud

As we all know, most large IT cloud companies offer some way to do the Cross-Region Replication for their data storage. As they are expanding across the globe in a race to provide the best disaster recovery and also their ability to use storage in different regions I wanted to spend 5 seconds to look at the options offered by Amazon, Microsoft, and Google.  [Read more…]

Introduction to CSA, Cloud Governance and Operational Domain of Encryption & Key Management

In this post, I will introduce Cloud Security Alliance (CSA) and the governance and operation domains through which they promote the best security practices in the cloud. I also briefly look at the Encryption and Key Management as one of the parts of the operational domains; and look at the general security concerns, as well as specific concerns of this particular domain. [Read more…]

Importance of Cloud Service Level Agreement Analysis

One of the best general definitions of SLA comes from Marilly, Martinot and Betgé-Brezetz (2002, p.57-62), “A Service Level Agreement (SLA) is a contract between Service Providers or between Service Providers and Customers that specifies, usually in measurable terms, what services the Service Provider will furnish and what penalties the Service pay if he cannot meet the committed goals.”. The similar definition applies to cloud providers. In essence, the SLA describes a contract between the vendor that delivers a cloud service and the company which is receiving it. That said, I see some differences between the traditional IT level SLA and those created by cloud providers. While in the depth of the covered obligations, the cloud service level agreements appear to be similar to typical IT SLA, the cloud landscape is certainly more complex, which also alters the nature of cloud SLAs and their presentation to end client. Let me explain. [Read more…]