Cloud computing is confusing. The term covers multiple deployment and service models, and the decision to "go cloud" requires thought around economic considerations and security. Luckily, the National Institute of Standards and Technology (NIST) has published a detailed document for anyone looking for information, definitions and guidance around cloud computing. While NIST's "DRAFT Cloud Computing Synopsis and Recommendations" report has been prepared for use by Federal agencies, commercial IT and business leaders can also learn valuable lessons from federal models for IT and security. A review of the report shows that Appian's Cloud BPM meets NIST's key considerations for a variety of cloud models.
Cloud confusion arises, the report states, because "cloud computing is not a single kind of system, but instead spans a spectrum of underlying technologies, configuration possibilities, service models, and deployment models." The NIST-established definition of cloud computing covers four deployment models:
It also describes three cloud service models:
infrastructure. The consumer does not manage or control the underlying cloud infrastructure, but has control over the deployed applications.
Deciding what type of cloud computing is right for your organization requires examining these deployment and service model variables. It also requires weighing economic considerations (pay-for-use pricing, provisioning elasticity and elimination of large up-front costs) against any perceived lack of control. When you find the right mix, you'll see that cloud computing for businesses and government makes sense on multiple levels. There are cost savings. There are time and resource savings. There are space savings. There are efficiencies that were pipe dreams before tapping into the cloud.
Of course, protecting your information and your clients' information remains the top priority -- as it should be. The report states, "As complex networked systems, clouds are affected by traditional computer and network security issues, [however] by imposing uniform management practices, clouds may be able to improve on some security update and response issues."
While strict cloud security measures must be in place, this is true for any IT system. Computerworld recently reported on exaggerated cloud security fears, with former Federal CIO Vivek Kundra stating that "A lot of people are sort of driving this notion of fear around security...I think that's been amplified, frankly, is because it preserves the status quo." Kundra was fond of pointing out that the federal Recovery.gov site is hosted on Amazon's EC2 cloud.
Appian's Cloud BPM helps achieve cost-saving goals while maintaining the highest level of security across many cloud deployment and service models. We support multiple deployment models, as well as both SaaS and PaaS service models. And Appian Cloud provides reliability and security that matches - or exceeds - that of the best internally managed environments. Appian's reliability and security guarantees include 99.5% uptime, SAS-70 Type II infrastructure audit reports, SAML or LDAP/AD integration for secure authentication and single sign-on, SSL encryption of all communication between systems, compliance with national data privacy laws through local hosting, and FISMA security certification. In short, we cover all your security needs in the cloud in order for you to do business.
Cloud computing is the wave of the future, but be careful: make sure the cloud technology you choose offers deployment and service flexibility, and meets the highest security standards. If you do that, nothing can stop your organization (and your partners and customers) from enjoying all the benefits cloud computing offers.
-Ben Farrell, Director of Corporate Communications
Appian helps organizations build apps and workflows rapidly, with a low-code automation platform. Combining people, technologies, and data in a single workflow, Appian can help companies maximize their resources and improve business results. Many of the world’s largest organizations use Appian applications to improve customer experience, achieve operational excellence, and simplify global risk management and compliance.