By Adam Stern | eCampus News
The cloud may be easier and more affordable than advertised, but it isn’t free. Still, computing horsepower is finally a virtual (or, perhaps more appropriately, a virtualization) bargain. It’s entirely possible for your college or university to spend $10K a month and tap enough power to drive a 1,000-user organization. That’s less than the cost of hiring a single engineer (even if it may sound like overkill, especially given today’s budget realities).
It’s essential to place your applications and data in a maximum-security environment. Hosting plans should be designed expressly to deliver both data integrity and data protection, deploying technologies such as clustered firewalls and intrusion detection and prevention software, which is capable of detecting threats to sensitive client data that even the best firewall won’t catch. And as cyber threats become ever more insidious, those in higher education are looking to implement systems that go well beyond basic malware and antivirus “solutions.”
In IT, as in higher education, language is everything. Teaching undergraduates is tough enough; most university administrators would prefer not to wade into the fog of IT, especially given just how obtuse the tech world has become. Familiarizing yourself with some basic terminology won’t turn you into an expert but it can provide a grounding in the fundamentals. With that in mind, let’s look under the hood and decipher some of the more pervasive and vexing terms.
Public cloud? Private cloud? Hybrid cloud?
As the cloud has expanded, it more or less subdivided:
The right question isn’t, “Should I opt for the hybrid cloud, the public cloud, or a private cloud?”
The smart question is, “What’s strategically best for my institution?”
When you frame the question that way, you can determine where to place your compute power, and you begin to gain control over the dynamic. Want to reduce costs? Increase efficiencies? Achieve some other objective? First, decide what your metrics are and how they serve the business; then select the technology.
IaaS, SaaS, and PaaS
At its most basic level, IaaS (Infrastructure as a Service) enables you to move all or part of your computing environment to the cloud (off premises) and to make the migration without modifying any of your existing applications. The market is now awash in IaaS tools and technologies, empowering institutions that may lack traditional computing resources to benefit from robust products and platforms—and perhaps gain a little independence from vendors.
IaaS is distinguished from two other “as a service” models, Software as a Service (SaaS) and Platform as a Service (PaaS). SaaS is essentially a software rental model, in which individual applications are hosted (again, off-premises) for a monthly subscription fee. All your users need is a web browser and they’re good to go.
PaaS is somewhat more ambitious while remaining user- and application-specific. PaaS is often better suited to smaller institutions writing applications that are specific to their environment; they don’t need to build and maintain the infrastructure usually required to develop and launch an app. PaaS makes it possible, even easy, to develop applications rapidly with little technical know-how. If the platform for which the app was written changes or ceases to exist, however, users are out of luck. With PaaS, internal development teams are compelled to ride the IT rollercoaster, forever investing and reinvesting in platform-specific application development.
Getting a handle on security
Sound security planning requires assessing threats, choosing tools to meet those threats, implementing those tools, assessing the effectiveness of the tools implemented, and repeating this process on an ongoing basis.
I recommend measures like clustered firewalls, multi-factor authentication (“layered” passwords), and intrusion detection and prevention systems, which go above and beyond traditional firewalls. Increasingly, threats are emanating from distributed denial of service attacks on hosting providers and from massive volumetric attacks. These attacks are new and particularly troubling, and no single firewall can stop them, especially when the attacks originate from connected devices.
This is a very brief sampling of the jargon that typically separates the IT realm from the world of the syllabus and the SAT. The more you know, the more you’re in a position to bring those worlds together, for your institution and for its population.