The Cloud

Cloud computing has seen a substantial shift toward OpEx models over previous CapEx models, allowing many organizations to take advantage of infrastructure they previously could never have afforded to purchase and deploy, let alone manage, before. Various public cloud providers maintain government approved versions of their cloud services (e.g., AWS has a GovCloud service for the United States) which allows government agencies and businesses who do work for those agencies to still engage public cloud services for data meeting particular sensitivity and security requirements. The term shadow IT has been increasingly used to define scenarios where cloud-based IT resources are procured and organized outside of the IT department—by managers, pseudo-technical staff, or power users within other areas of the business. While many public cloud providers will make strong promises relating to availability, those promises of availability do not always relate to protection—and may not even correlate to actual delivered availability. Others may simply make no promises whatsoever—which is hardly reassuring.