What is cloud computing?

Cloud computing is on-demand access, via the internet, to computing resources—applications,

servers (physical servers and virtual servers), data storage, development tools, networking
capabilities, and more—hosted at a remote data center managed by a cloud services provider (or
CSP). The CSP makes these resources available for a monthly subscription fee or bills them
according to usage.

Compared to traditional on-premises IT, and depending on the cloud services you select, cloud
computing helps do the following:

Lower IT costs: Cloud lets you offload some or most of the costs and effort of purchasing,
installing, configuring, and managing your own on-premises infrastructure.

Improve agility and time-to-value: With cloud, your organization can start using enterprise
applications in minutes, instead of waiting weeks or months for IT to respond to a request,
purchase and configure supporting hardware, and install software. Cloud also lets you empower
certain users—specifically developers and data scientists—to help themselves to software and
support infrastructure.

Scale more easily and cost-effectively: Cloud provides elasticity—instead of purchasing excess
capacity that sits unused during slow periods, you can scale capacity up and down in response to
spikes and dips in traffic. You can also take advantage of your cloud provider’s global network
to spread your applications closer to users around the world.

The term ‘cloud computing’ also refers to the technology that makes cloud work. This includes
some form of virtualized IT infrastructure—servers, operating system software, networking, and
other infrastructure that’s abstracted, using special software, so that it can be pooled and divided
irrespective of physical hardware boundaries. For example, a single hardware server can be
divided into multiple virtual servers.

Virtualization enables cloud providers to make maximum use of their data center resources. Not
surprisingly, many corporations have adopted the cloud delivery model for their on-premises
infrastructure so they can realize maximum utilization and cost savings vs. traditional IT
infrastructure and offer the same self-service and agility to their end-users.

If you use a computer or mobile device at home or at work, you almost certainly use some form
of cloud computing every day, whether it’s a cloud application like Google Gmail or Salesforce,
streaming media like Netflix, or cloud file storage like Dropbox. Industry analyst Gartner
projected recently that worldwide end-user public cloud spending to reach nearly USD 600
billion in 2023 (link resides outside ibm.com).
Cloud computing services

IaaS (Infrastructure-as-a-Service), PaaS (Platform-as-a-Service) and SaaS (Software-as-a-

Service) are the three most common models of cloud services, and it’s not uncommon for an
organization to use all three.

SaaS (Software-as-a-Service)

SaaS—also known as cloud-based software or cloud applications—is application software that’s

hosted in the cloud, and that users access via a web browser, a dedicated desktop client, or an
API that integrates with a desktop or mobile operating system. In most cases, SaaS users pay a
monthly or annual subscription fee; some may offer ‘pay-as-you-go’ pricing based on your
actual usage.

In addition to the cost savings, time-to-value, and scalability benefits of cloud, SaaS offers the
following:

Automatic upgrades: With SaaS, users take advantage of new features as soon as the provider
adds them, without having to orchestrate an on-premises upgrade.

Protection from data loss: Because SaaS stores application data in the cloud with the application,
users don’t lose data if their device crashes or breaks.

SaaS is the primary delivery model for most commercial software today—there are hundreds of
thousands of SaaS solutions available, from the most focused industry and departmental
applications, to powerful enterprise software database and AI (artificial intelligence) software.

PaaS (Platform-as-a-Service)

PaaS provides software developers with on-demand platform—hardware, complete software

stack, infrastructure, and even development tools—for running, developing, and managing
applications without the cost, complexity, and inflexibility of maintaining that platform on-
premises.

With PaaS, the cloud provider hosts everything—servers, networks, storage, operating system
software, middleware, databases—at their data center. Developers simply pick from a menu to
‘spin up’ servers and environments they need to run, build, test, deploy, maintain, update, and
scale applications.

Today, PaaS is often built around containers, a virtualized compute model one step removed
from virtual servers. Containers virtualize the operating system, enabling developers to package
the application with only the operating system services it needs to run on any platform, without
modification and without need for middleware.
Red Hat OpenShift is a popular PaaS built around Docker containers and Kubernetes, an open
source container orchestration solution that automates deployment, scaling, load balancing, and
more for container-based applications.

IaaS (Infrastructure-as-a-Service)

IaaS provides on-demand access to fundamental computing resources—physical and virtual

servers, networking, and storage—over the internet on a pay-as-you-go basis. IaaS enables end
users to scale and shrink resources on an as-needed basis, reducing the need for high, up-front
capital expenditures or unnecessary on-premises or ‘owned’ infrastructure and for overbuying
resources to accommodate periodic spikes in usage.

In contrast to SaaS and PaaS (and even newer PaaS computing models such as containers and
serverless), IaaS provides the users with the lowest-level control of computing resources in the
cloud.

IaaS was the most popular cloud computing model when it emerged in the early 2010s. While it
remains the cloud model for many types of workloads, use of SaaS and PaaS is growing at a
much faster rate.

Serverless computing

Serverless computing (also called simply serverless) is a cloud computing model that offloads all
the backend infrastructure management tasks–provisioning, scaling, scheduling, patching—to the
cloud provider, freeing developers to focus all their time and effort on the code and business
logic specific to their applications.

What's more, serverless runs application code on a per-request basis only and scales the
supporting infrastructure up and down automatically in response to the number of requests. With
serverless, customers pay only for the resources being used when the application is running—
they never pay for idle capacity.

FaaS, or Function-as-a-Service, is often confused with serverless computing when, in fact, it's a
subset of serverless. FaaS allows developers to execute portions of application code (called
functions) in response to specific events. Everything besides the code—physical hardware,
virtual machine operating system, and web server software management—is provisioned
automatically by the cloud service provider in real-time as the code executes and is spun back
down once the execution completes. Billing starts when execution starts and stops when
execution stops.
Types of cloud computing

Public Cloud

Public cloud is a type of cloud computing in which a cloud service provider makes computing
resources—anything from SaaS applications, to individual virtual machines (VMs), to bare metal
computing hardware, to complete enterprise-grade infrastructures and development platforms—
available to users over the public internet. These resources might be accessible for free, or access
might be sold according to subscription-based or pay-per-usage pricing models.

The public cloud provider owns, manages, and assumes all responsibility for the data centers,
hardware, and infrastructure on which its customers’ workloads run, and it typically provides
high-bandwidth network connectivity to ensure high performance and rapid access to
applications and data.

Public cloud is a multi-tenant environment—the cloud provider's data center infrastructure is

shared by all public cloud customers. In the leading public clouds—Amazon Web Services
(AWS), Google Cloud, IBM Cloud, Microsoft Azure, and Oracle Cloud—those customers can
number in the millions.

Many enterprises are moving portions of their computing infrastructure to the public cloud
because public cloud services are elastic and readily scalable, flexibly adjusting to meet changing
workload demands. Others are attracted by the promise of greater efficiency and fewer wasted
resources since customers pay only for what they use. Still others seek to reduce spending on
hardware and on-premises infrastructures.

Private cloud

Private cloud is a cloud environment in which all cloud infrastructure and computing resources
are dedicated to, and accessible by, one customer only. Private cloud combines many of the
benefits of cloud computing—including elasticity, scalability, and ease of service delivery—with
the access control, security, and resource customization of on-premises infrastructure.

A private cloud is typically hosted on-premises in the customer's data center. But a private cloud
can also be hosted on an independent cloud provider’s infrastructure or built on rented
infrastructure housed in an offsite data center.

Many companies choose private cloud over public cloud because private cloud is an easier way
(or the only way) to meet their regulatory compliance requirements. Others choose private cloud
because their workloads deal with confidential documents, intellectual property, personally
identifiable information (PII), medical records, financial data, or other sensitive data.
By building private cloud architecture according to cloud native principles, an organization gives
itself the flexibility to easily move workloads to public cloud or run them within a hybrid cloud
(see below) environment whenever they’re ready.

Hybrid cloud

Hybrid cloud is just what it sounds like—a combination of public and private cloud
environments. Specifically, and ideally, a hybrid cloud connects an organization's private cloud
services and public clouds into a single, flexible infrastructure for running the organization’s
applications and workloads.

The goal of hybrid cloud is to establish a mix of public and private cloud resources—and with a
level of orchestration between them—that gives an organization the flexibility to choose the
optimal cloud for each application or workload and to move workloads freely between the two
clouds as circumstances change. This enables the organization to meet its technical and business
objectives more effectively and cost-efficiently than it could with public or private cloud alone.

Multicloud and hybrid multicloud

Multicloud is the use of two or more clouds from two or more different cloud providers. Having
a multicloud environment can be as simple using email SaaS from one vendor and image editing
SaaS from another. But when enterprises talk about multicloud, they're typically talking about
using multiple cloud services—including SaaS, PaaS, and IaaS services—from two or more of
the leading public cloud providers.

Hybrid multicloud is the use of two or more public clouds together with a private cloud
environment.

Organizations choose multicloud to avoid vendor lock-in, to have more services to choose from,
and to access to more innovation. But the more clouds you use—each with its own set of
management tools, data transmission rates, and security protocols—the more difficult it can be to
manage your environment. Multicloud management platforms provide visibility across multiple
provider clouds through a central dashboard, where development teams can see their projects and
deployments, operations teams can keep an eye on clusters and nodes, and the cybersecurity staff
can monitor for threats.

Hybrid Cloud Explained

Cloud security

Traditionally, security concerns have been the primary obstacle for organizations considering
cloud services, particularly public cloud services. In response to demand, however, the security
offered by cloud service providers is steadily outstripping on-premises security solutions.
Maintaining cloud security demands different procedures and employee skillsets than in legacy
IT environments. Some cloud security best practices include the following:

Shared responsibility for security: Generally, the cloud provider is responsible for securing cloud
infrastructure and the customer is responsible for protecting its data within the cloud—but it's
also important to clearly define data ownership between private and public third parties.

Data encryption: Data should be encrypted while at rest, in transit, and in use. Customers need to
maintain full control over security keys and hardware security module.

User identity and access management: Customer and IT teams need full understanding of and
visibility into network, device, application, and data access.

Collaborative management: Proper communication and clear, understandable processes between

IT, operations, and security teams will ensure seamless cloud integrations that are secure and
sustainable.

Security and compliance monitoring: This begins with understanding all regulatory compliance
standards applicable to your industry and setting up active monitoring of all connected systems
and cloud-based services to maintain visibility of all data exchanges between public, private, and
hybrid cloud environments.

Cloud use cases

With 25% of organizations planning to move all their applications to cloud within the next year,
it would seem that cloud computing use cases are limitless. But even for companies not planning
a wholesale shift to the cloud, certain initiatives and cloud computing are a match made in IT
heaven.

Disaster recovery and business continuity have always been a natural for cloud because cloud
provides cost-effective redundancy to protect data against system failures and the physical
distance required to recover data and applications in the event of a local outage or disaster. All of
the major public cloud providers offer Disaster-Recovery-as-a-Service (DRaaS).

Anything that involves storing and processing huge volumes of data at high speeds—and
requires more storage and computing capacity than most organizations can or want to purchase
and deploy on-premises—is a target for cloud computing. Examples include:

Big data analytics

Internet of Things (IoT)

Artificial intelligence—particularly machine learning and deep learning applications

For development teams adopting Agile or DevOps (or DevSecOps) to streamline development,
cloud offers the on-demand end-user self-service that keeps operations tasks—such as spinning
up development and test servers—from becoming development bottlenecks.

IBM Cloud free tier

Create a no-charge IBM Cloud account and access more than 40 always-free products in cloud
and AI.

Try IBM Cloud for free

IBM Cloud Paks

IBM Cloud Paks provide AI-powered software designed to accelerate application modernization
with pre-integrated data, automation and security capabilities.

Explore IBM Cloud Paks

IBM Cloud Training