As a result of increasing cloud commoditization, cloud computing users have been able to reduce the cost of operating IT systems while also increasing the flexibility of how and when those systems are used. This increased IT flexibility results in greater overall organizational agility, compounding the cost savings. 
However, not everything is “sunny” in the world of cloud computing, so to speak. A major impediment has risen to the continued broad and practical adoption of cloud computing. As explained in a new white paper from enterprise storage services provider GlassHouse Technologies, “Implementing a Multi-tiered Cloud Service Strategy,” that impediment is the security risk posed by the virtual software agents, or “hypervisors,” that manage the groups of virtual machines supporting cloud services. Hypervisors, as it turns out, are vulnerable to attack.
Public, Private and Hybrid Clouds
Three common cloud computing options – public, private and hybrid, offer varying degrees of security and cost. The lowest cost and lowest security option, public clouds, allows users to rent space on a cloud supported by shared hardware and infrastructure. According to GlassHouse Technologies, public clouds come with a “virtual guarantee” of failure.
Private clouds are the most secure and expensive option, using internal hardware and infrastructure to provide high degrees of security and availability, as well as cost related to building and maintaining dedicated supporting technology. Hybrid clouds combine the public and private options with customized security policies and infrastructure.
The Multi-Tiered Cloud Approach
The multi-tiered approach to cloud computing attempts to unlock the full value of the cloud by offering a single cloud that provides all levels of cloud services with a tiered pricing structure. Application components can be prioritized, with lower-priority service levels assigned to lower-value components.
According to GlassHouse, multi-tiered cloud computing offers organizations several unique benefits not obtainable from other cloud models. Businesses can take calculated risks by applying lower-priced services to particular components and still use higher-priced services to support more critical areas of the enterprise. And the inherently unified nature of the multi-tiered cloud approach places the cloud fully under the control of in-house IT personnel.
In addition, GlassHouse says multi-tiered cloud computing enables users to take full advantage of the modern N-tier IT architectural model. For example, an organization could put a stateless Web service on a low-cost, low-security tier, application logic on a middle tier and the model element of the database application on a high-cost, high-security tier. All three tiers would be completely integrated, unified and controlled by the same personnel.
Evaluating Your Enterprise
GlassHouse advises any organization considering launching a multi-tiered cloud strategy to first thoroughly evaluate its enterprise to match application components and tiers to cloud service level tiers. This entails analyzing how much data loss and downtime can be withstood for each component, letting the importance of components that perform critical tasks override short-term cost savings. The business side of the organization must take an active role in assessment to ensure components that deliver and/or protect revenue and reputation receive the proper level of cloud services.
Multi-tiered cloud computing is not the best option for every organization adopting cloud services, but is an intriguing approach that certainly merits consideration, especially for enterprises engaging in a wide variety of activities.
