Tutorial 7 Flashcards

1
Q

Key Advantages of Cloud Computing

A
  1. Lower Cost of Entry – Small businesses can access compute-intensive business
    analytics and services that were previously exclusive to large enterprises.
  2. Rapid Deployment & Scalability – Cloud services provide immediate access to
    computing power, reducing time-to-market for businesses.
  3. Business Agility – Firms can scale their IT infrastructure dynamically, avoiding
    underutilization of expensive hardware.
  4. Green Computing – Optimizing server utilization results in lower energy
    consumption, making cloud computing an environmentally friendly choice.
  5. Enabling Innovation – Cloud technology supports emerging AI, big data analytics,
    and IoT applications.
  6. Cloud computing offers a paradigm shift,
    moving IT resources from capital expenditures (CapEx) to operational expenditures
    (OpEx), thereby enabling businesses to scale resources efficiently.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Core Technologies and Service Models
The article describes three fundamental cloud service models:

A
  1. Infrastructure as a Service (IaaS) – Provides virtualized computing resources, such
    as Amazon EC2 and Google Compute Engine.
  2. Platform as a Service (PaaS) – Provides a cloud-based environment for application
    development (Google App Engine, Microsoft Azure).
  3. Software as a Service (SaaS) – Delivers applications via the internet, eliminating
    the need for local installations (Google Apps, Salesforce).
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Key enabling technologies for cloud computing (Marston et al.):

A

●Virtualization – Abstracting computing resources to improve efficiency.
●Multitenancy – Hosting multiple customers on shared infrastructure.
●Web Services & APIs – Facilitating cloud application interoperability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Strengths of Cloud Computing

A

●Cost efficiency through resource pooling.
●Increased computing power and agility.
●Reduced maintenance burden on firms.
●Almost immediate access to hardware resources => faster time to market in business
●Reduced cost

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Weaknesses of Cloud Computing

A

●Security concerns related to data privacy and compliance.
●Dependence on service providers for uptime and performance.
●Potential loss of control over IT infrastructure.
●High speed internet required
●Lose physical control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Opportunities of Cloud Computing

A

●Adoption by SMEs – Enables small and medium businesses to compete
with larger firms.
●Emerging markets – Cloud services can help developing economies
leapfrog traditional IT models.
●Hybrid cloud solutions – Enterprises can integrate private and public cloud
models for flexibility and security.
●No upfront investment is required
●Cloud computing appeals to large IT infrastructures that want to reduce their carbon footprint
●Opportunities ti get access to up to date technologies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threats to Cloud Computing:

A

●Regulatory challenges – Different countries have data residency laws
impacting cloud adoption.
●Vendor lock-in – Lack of standardization can restrict flexibility.
=> Cloud vendors might cost more and more over time
●Threat to their corporate IT structure
●Fear of job loss
●Risk of cloud providers going bankrupt
●Security vulnerabilities – Potential breaches in multi-tenant environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Regulatory & Compliance Issues of Cloud Computing

A

●Data sovereignty – Where is data stored, and which laws apply?
●Compliance – Industries like finance and healthcare have strict data security
mandates (e.g., GDPR, HIPAA).
●Cybersecurity risks – Cloud services need robust identity management and
encryption to safeguard sensitive data.
=> Governments play a crucial role in setting regulations that ensure data privacy, security,
and fair market competition.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Two types of ERP

A
  1. On premise: You have everything stored within the company, you have the software etc.
  2. Cloud computing: An information technology service model where computing systems are delivered on demand over a network in a self-service fashion, independent of device and location
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Cloud computing benefits of large firms

A
  • Benefit from economies of scale => reduce total cost of ownership
  • Virtualisation enables server consolidation => enhances efficiency and reduces maintenance costs
  • Cloud providers offer private cloud options => Firms can maintain greater control over data security
  • Firms can establish “cloud committees” to strategically evaluate cloud adoption and implement best practices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Cloud Computing benefits for small/medium firms

A
  • Pay-as-you-go model => eliminates the need for heavy capital expenditure on IT infrastructure
  • Can adopt cloud computing quickly without needing to integrate with complex legacy systems (=> a challenge that many large firms have)
  • Can scale IT resources on demand => allows adaptation into market fluctuations and growth
  • Provides immediate access to advanced computing resources => no requirement of large IT teams
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Different cloud deployment models:

A
  1. Public cloud: Being available from a third-party service provider via the internet and is a cost-effective way to deploy IT solutions, especially for SMEs
  2. Private cloud: Offers many of the benefits of a public cloud computing environment, such as being flexible and service based, but is managed within an organisation
  3. Community cloud: Controlled and used by a group of organisations that have shared interest, such as specific security requirements
  4. Hybrid cloud: A combination of a public cloud and private cloud => typically non-critical information is outsourced to the public cloud, while business-critical services and data are kept within the control of the organisation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Cloud Mantras (Financial benefits): 1. High cost advantages can be achieved

A

Supporting Example:
Organizations in large countries with complex requirements and costly legacy systems saved on costs

Refuting Example:
Smaller country organizations with lower process complexities and simpler needs preferred an existing in-house solution

Relevant Inhibitors:
- Business process complexity
- Legacy systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Cloud Mantras (Financial benefits): 2. Implementation times are short

A

Supporting Example:
Organizations in emerging countries with less regulatory requirements, fairly low process complexity and no legacy systems had a working cloud solution in a relatively short time

Refuting Example:
Overall cloud implementation globally was a multi-year program driven by different process heterogeneity and regulatory requirements

Relevant inhibitors:
- Business process complexity
- Regulatory differences
- legacy systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cloud Mantras (Technological Implications): 3. Customisation is limited, but meets most needs

A

Supporting Example:
In the more narrow scope of the Pharma business, where an industry-specific cloud solution was available, the customization proceeded merely with adaptations to the different market environments

Refuting Example:
The cross-industry (horizontal) cloud solution for the non-para segments needed extensive customisation to the different business process needs across this enterprise-wide implementation

Relevant Inhibitors
- Solution’s lack of industry focus
- Business process complexity
- Implementation scope

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Cloud Mantras (Technological Implications): 4. Compliance and security risks have to be accepted

A

Supporting Example:
Compliance and regulatory requirements for the cloud rollout were major issues to consider, particularly in the highly regulated Pharma business

Refuting Example:
Compliance and security issues were not accepted blindly, but addressed early on, creating mindful awareness of risks and preventing “show-stopper” barriers

Relevant Inhibitors:
- Regulatory differences
- Solution’s business specificity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Cloud mantras (Organizational impacts) 5. Business units can focus in their core competencies

A

Supporting Example:
Business units in countries with no legacy systems and under global IT governance accepted the cloud solution without the need to involve the global business organisation

Refuting Example:
Business units in countries with existing CRM systems and strong local IT ownership required governance through global business leaders to drive the template definition and acceptance of the new solution

Relevant Inhibitors:
- Legacy systems
- Distribution of IT ownership

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Cloud mantras (Organizational impacts) 6. Companies become less dependent in internal IT units

A

Supporting Example:
BHC became less dependent on CRM hosting and data center capabilities - i.e., on non-business-specific IT functions

Refuting Example:
The enterprise-wide cloud CRM rollout affecting complex business processes made global IT functions indispensable as a governance function; a cloud expert was also needed for all business-specific issues

Relevant inhibitors:
- Implementation scope
- Business process complexity
- Solution’s business specificity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Learning form BHC’s going strategies to achieve cloud payoffs

A
  1. Consider multi-platform cloud strategies
  2. Perform a competitive vendor review and negotiate contract terms
  3. Design a global template approach for rollouts
  4. Manage strategic benefuts and costs expectations
  5. Use PaaS to compliment standard SaaS customisation options
  6. Partner with cloud vendors and third parties for functional and technical needs
  7. Ensure regulatory compliance and data security to mitigate risks
  8. Establish a global business governance and change management process
  9. Strengthen IT units’ involvement and expertise
20
Q

Key Features of Cloud Computing: On-Demand Self-Service

A

Users can provision resources as needed without requiring human intervention

21
Q

Key Features of Cloud Computing: Broad Network Access

A

Services are accessible over the internet from various
devices

22
Q

Key Features of Cloud Computing: Resource Polling

A

Providers use multi-tenant models to serve multiple customers
from shared infrastructure

23
Q

Key Features of Cloud Computing: Rapid Elasticity

A

Resources can be scaled up or down dynamically based on
demand

24
Q

Key Features of Cloud Computing: Measured Service

A

Users are charged based on actual resource consumption,
following a pay-per-use model

25
Q

Multitenancy

A

Multitenancy is a software architecture where a single instance of an application serves
multiple users (tenants) while keeping their data separate. It maximizes resource efficiency
and cost savings by allowing multiple clients to share infrastructure while maintaining privacy
and security .
Example:
●In Salesforce, multiple companies (tenants) use the same CRM system
without interfering with each other.

26
Q

Scalability

A

Scalability refers to the ability of a cloud system to handle increasing workloads by
automatically adjusting resources. There are two types:
●Vertical Scaling (Scaling Up) – Adding more power (CPU, RAM) to an existing
server.
●Horizontal Scaling (Scaling Out) – Adding more machines to distribute the load
across multiple servers.
Example:
●Netflix scales its servers during peak hours to handle increased traffic and
scales down during low-usage periods.

27
Q

Software-as-a-Service (SaaS)

A

SaaS is a cloud computing model where applications are hosted and managed by a provider and delivered over the internet. Users access software without installing it on their
local machines.
Examples:
●Google Workspace (Gmail, Drive, Docs)
●Microsoft 365
●Salesforce CRM

28
Q

Infrastructure-as-a-Service (IaaS)

A

IaaS provides virtualized computing resources (servers, storage, networking) over the internet. It allows businesses to rent IT infrastructure instead of purchasing and maintaining
physical hardware.
Examples:
●Amazon Web Services (AWS EC2, S3)
●Microsoft Azure Virtual Machines
●Google Cloud Compute Engine

29
Q

Platform-as-a-Service (PaaS)

A

PaaS is a cloud service model that provides a development environment for building,
testing, and deploying applications. It abstracts the underlying infrastructure, enabling
developers to focus on coding without managing hardware and system software.
Examples:
●Google App Engine
●Microsoft Azure App Services
●Heroku

30
Q

Why Does Cloud Computing Often Meet Resistance from Internal IT Departments?

A
  1. Fear of Job Redundancy
  2. Loss of Control
  3. Security and Compliance Concerns
  4. Vendor Lock-in Risks
  5. Integration Challenges with Legacy Systems
  6. Performance and Reliability Worries
  7. Compliance with Internal Policies
31
Q

On-Premise Computing

A

Fully owned and managed by the company; Limited by physical hardware capacity; High upfront investment (CapEx); Requires in-house IT team; Full control over security but requires expertise; Dependent on local infrastructure reliability; Full control over compliance management; Seamless if already built on on-premise architecture; Fully customisable

32
Q

Is Cloud Computing Inferior to On-Premise Computing?

A

No, but it depends on business needs. Cloud computing offers flexibility, cost savings, and
scalability, making it superior for most businesses. However, on-premise computing remains
preferable for companies with strict regulatory requirements, high-security needs, or heavy
legacy system dependencies

33
Q

Growth of Outsourcing

A

●Offshore Business Process Outsourcing (BPO) has grown significantly, particularly in
India.
●Factors such as low labor costs, a skilled workforce, and improved
telecommunications infrastructure have contributed to this growth.
●The reduction in outsourcing risks, particularly due to technological advancements,
has facilitated this expansion.

34
Q

Risks in Outsourcing

A
  1. Strategic Risks – Arise from vendor opportunism (e.g., deliberate actions that harm
    the client).
  2. Operational Risks – Result from failures in vendor operations due to complexity or
    miscommunication.
  3. Intrinsic Risks of Atrophy – Occur when an outsourced process leads to a loss of
    internal expertise over time.
  4. Intrinsic Risks of Location – Geopolitical, sovereign, and exchange-rate risks
    related to the remote location of outsourced operations.
35
Q

Strategic Risk in Detail

A
  1. Shirking (Principal-Agent Problem)
    ○Vendors may deliberately underperform while claiming full payment.
    ○Shirking includes low effort, use of lower-skilled staff, or lack of investment in training and infrastructure.
  2. Poaching (Misuse of Information)
    ○Vendors may use proprietary client information for their own benefit or sell it to competitors.
    ○Examples include reverse-engineering business processes or reselling
    customer data.
  3. Opportunistic Renegotiation (Vendor Hold-Up)
    ○A vendor might exploit a client’s dependence by raising prices or changing contract terms once alternative suppliers are no longer viable.
    ○This typically occurs in long-term contracts where switching vendors is
    difficult.
36
Q

Risk Mitigation Strategies

A

●Vertical Chunkification – Dividing a process into sequential non-overlapping
activities handled by different vendors.
●Horizontal Chunkification – Splitting the same activity among multiple
vendors to reduce dependency on a single supplier.
●Internal Retention of Critical Functions – Keeping the most sensitive
processes in-house to prevent knowledge loss and vendor opportunism.

37
Q

Managing Strategic Risk
The authors suggest different strategies for controlling specific risks:

A

●Shirking Mitigation
○Monitoring vendor activities.
○Using multiple vendors to compare performance.
○Establishing performance-based compensation.

●Poaching Prevention
○Limiting vendor access to critical knowledge.
○Ensuring that no single vendor has full control over strategic operations.
○Using vertical chunkification to prevent knowledge leakage.

●Opportunistic Renegotiation Avoidance
○Maintaining some internal capacity to take over outsourced functions if
necessary.
○Using multiple vendors to ensure alternative suppliers are available.
○Structuring contracts with safeguards against price increases.

38
Q

Operational Risks

A

○Project Delays: Misaligned expectations, miscommunication, or unforeseen
technical issues can slow development.
○Quality Issues: Bugs, security vulnerabilities, or poor software architecture
can result from inadequate testing or lack of expertise.
○Dependency on Vendor: Over-reliance on a single vendor can create
long-term risks if the vendor discontinues support or goes out of business.

39
Q

Intrinsic Risks

A

○Atrophy of In-House Expertise: As internal teams become less familiar with
IS development, firms lose the ability to innovate or troubleshoot issues
independently.
○Geopolitical and Compliance Risks: Outsourcing to international vendors
may create compliance challenges related to data security, privacy laws, or
geopolitical instability.

40
Q

Mitigation Mechanisms for IT Outsourcing Risks
1. Contractual Safeguards

A

○Service-Level Agreements (SLAs): Clearly define performance
expectations, deadlines, and penalties for non-compliance.
○Intellectual Property (IP) Protection Clauses: Prevent vendors from using
proprietary knowledge for other clients.
○Exit Strategies: Ensure there are clauses for terminating contracts with
minimal disruption.
⇒ Effectiveness: While these contracts set expectations, enforcement can be challenging if
disputes arise. Legal action may be time-consuming and costly.

41
Q

Mitigation Mechanisms for IT Outsourcing Risks
2. Strategic Chunkification

A

○Vertical Chunkification: Splitting IS development into modular tasks with
different vendors, ensuring no single vendor gains full system knowledge.
○Horizontal Chunkification: Distributing tasks among multiple vendors to
prevent dependence on one supplier.
⇒ Effectiveness: This method effectively reduces poaching and vendor hold-up but
requires strong integration and oversight mechanisms.

42
Q

Mitigation Mechanisms for IT Outsourcing Risks
3. Retaining Critical Functions In-House

A

○Keeping core system architecture and data security processes internal to
prevent vendor control over sensitive components.
⇒ Effectiveness: Reduces strategic risk but may increase costs due to the need for internal
expertise

43
Q

Mitigation Mechanisms for IT Outsourcing Risks
5. Maintaining Multiple Vendors

A

○Using different vendors for development, testing, and maintenance ensures
competition and prevents opportunistic renegotiation.
⇒ Effectiveness: Reduces dependence but increases coordination complexity.

43
Q

Mitigation Mechanisms for IT Outsourcing Risks
4. Robust Monitoring and Testing

A

○Implementing continuous performance monitoring, peer code reviews, and
third-party audits.
○Requiring vendors to follow security and quality assurance best practices.
⇒ Effectiveness: Helps detect and mitigate issues early, but requires additional
management oversight.

44
Q

Mitigation Mechanisms for IT Outsourcing Risks
6. Knowledge Retention and Training

A

○Documenting code, system architecture, and vendor interactions.
○Cross-training internal staff to understand outsourced systems.
⇒ Effectiveness: Prevents long-term knowledge loss but may not be feasible for highly
specialized technologies.