What is cloud computing?

Cloud computing describes accessing IT resources over the internet, often in a pay-as-you-go model, delivered on-demand from a cloud-service provider.

Organisations in all industries are increasing dependence on the cloud

The infrastructure of building cloud computing systems accounts for more than a third of IT spending. This number indicates an increasing reliance on external infrastructure, management, security services, and applications.

Traditional IT spending continues to decline

Spending on the more traditional version of in-house IT is decreasing, and workloads are gradually moving into the cloud, be it public cloud services or private clouds built by enterprises.

Cloud computing originated in the early years of the new millennium, but computing-as-a-service has been around much longer. It began in the 1960s, when computer bureaus would allow companies to rent time on their mainframes to accomplish vital computing tasks. The bureaus benefitted because it brought in additional capital during what would otherwise be computer downtime, and the businesses renting the computing time enjoyed the cost savings of not having to purchase, install, and maintain expensive and bulky computer hardware.

Naturally, over time computers became smaller, more powerful, and much more affordable. The rise of the personal computer led to the increase of corporate data centres, which allowed companies to store vast amounts of information onsite. However, as data became more valuable, and more closely tied into nearly every aspect of business, the need for more advanced data centres and computing tools once again became prohibitively expensive.

To offset these costs while still enjoying the benefits of big data, businesses once again turned to the possibility of renting computer access. But this time, data and services would be available over the internet. Cloud computing was born, and SaaS providers quickly stepped in to offer advanced computing solutions via cloud-based platforms and tools.


Customers are capable of using a website or a similar control panel to provision resources, such as additional computers, networks, or user email accounts without the need for human intervention or interaction between customers and vendors.

Broad access

Users across a range of computing devices can access data and computing resources. The cloud is accessible from essentially any internet-capable device, including desktops, laptops, tablets, smartphones etc.

Graphic showing the different characteristics of cloud computing.

Resource pooling

Vendors use shared computers to provide cloud services. Virtual technologies and multi-tenancy mechanisms segregate and protect customers and their data from unauthorised access.

Rapid elasticity

Cloud computing is capable of quickly and automatically expanding or reducing available processing, data storage and network bandwidth to meet user needs.


Customers only pay for computing services that they use, and they are able to monitor their usage.

While cloud computing describes any IT resource accessed over the internet, organisations and providers use and deliver cloud services in a number of distinct ways. There are four major types of cloud deployment, and three common service models.

Types of cloud

  • Public: Used by the general public and managed by a business, a third-party organisation, or a combined organisation. Public cloud stores data from many different clients on common servers, while using advanced security measures to ensure that data is only accessible to authorised users.

  • Private: Used exclusively by consumers from organisations, and managed by the organisation. A private cloud caters only to a single organisation.

  • Community Cloud: Provisioned for use by a community of consumers from organisations with mutual concerns. It may be owned and managed by organisations in a community, a third party, or a combination of the two.

  • Hybrid: Composed of two or more cloud infrastructures (private, community, or public) and uniquely services entities, but is also bound by standard technologies that enable data portability.

Graphic showing the different types of cloud

Service models

  • IaaS: Infrastructure as a Service is a system wherein vendors provide physical computer hardware and connectivity options. This can also be used across multiple tenants using virtualisation technology. Customers have the opportunity to run systems and applications of their choice, while the vendor maintains the physical hardware.
  • SaaS: The vendor uses the cloud infrastructure to provide software applications to customers. Examples include email, documents, spreadsheets etc. These services are usually accessed from a web browser and don’t require the installation of software, though this is still an option.
  • PaaS: Platform as a Service includes IaaS with the addition of system and server applications. This allows customers to use the cloud infrastructure and software developed by the client with the use of programming languages supported by the vendor. The vendor usually maintains physical computer hardware, OS, and server applications.

While cloud computing is essentially an umbrella term that encompasses all forms of remote IT resource access, cloud management is something different. Cloud management describes the strategies and tools designed to optimise cloud infrastructure resources and services for the benefit of a specific organisation.


Users have the ability to scale different services for their needs, access cloud applications from anywhere, and customise the applications they use.


Enterprise users can speed their applications to market more quickly without the worry of underlying costs or maintenance.

Strategic Value

There is a more competitive advantage, as clouds provide the most innovative technology available.

Cloud computing use cases

  • Data backup
  • Disaster recovery
  • Email
  • Virtual desktops
  • Software development
  • Big data analytics
  • Customer-facing web applications

Cloud management use cases

  • Cloud Provisioning and governance
  • Improving developer speed
  • Intelligent workload placement
  • Manage cloud spend

Another aspect of cloud management is cloud governance. Cloud governance describes overseeing and regulating issues such as cost, operations, security, risk, budgets, and compliance across multiple clouds. In cloud governance, the focus is on cost, security, and operations, where cloud management often focuses on resources. Naturally, there is a significant amount of overlap between the two terms.

When working with a range of cloud providers, businesses face unique challenges. Specifically, there is no standardisation of operating models between providers, and each option brings with it its own proprietary provisioning tools. This leads to increased operational complexity, and makes effective governance extremely difficult.

An effective cloud governance solution empowers businesses to create a unified framework for provisioning and governance in a multi-cloud environment, while still promoting increased cloud agility and without restricting individual cloud-vendor capabilities.

Benefits of cloud governance

Effective cloud governance demands a reliable optimisation and provisioning solution. ServiceNow ITOM Optimization makes it easy to provision on-demand cloud services while maintaining acceptable cloud spend. With ServiceNow, you can enjoy the full capabilities of every cloud provider, and create a manageable, unified operating model across your entire cloud ecosystem. Benefits include:

  • Standardised multi-cloud service catalogue
  • Non-intrusive policy guardrails
  • Empowering self-service options
  • Consistent modelling
  • Accelerated delivery

Multi-cloud management considerations

Managing multiple clouds can be difficult, depending on the number of clouds involved—both from a cost optimisation and technology perspective. Customers tend to subscribe to various cloud services to avoid a dependency on a single service. A better approach is to select a public cloud, analyse the features they offer, and then integrate them.

Cost control and management-overhead reduction can be reconciled by using cloud management platforms (CMPs) and/or cloud service brokers (CSBs). Both help you manage multiple clouds in one location. But, these services can limit customers to common-denominator services, ignoring the unique advantages of individual cloud service providers.

Edge computing considerations

Cloud computing is often considered an alternative to edge computing. However, edge computing moves local computing to local devices in a distributed system that is usually layered around a cloud computing core. Cloud is typically involved in orchestrating all of the devices, then it collects their data, analyses it, and acts on it.

Cloud security considerations

Protecting data from access by a third party

  • Your choice of cloud aligns with your organisation’s risk tolerance.
  • You understand the privacy laws of the countries that will have access to your data.
  • The vendor sanitises media storage at the end of its life.
  • Users can access and store important data only through trusted operation environments.
  • Auditing is available for the vendor’s security or access management for the systems you access.
  • ACSC-approved encryption protects your data at all times.

Protecting data from access by the vendor’s customers

  • The vendor you choose carefully separates your data from data used by other organisations.
  • You have the option to access computers dedicated to your exclusive use.
  • Use of the cloud does not weaken your security posture.
  • Deleted data is sanitised before it is reused.

Protecting data from access by the vendor’s employees

  • Vendor employees and personnel are adequately vetted.
  • Every action performed by a vendor’s employees is reviewed and logged.
  • The vendor data centres use cable management systems to identify any tampering.
  • Your password or key for data decryption are not known by the vendor.
  • Any visits to the vendor’s data centres are identified and escorted.

How to handle cloud security

  • Ensure that the vendor provides timely responses and support for any security issues.
  • The vendor has a good, strong security plan.
  • You will be notified of any security incidents.
  • You are able to audit logs and any information needed for a forensic investigation.
  • Adequate compensation for security breaches will be provided.
  • Employees are trained to detect and address any security incidents.

Cloud computing in the future will be widespread and will continue to rapidly grow. In fact, it’s predicted that 40% of organisations will deploy cloud computing technology by 2022, and edge computing will be a crucial part of the setup (source: Learn Hub).

Software development agencies will find an advantage in the agile frameworks they follow, as they will be able to continuously integrate process and speedy delivery of cloud systems. Online security firms will let users work remotely from anywhere around the globe as they transition to zero-trust security models from Google, rather than continuing to use traditional firewalls. Data analytics firms will continuously focus on improving data analysis to make informed decisions, and the continuity of the analysis will be crucial.

A Cloud Centre of Excellence is a fusion of cross-functional teams, like DevOps, CloudOps, Infrastructure, and Finance. CCoE provides the opportunity for these teams to manage cloud strategy, governance, best practices, and to be a location for cloud leaders within the organisation.

Who benefits from Cloud Centre of Excellence?

  • Cloud-centred organisations like DevOps, Security, and Finance who need to ensure that the diverse business sets within a business unit are using best practices.
  • Larger, multi-cloud organisations who demand a standardised series of processes and tools to work across CSPs for security, operations, cost control, and governance.
  • MSPs who develop cloud centres and are focused on creating best practices for customers.

What should a Cloud Centre of Excellence prioritise?

  • Interdepartmental communication
    CCoE bridges departments that use, fund, or measure cloud operations. The departments and stakeholders need to be on the same page regarding goals, budgets, and timelines for cloud operations.
  • Technology expertise
    It’s imperative that the CCoE has strong expertise in the cloud technology used by the organisation, as they are the drivers of innovation within the organisation.
  • Governance
    Authority and standardisation are two major elements of governance. An effective CCoE should be granted authority to create policies and standards for cloud security, cost control, and compliance. The expectation is that everyone in the organisation will adhere to these policies. 
  • Repeatability and automation
    After the establishment of policies, the deployment process will need to be repeatable with reference architectures, as well as available tools and platforms in place for cost control and governance.
  • End-user buy-in
    It’s crucial for the CCoE team to develop a sense of engagement in the teams, or the new structure will not succeed.

A consistent operating model

Leverage your existing ITSM processes, quickly creating a unified management framework across both multi-cloud and non-cloud environments.

Deliver cloud services faster

Easily define new types of cloud services using cloud-native templates and offer them through a unified service catalogue. Provision cloud services in real time, responding instantly to requests from DevOps and other cloud users.

Strengthen cloud governance

Establish non-intrusive policy guardrails, including quotas, available cloud service types, naming conventions, workload placement, and more. Automatically manage approvals for policy exceptions while instantly fulfilling compliant requests.

Empower your users with self-service

Deliver a streamlined, responsive user experience with an intuitive self-service portal where users can create and manage their cloud resources.

Leverage out-of-the-box integrations

Take advantage of integrations with configuration providers and other vendors, including Terraform and Ansible Tower.

The ServiceNow solution

ServiceNow® ITOM Optimization lets you rise to this multi-cloud challenge. Its Cloud Provisioning and Governance feature provisions on-demand cloud services, accelerating service delivery while providing consistent, non-intrusive governance guardrails that prevent uncontrolled cloud spend. It directly leverages native cloud provisioning capabilities—for example, AWS CloudFormation templates—so you have unrestricted access to the full power of each cloud vendor. And it works seamlessly with ServiceNow IT Service Management, creating a unified operating model across your cloud and non-cloud estate.

Standardised multi-cloud service catalogue

Create a catalogue of standardised cloud services by importing cloud vendor templates into the role-based ServiceNow service catalogue. DevOps and other users simply select the cloud service they want, enter configuration parameters, and submit their request. They can also do this programmatically using a built-in REST API. ServiceNow automates the end-to-end provisioning process, creating the requested cloud resources in real-time—often in seconds when no approvals are required. This provides a consistent, secure, and auditable way of ordering services across multiple clouds, delivering effective governance while simplifying and accelerating provisioning for users.

Non-intrusive policy guardrails

Define role-based permissions and policies for your users, creating non-intrusive guardrails that are only triggered when there is an exception condition. Policy examples include storage and CPU quotas, allowed cloud service types, naming conventions, workload placement, resource sizing limits, tagging policies, and more. This lets you manage approvals for policy exceptions while instantly fulfilling compliant requests. You can also establish leases for non-production cloud resources, alerting resource owners when the lease is about to expire. Unless the owner renews the lease, ITOM Optimization automatically deprovisions the resource—reducing cloud sprawl and stranded cloud assets.

Empower your cloud users with intuitive self-service

ITOM Optimization makes it easy for cloud users to see and manage all of their cloud services in one place. Its Cloud User Portal delivers a consumer-like, unified experience where users can create new cloud services, manage their existing cloud services, track approvals, and see associated changes and incidents for their cloud resources. The portal also has quota utilisation information, creating situational awareness and encouraging users to release cloud resources they no longer require. ITOM Optimization also includes a dedicated Cloud Administration Portal, providing a single pane of glass where IT managers can govern their cloud resources and deployment policies across multiple cloud vendors.

Capabilities that scale with your business

Foresee problems before they arise with ServiceNow.

Loading spinner