Technology

Computing Australia Cloud Computing Guide

Computing Australia
Cloud Tech Guide

What Is Cloud Computing?

Cloud computing delivers IT services – compute (servers/VMs), storage, databases, networking, software, analytics, AI – over the internet (“the cloud”). This cloud computing covers how, instead of buying and maintaining hardware, you consume what you need on demand and pay only for what you use. Done right, cloud brings

Speed & agility: provision environments in minutes instead of weeks.
Elastic scale: expand or contract capacity with demand.
Cost transparency: shift from large CapEx to predictable OpEx.
Continuous innovation: new features land continuously without you lifting a finger.

Think of it as utility computing: like electricity, you don’t build a power plant; you plug in and use what you need, safely and cost-effectively.

Service Models Explained in this Cloud Computing (IaaS, PaaS, SaaS & More)

Use when: you need control/flexibility or to “lift-and-shift” legacy workloads.

Use when: you want faster development and built-in scaling without server management.

Use when: workloads are bursty or event-driven and you want near-zero ops

Rule of thumb: the more you move right (SaaS/Serverless), the less infrastructure you manage and the faster you can ship value-provided the service fits your needs.

Deployment Models: Public, Private, Hybrid & Multi-Cloud

Public cloud: Shared provider infrastructure (AWS, Azure, Google Cloud). Highest agility and broadest services.
Private cloud: Dedicated infrastructure for one organisation (on-prem or hosted). More control, often higher cost.
Hybrid cloud: Mix of public + private with integration (e.g., sensitive data stays private; burst to public).
Multi-cloud: Use services from more than one provider. Avoid lock-in, optimise features, or meet compliance/location needs.

Choosing the model – start with business goals (compliance, latency, cost, skillset) and application needs (data gravity, integration). This cloud computing notes hybrid is common during transition, while multi-cloud is strategic only when there’s a clear benefit (e.g., AI/ML or analytics).

Business Benefits (Beyond the Buzzwords)

1. Cost savings & predictability

Avoid heavy upfront hardware spend; align costs with usage. Maintenance, space, power and cooling drop dramatically.

2. Scale on demand

Add users, markets or seasonal workloads without capacity planning dramas.

3. Security by default

Leading providers invest heavily in security features (encryption, identity, logging, WAFs). You inherit strong controls and can layer your own.

4. Resilience & continuity

Design across multiple zones/regions. Failovers become architectural patterns, not firefighting.

5. Collaboration anywhere

Same experience in or out of the office. Standardised access, shared documents and integrated communications.

6. Unlimited storage & modern backups

Grow storage when needed; apply lifecycle policies to control cost.

7. Continuous improvement

New services and performance upgrades arrive regularly-no forklift upgrades.

8. Competitive edge

Faster releases, smarter data use, reduced downtime-your team focuses on outcomes, not plumbing.

Risks & How to Mitigate Them

Cost sprawl: Easy to spin up resources; hard to remember to turn them off.
Mitigation: Budgets, alerts, tagging, automation to downscale and clean up.
Vendor lock-in: Deep use of proprietary services can make exit painful.Mitigation: Containers, open standards, data export plans, multi-cloud only when justified.
Security misconfigurations: Public buckets, over-permissive roles, exposed ports.
Mitigation: Baseline guardrails, least privilege, automated policy checks, continuous monitoring.
Skills gap: New paradigms (IaC, CI/CD, zero trust).
Mitigation: Training, centres of excellence, partner with experienced MSPs.
Compliance complexity: Data residency, retention, industry obligations.
Mitigation: Classify data, choose compliant regions/services, document controls.

Cloud Economics: Budgeting, TCO & FinOps

TCO (Total Cost of Ownership) model:

Budgeting tips:

Start with a landing zone that enforces budgets and tagging.
Use chargeback/showback so teams see what they spend.
Review committed use options (savings plans/reserved instances).
Establish a FinOps cadence-monthly reviews of spend, rightsizing, and waste.

Security, Privacy & Compliance Essentials

Shared responsibility: Provider secures the cloud; you secure what you run in it (apps, data, access).
Encryption: In transit (TLS) and at rest (managed keys or customer-managed keys).
Identity & Access Management: Central identity provider (e.g., Entra ID/Okta). Enforce MFA, conditional access, and least privilege.
Network security: Private subnets, security groups/NSGs, WAFs, DDoS protection, zero-trust principles.
Logging & SIEM: Centralise logs (CloudWatch/Cloud Logging/Azure Monitor) and detect anomalies.
Compliance: Map controls to frameworks relevant to you (e.g., ISO 27001, SOC 2, PCI DSS, Australian Privacy Act). Document data residency choices and backup retention.

Migration Roadmap: A Step-by-Step Plan

1. Business Case & Discovery

2. Strategy & Architecture

3. Pilot & Proof of Concept

4. Data Migration

5. Application Migration (7R-see next section)

6. Cutover & Stabilise

7. Operate & Optimise

Application Modernisation: The 7R Framework

1. Retain: Keep on-prem for now (e.g., legal, latency, hardware dependencies).

2. Retire: Decommission unused or redundant systems.

3. Rehost (Lift & Shift): Minimal changes; fastest migration.

4. Replatform: Migrate with small optimisations (managed DBs, containers).

5. Refactor/Re-architect: Significant code changes; adopt microservices/serverless.

6. Repurchase: Replace with SaaS.

7. Relocate: Move VMs en masse via hypervisor-level migration (where supported).

Tip: Use a mix. Aim for quick wins early; invest refactoring effort where it pays off (e.g., scalability, speed to market).

Data, Backup & Disaster Recovery

Cloud computing Infographics Computing Australia Group

Backup policy: Define retention (e.g., 7/30/365), encryption and off-region copies.
RPO/RTO: Recovery Point Objective (data loss tolerance) and Recovery Time Objective (downtime tolerance) guide architecture.
DR patterns: Pilot Light, Warm Standby, Active-Active across zones/regions.
Lifecycle management: Tier cold data to cheaper storage; set automatic transitions and deletion where appropriate.

Networking, Identity & Access

Network design: Hub-and-spoke VPC/VNet, private endpoints, service mesh for microservices.
Connectivity: Site-to-site VPN or dedicated links (ExpressRoute/Direct Connect).
DNS & certificates: Centralised management; automate renewals.
Identity foundations: Single sign-on, role-based access control (RBAC), just-in-time privileged access, break-glass accounts.

Observability & Operations (CloudOps)

Monitoring: Metrics, logs and traces for apps and infrastructure.
Alerting: Prioritise by business impact; avoid alert fatigue.
Automation: Infrastructure as Code (Terraform/Bicep/CloudFormation), CI/CD pipelines, immutable deployments.
SRE practices: Error budgets, SLIs/SLOs, post-incident reviews.
Patch management: Use managed services where possible; automate OS patching for IaaS.

Cost Optimisation Playbook

Right-size: Pick instance sizes based on measured utilisation; downsize non-critical tiers.
Schedule: Turn off dev/test outside business hours.
Autoscale: Scale with demand; scale to zero for serverless.
Storage hygiene: Delete unattached volumes/snapshots; apply lifecycle rules.
Discounts: Savings plans/reservations for steady workloads.
Tagging for visibility: Owner, environment, cost centre, application.
Regular reviews: Monthly FinOps checkpoint for anomalies and waste.

Collaboration, Productivity & Remote Work

Unified tools: Email, chat, video, document collaboration (e.g., Microsoft 365 or Google Workspace).
Security baked in: Conditional access, DLP, device compliance, secure guest access.
Anywhere access: Same user experience in office, on the road or at home.
Standardisation: Templates, shared workspaces, governed sharing policies.

Analytics, AI & Edge: What’s Next

Modern data stack: Data lake + warehouse + streaming for real-time insights.
AI/ML: Prebuilt models (translation, vision) and custom training.
Edge computing: Process data near devices for low latency (IoT, retail).
Automation: Bots and copilots to speed routine tasks and augment staff.

Common Pitfalls to Avoid

Starting without a landing zone or guardrails.
Migrating everything as lift-and-shift and declaring victory.
Ignoring IAM and least-privilege from day one.
Skipping DR testing.
Treating cloud as “just someone else’s data centre” (and missing out on PaaS/Serverless benefits).
No owner for costs; no tagging; no budgets.
Under-investing in training and change management.

Quick Checklists

Minimum Viable Landing Zone

Central identity + MFA + conditional access
Account/subscription structure with RBAC
VPC/VNet with private subnets & egress controls
Baseline policies (no public storage by default, encryption on)
Central logging & SIEM integration
Backup & DR policy defined
Cost tags + budgets + alerts

Go-Live Readiness

Performance baselines met
RPO/RTO validated via tests
Security review passed (ports, WAF, IAM)
Monitoring dashboards + actionable alerts
Runbooks & rollback plan in place
Stakeholder comms plan ready

Glossary

RPO/RTO: Data loss tolerance / downtime tolerance targets.
Landing Zone: Prebuilt cloud foundation with security, networking, identity and policies.
FinOps: Financial operations for cloud spend management.
IaC: Infrastructure as Code-manage infra with code for repeatability.
Zero Trust: “Never trust, always verify” access model.

Call Chris on 0438 855 884 or email sales@computingaustralia.group

Computing Australia Cloud Tech Guide