Small and medium-sized businesses (SMBs) typically use on-premises information-technology (IT) systems. Responsibility for installing, configuring, maintaining, updating, and upgrading the IT systems is often borne by an owner or employee who has other responsibilities and, thus may have limited time and expertise to address IT problems. If the responsible person is working off site, on vacation, or ill, business operations may suffer extended interruptions until the responsible person returns. If the responsible person leaves the company, their familiarity with the existing on-premises system may take time to replace.
One increasingly attractive alternative is to host some or all IT tasks in the cloud. For example, Infrastructure-as-a-Service (IaaS) providers allow (SMB) subscribers to specify an IT system. The IaaS provider then provides a virtual computer system meeting the SMB subscriber's specifications. The IaaS provider takes responsibility for managing IT hardware, relieving the SMB customer of the same.
A typical IaaS provider owns or otherwise possesses a physical infrastructure, e.g., one or more data centers. The physical infrastructure is virtualized so that the resources (processors, memory, communications bandwidth, etc.) of the physical infrastructure can be shared among plural virtual infrastructures. Each of the virtual infrastructures can be leased to an IaaS subscriber. Because the subscribers' virtual infrastructure share the same physical infrastructure, the IaaS subscribers are, in effect, multiple tenants of the cloud system and its physical infrastructure.
Advantages to such multi-tenancy arrangements include the dynamic allocation of physical infrastructure resources among virtual infrastructures according to demand; such dynamic allocation provides for a much more efficient use of available resources than is typically attained by on-premises IT systems. Also, multi-tenancy arrangements can take advantage of pooled knowledge. Virtual-infrastructure configurations developed to meet the requirements of one tenant can serve as blueprints or templates to meet similar requirements by future tenants. A solution to one tenant's problem, e.g., a malicious malware intrusion, may be applied across the board to harden all tenants. Also, a solution for one tenant may add to a knowledgebase accessible by other tenants to solve their similar problems. In addition, since the subscriber applications are based in the cloud, they can be managed from anywhere, e.g., from home and from travel locations.
However, multi-tenancy arrangements can introduce some security risks. Normal risks include physical access from an SMB tenant location or over the Internet. However, a hacker, for example, could access one tenant's virtual infrastructure and use it as a base to access another's virtual infrastructure via the common physical infrastructure. It would be hard to identify in advance all forms of inter-infrastructure vulnerabilities, especially if dynamic resource allocation is employed. Accordingly, some SMEs continue to maintain on-premises IT systems for at least some of their IT needs.