Securing your PC or laptop against cyber-criminals

We constantly hear about computer viruses, trojans, spyware, malware, etc that has made most of us indifferent about the need to apply the latest updates against operating system vulnerabilities, and to keep our firewall, anti-virus and anti-spyware solutions up-to-date. Most of us may feel that no matter what we do to secure our desktop PCs or laptops, viruses, trojans, spyware, malware, etc will still penetrate our computer systems. So, why bother? Thus, most PC and laptop users think that defensive efforts are futile. This basically stems from a lack of understanding or misinformation. When an unethical hacker or cyber-criminal gains access to your computer system, the potential for executing malicious acts is very high.

I will use the Microsoft Windows file system for this discussion simply because Windows is the most commonly used operating system in the world today, making it an attractive target for unethical hackers and cyber-criminals.

The Windows NT File System (NTFS)

Microsoft's NTFS file system was introduced with the launch of Windows NT, and is still the file system used by Windows 2000, XP, Vista and the new Windows 7 operating system. The NTFS file system is a major improvement over the previous File Allocation Table (FAT) file system.

The NTFS file system “was designed to include many features, including data recovery, security, fault tolerance, large files and file systems, multiple data streams, UNICODE names, sparse files, encryption, journaling, volume shadow copies, and file compression” (Silberschatz, Galvin & Gagne, 2006, p. 790).

Once a computer system is compromised, unethical hackers and cyber-criminals usually hide their malicious files, instructions or data in the hard disk, using either of two popular methods: (a) low-level formatting, and (b) partitioning.

If the low-level formatting method is chosen, unethical hackers and cyber-criminals typically target the redundant sectors and bad sectors to hide their damaging codes. In the partitioning method, the typical target locations are the partition tables, inner-partition gaps, hidden partitions, deleted partitions, unallocated spaces, and boot records. However, a competent and up-to-date anti-virus and anti-spyware application can identify and act to remove such threats.

A more subtle technique makes use of the multiple data streams (MDS) feature of NTFS. The MDS feature enables multiple independent streams of data to exist in a file. Each stream contains the complete data of the file, for e.g. .doc, .xls, .txt, .zip, etc. Furthermore, the MDS includes a data stream known as Alternate Data Stream (ADS), originally created for compatibility with the Apple Macintosh Hierarchical File System (HFS) but is also used by most application programs and native Windows operating system to store file attributes and for temporary storage of other file related information.

Alternate Data Streams (ADS)

ADS provides the ability to fork file data into other files without affecting their functionality and size or display of file information to file browsing utilities such as the DOS “dir” command and Windows Explorer.

The following steps demonstrate how an unethical hacker or cyber-criminal can make use of ADS to plant malicious codes and launch it later.

Step 1: Using Microsoft Windows XP

1. Create the folder 'ADS_Demo' in your hard disk root directory C:\
2. Copy and paste the applications Notepad.exe and Mspaint.exe into C:\ADS_Demo
3. Your result should be similar to that shown in Figure 1
4. For this demonstration, let us assume that the application Notepad.exe is the file created and planted by an unethical hacker or cyber-criminal into your PC or laptop, and contains malicious codes. In other words, assume Notepad.exe is the malicious file
5. Take note of the file sizes and date stamps as follows: Notepad.exe = 68KB, 4/14/2008 and Mspaint.exe = 335KB, 4/14/2008

Figure 1: Windows Explorer

Step 2: Create an ADS for the malicious file

1. Launch 'Command Prompt' from Start All Programs Accessories
2. Change directory to C:\ADS_Demo
3. Enter the DOS command 'dir' to list the contents of your ADS_Demo sub-directory
4. Your results should be similar to Figure 2
5. Again, take note of the file sizes and date stamps as follows: Notepad.exe = 69,120 bytes and Mspaint.exe = 343,040 bytes. No change in the date stamps
6. Now, to create an ADS, enter the command 'type notepad.exe > mspaint.exe:notepad.exe'
7. Your result at this stage should be similar to Figure 3
8. Notice that the file size of Mspaint.exe remains unchanged at 343,040 bytes although we have already embedded 69,120 bytes of the malicious file to it, but the date stamp has changed from 4/14/2008 to 10/11/2009
9. A check under Windows Explorer (Figure 4) also shows that the file sizes have not changed at all, but the date stamp of Mspaint.exe is now 10/11/2009

Figure 2: Run Command Prompt & List folder contents

Figure 3: Create an ADS for Notepad.exe (the malicious file)

Figure 4: Windows Explorer

Step 3: Launching the malicious file

1. In the Command Prompt window, execute the malicious file using the standard DOS command ‘start’ as follows 'start c:\ads_demo\mspaint.exe:notepad.exe' (Figure 5). On your Windows desktop, the Notepad program (the malicious file) will launch (Figure 6)
2. Then launch Task Manager to check which program is running. If your computer system is NOT protected by the latest updates against Windows vulnerabilities, then Task Manager will wrongly report that Mspaint.exe is running instead of Notepad.exe (the malicious file) as shown in Figure 7

Figure 5: Launch Notepad.exe (the malicious file)

Figure 6: Notepad.exe runs in your Windows desktop

Figure 7: Task Manager wrongly reports Mspaint.exe is running

Step 4: Delete Notepad.exe (the malicious file)

1. Since Notepad.exe is the (assumed) malicious file, we must remove or delete it from our computer system
2. In the Command Prompt window, enter 'del notepad.exe' (Figure 8)
3. Then enter 'dir' to check whether it has been deleted. The 'dir' command shows only the Mspaint.exe file in the sub-directory (Figure 8). Thus, Notepad.exe was deleted or is it?
4. Enter the command 'more <. mspaint.exe:notepad.exe > notepad.exe' and the Notepad.exe (the malicious file) is regenerated as shown in Figure 9, and likewise in Windows Explorer (Figure 10)
5. Note that prior to deletion, the date stamp of Notepad.exe (the malicious file) was 4/14/2008 and the date stamp of the regenerated Notepad.exe (the malicious file) has changed to 10/11/2009
6. Thus, malicious programs embedded using ADS are difficult to be removed or deleted permanently. The use of appropriate anti-intrusion security solutions is usually required

Figure 8: Delete Notepad.exe (the malicious file)

Figure 9: Easily regenerate Notepad.exe (the malicious file)

Figure 10: Windows Explorer

Conclusion

From the above demonstration, we can conclude that when unethical hackers or cyber-criminals gain access to a computer system, they can easily hide malicious programs to existing files, and the file size shows no increase in size even after malicious codes have been added. Later, the malicious programs are launched to cause havoc to the computer system or take control of the computer system to further spread malicious programs to other computers via the Internet.

Therefore, it is important that as a computer user, you ensure that your computer system is:

• updated with the latest updates or patches against operating system vulnerabilities
• protected by a firewall application from a reputable security software company to prevent malicious access or intrusion
• using a firewall program that is regularly updated with any new patches released by the manufacturer (use the auto-update feature)
• protected by an anti-virus and anti-spyware program from a reputable security software company and that the program scans in real-time for viruses, trojans, spyware, malware, etc
• using the latest anti-virus and anti-spyware definition files (use the auto-update feature)

While there are good firewall, anti-virus and anti-spyware programs which are downloadable free-of-charge for use, these typically have some missing or disabled features. For e.g. in most free versions of anti-virus and anti-spyware programs, these solutions do not run in live mode i.e. they allow the computer systems to be infiltrated by the virus or spyware, and then during scheduled scans, take action to clean or remove the virus or spyware. It is highly recommended that you use anti-virus and anti-spyware programs that run live and thus, is able to intercept the incoming virus or spyware in real-time, in addition to scheduled scans.

References:

Gralla, Preston. (2005). Windows XP Hacks, Second Edition. New York: NY, O'Reilly

Silberschatz, Abraham; Galvin, Peter B. & Gagne, Greg. (2006). Operating System Principles, Seventh Edition (Wiley Student Edition). Singapore, John Wiley & Sons Asia

Sinchak, Steve. (2004). Hacking Windows XP. New York: NY, John Wiley

Solomon, David. A. & Russinovich Mark. E. (2000). Inside Microsoft Windows 2000, Third Edition. Redmond: WA, Microsoft Press

Tanenbaum, Andrew S. & Woodhull, Albert S. (1997). Operating Systems: Design and Implementation, Second Edition. Upper Saddle River: NJ, Prentice Hall

Tanenbaum, Andrew S. (2001). Modern Operating Systems, Second Edition (Eastern Economy Edition). New Delhi: India, Prentice Hall India

Value-based Marketing: A Quantitative Approach to Creating Shareholder Value (Part 1 of 2)

The dot.com crash of the late 1990’s, gross errors in business strategies, and corporate mismanagement scandals such as Enron, Tyco International, WorldCom, Parmalat, Marconi, and Daewoo had generated renewed interest in corporate governance and in the creation and sustenance of shareholder value.

Thus, it has become increasingly necessary to ensure that companies and corporations are effectively and efficiently managed for shareholder value. One approach is known as value-based management.

The Chartered Institute of Management Accountants’ official terminology defines value-based management as “a managerial process which effectively links strategy, measurement and operational processes to the end of creating shareholder value” (Starovic, Cooper & Davies, 2004, p. 2).

Value-based management attempts to identify the basics of value creation by focusing on issues that matters to shareholders, resulting in an acceptable annual return on their capital investments.

Among the key activities and resources being focused around value creation is marketing, and the ability to identify the contribution of marketing and evaluate or measure its effectiveness is necessary in value-based management.

An approach to creating the ability is via value-based marketing. Value-based marketing defines the central objective of marketing as contributing to the maximization of shareholder value by aligning customer focus marketing to the interests of shareholders (Doyle, 2000a, p. 4).

Many companies realize that the key to sustainability and profitability lies with customers. Thus, we see an increasing shift of companies to become more customer-focused in order to increase customer value, and managing customer loyalty to create higher shareholder value (Best, 2009, p. 36).

What is Shareholder Value?

What is shareholder value? How do we measure it? Shareholder value is a financial concept under the ownership of the financial management discipline. Shareholder value is determined by four factors:

• The level of cash flows
• The time value of money or cash
• The durability of cash generating assets i.e. the concept of net present value
• The risks of future cash flows i.e. the opportunity cost of capital (Doyle, 2000b, p. 300)

In non-financial terms, shareholder value can be created when corporate actions result in the:

• Introduction and sales of new products or services, or variations of existing products or services, clearly differentiated from competitors’ offerings
• Adoption of new technologies that will create or enhance its core competencies
• Developing and implementing entry barriers against potential rivals
• Reduction of operating costs or the increase in efficiency of resource utilization (Subbrayan, 2008, pp. 13 – 14)

Consistent successes in creating shareholder value are typically reflected in a company’s share price. In Value-Based Marketing, Doyle says, “The basic principle of shareholder value is that a company’s share price is determined by the sum of all its anticipated future cash flows, adjusted by an interest rate known as the cost of capital” (2000a, p. 33).

Thus, companies that adopt the shareholder value approach will need to maximize returns for shareholders by developing and executing marketing strategies that maximize the value of cash flows over time.

Quantifying Shareholder Value: Basic valuation methods

a) Shares and Shareholder Returns

Shareholder return is derived from the capital appreciation on the value of the stock, and the dividend distribution by the company.

Let us consider a simple example at the personal shareholder level – assuming that the stock of Malaysian Airline System Bhd (MAS) is trading at Malaysia Ringgit 10 per share, and you decide to buy 1,000 shares. Your investment amounts to RM10,000. Five months later, the share is trading at RM10.95 per share, and the company declares a RM2 per share dividend.

What is the current market value of your shares?
Current market value = RM10.95 x 1,000 = RM10,950

How much is the capital gain?
Capital gain = (RM10.95 – RM10) x 1,000 = RM950

How much did you benefit from the RM2 per share dividend?
Dividend income = RM2 x 1,000 = RM2,000

Thus, the total shareholder return = RM950 + RM2,000 = RM2,950. In other words, the original RM10,000 investment has grown into RM12,950 through capital gain and dividend income.

What is the total percentage of shareholder return?
Total percentage return = RM2,950 / RM10,000 = 29.5%

How much of 29.5% is due to capital gain and how much is due to dividend income?
Capital gains yield = (10.95 – 10) / 10 = 9.5% i.e. each Ringgit invested has returned 9.5 sen in capital gains.

Dividend yield = (RM2 / RM10) x 100% = 20% i.e. each Ringgit invested has produced 20 sen in dividends.

In total, each Ringgit invested in MAS’ stock has returned 29.5 sen.

b) Discounted Cash Flow (DCF) and Net Present Value (NPV)

Using a simple example, let us assume that investment analysts have projected that MAS is to produce annual cash flows of RM100,000 for the next five years due to its business transformation plan of implementing a value-based marketing strategy. Will it be worthwhile to invest in MAS now?

We will need to compute the Net Present Value (NPV) of the projected cash flows over the five year period. For this purpose, let us assume the required rate of return is 10 percent.

Referring to a Present Value Table http://www.studyfinance.com/common/table3.pdf for the Present Value Factor, we can create the following Table 1.

Table 1

Since the sum of all present values of cash flows is RM379,070, thus, an investment amount today that is lesser than RM379,070 would constitute a prudent investment.

c) Economic Value Added (EVA)

A measure of shareholder value that has gained popularity is the Economic Value Added (EVA) model, established by Joel M. Stern and G. Bennett Steward III.

The proponents of EVA claim that it is a measure of a company’s true economic value creation, but presently, there is wider acceptance of cash flow as indicator of shareholder value and wealth creation. The fundamental percept of EVA is that true shareholder value is only created if a surplus is created over the total capital invested in the business.

Using data from the 2006 and 2007 Annual Reports of MAS, the EVA is computed as follows:

EVA = EBIT(1-t) – (Capital x WACC)

Table 2: Economic Value Added (EVA) of MAS

* To simply the discussion, we assume that WACC = 15%

Since MAS was loss making in the financial years 2005 and 2006, the EVA reflects that negative shareholder value was created (i.e. the destruction of shareholder value) during those financial years. For the financial year 2007, MAS was profit making again, and positive shareholder value was generated.

We have identified that shareholder return is derived from capital appreciation on the value of the stock, and dividend distribution by the company. The capital appreciation of the value of the stock i.e. creation of shareholder value is determined by the sum of all its anticipated future cash flows, adjusted by an interest rate known as the cost of capital.

Figure 1: Relationship between Marketing and Shareholder Value

Then, how is future cash flows generated? Obviously, the primary source is from sales revenues (Figure 1). Activities such as operational costs reduction and the efficient use of cost resources are indirect means of enhancing cash flows. The higher the sales revenues, the higher the potential for the company to generate more cash flows. In turn, higher sales revenues can be achieved through the successful execution of strategic marketing plans and marketing activities that create higher customer values. Thus, marketing is related to and central to the creation of shareholder value.

References:

Best, Roger J. (2009). Market-Based Management: Strategies for Growing Customer Value and Profitability (5th Edition). Upper Saddle River, New Jersey: Pearson Education Inc.

Creating the Lexus Customer Experience. (2009). The Executive Issue, No: 34, January. Management Centre Europe. Downloaded from http://www.mce-ama.com/downloads/cases/MCE_cat09_CCS-Lexus.pdf

Doyle, Peter. (2000). Value-Based Marketing: Marketing Strategies for Corporate Growth and Shareholder Value. Chichester, England: John Wiley & Sons Ltd

Doyle, Peter. (2000). “Value-Based Marketing.” Journal of Strategic Marketing, Vol. 8 (4), pp. 299 – 311

Hodge, Richard & Schachter, Lou. (2006). “Accelerate Your Customers' Success: The Lexus Sales Story.” CustomerThink.com, September 5. Downloaded from http://www.customerthink.com/article/accelerate_your_customers_success_the_lexus_sales_st

Lexus Earns Best-Selling Luxury Brand Title for Sixth Consecutive Year – Surpasses 300,000 Sales in Record-Breaking Year. (2006). Lexus.com, January 4. Downloaded from http://www.lexus.com/about/news/articles/2006/1/20060104_1.html

Malaysian Airline System Bhd (MAS) 2006 and 2007 Annual Reports. Downloaded from http://www.malaysiaairlines.com/hq/en/corp/corp/relations/info/reports/annual-reports.aspx

Starovic, Danka; Cooper, Stuart & Davis, Matt. (2004). “Maximising Shareholder Value: Achieving clarity in decision-making.” The Chartered Institute of Management Accountants. Downloaded from http://www2.cimaglobal.com/cps/rde/xbcr/SID-0A82C289-AA3CDFE4/live/tech_techrep_maximising_shareholder_value_0105.pdf

Subbrayan, Radhakrishnan. (2008). How a Company Creates Shareholder Value. Petaling Jaya, Malaysia: Leeds Publications

The Chartered Institute of Management Accountants. (2005). “CIMA Business Talk: Creating Shareholder Value.” New Straits Times - Appointments, July 2, p. 12

Wilson, Richard M. S. & Gilligan, Colin. (2005). Strategic Marketing Management: Planning, Implementation and Control (3rd Edition). Oxford, England: Butterworth-Heinemann / Elsevier

Cloud Computing – an introduction

1.0 The evolution and concept of cloud computing

“Cloud” is a metaphor for the Internet. Thus, cloud computing is Internet computing or in other words, the usage of the Internet as a computing infrastructure and resource. In cloud computing, the Internet is used to provide services such as data storage, software applications, and email and file exchanges.

The key aspect of cloud computing is that the users do not have or need the knowledge, control or ownership of the computer and network infrastructure. Users just simply access the software or service they require to use and pay for what they use. Therefore, “in cloud-service engagements, buyers [users] just need to care about the service [level or quality] without worrying about its implementation” (Khan, 2009).

A simple example – if your organization is a user of Microsoft Excel®, typically, your organization would have a client-server networked computing environment with Excel running off an application server and/or off numerous Microsoft Windows®-based desktop PCs and laptops – collectively known as fat clients. In a cloud computing environment, your organization invests in thin clients (low cost scaled-down desktop PC and laptops) networked to the server to access a spreadsheet application from the “cloud”. In the case of an individual, if you have a broadband connection to the Internet, you can use an inexpensive laptop, for e.g. a netbook (from your home or neighbourhood Starbucks) to access a spreadsheet application from the “cloud”. Furthermore, most cloud computing services for the individual are free.

Obviously, organizations have greater computing needs and the cloud computing service providers have more to offer than just spreadsheets.

Stroh, Acker & Kumar ideally define cloud computing as, “Cloud computing is nothing more than the collection of computing software and services that can be accessed via the Internet rather than residing on a desktop or internal servers. Such services include applications as simple as e-mail – Yahoo! Mail, Google’s Gmail, for example – or as complex as Salesforce.com, which helps manage customer relations and sales leads” (2009).

Cloud computing evolved from Software as a Service (SaaS), and will lead to increased:

• Virtualisation
• Usability
• Collaboration
• Scalability
• Standardisation

Cloud computing collectively propagates:

• Infrastructure as a Service – defined as the fully outsourced delivery of computer or computing infrastructure as a service. In the business model’s upstream, the cloud-infrastructure providers can dynamically allocate the required resources to cloud-service providers. Downstream, this means that end-user businesses do not need to purchase or own computer hardware, software and related equipment.
• Platform as a Service – defined as the ability to provide all the necessary facilities to support the complete process of developing and delivering Web applications and services to cloud-service providers and end-users.
• Software as a Service – defined as service-on-demand where cloud-service providers will license customized software for end-user use for the duration of the service agreement.

2.0 Major cloud computing vendors and popular cloud-services available today

2.1 The major vendors are:

• Amazon http://aws.amazon.com/ec2/
• Google http://www.google.com/apps/intl/en/business/index.html
• Hewlett Packard http://www.hpl.hp.com/research/cloud.html
• IBM http://www.ibm.com/grid/
• Microsoft http://www.microsoft.com/azure/default.mspx
• Salesforce.com / Force.com http://www.salesforce.com/cloudcomputing/

2.2 Popular cloud-service offerings are:

• E-Mail
• Human resource management (HRM) applications
• Office applications
• Customer relationship management (CRM) applications
• E-Procurement applications
• Remote backup and storage
• Project management applications

3.0 Why is cloud computing gaining interests?

So, why is cloud computing gaining interests? While the critics and supporters of cloud computing continue to debate on the virtues of cloud computing, “… more and more companies are quietly making the transition, and they are finding that Web-based computing services can provide the power, low costs, functionality, flexibility, and mobility that has long eluded traditional enterprise computing” (Stroh et al, 2009).

Business sustainability issues and challenges in the following areas have also driven companies to explore alternative solutions and acted as a catalyst for high technology solution providers to innovate.

i) Increasing total costs of ownership – upgrades, maintenance, and obsolescence

Traditional enterprise computing systems require regular hardware and software upgrades and maintenance. The introduction of new technologies has shortened product lifespan thus accelerating obsolescence, and increases the need for hardware and software refresh.

ii) Cost savings

The overall need of firms to drive down costs in operations, production and wastes to maintain competitiveness can only go as far as not compromising on product and service quality and efficiency in order to continue to meet customer expectations and satisfaction. Other areas of cost savings can come from a reduction on capital expenditure and maintenance costs of enterprise computing systems.

iii) Risk of new computer system project failure

Growing firms, for e.g. SMEs, new to adopting enterprise computing solutions may reconsider the high acquisition cost and unproven usage and maintenance capability in favour of alternative computing solutions with lower risks.

iv) Human capital

Failure to hire and retain skilled computer human resources is becoming more prevalent today. In some less-developed countries, there is a shortage of skilled computer systems and technology manpower, and the issue can be further aggravated when universities produce graduates equipped with the wrong skills and knowledge compared to industry needs, probably due to the fast pace of change in the industry.

3.1 The key advantages of cloud computing

• Reduced hardware and software acquisitions i.e. reduced capital expenditure
• Lower hardware and software maintenance costs
• Up-to-date software functionality from regular software updates
• Greater accessibility and mobility (a basic laptop, broadband Internet connection, a free operating system and Web browser such as open source Linux® (e.g. Fedora®, Ubuntu®, etc) and Firefox®
• Pay-for-what-you-use
• Flexibility and agility – companies can easily increase or decrease their computing needs
• Increased collaboration with suppliers and customers at a lower transaction cost
• Companies can focus more on business challenges such as markets and competition, marketing and demand generation, product development and innovation, profitability and sustainability without worrying about the implementation and maintenance of enterprise computing infrastructure

4.0 Major concerns, issues and challenges

While the benefits of cloud computing are clear, corporate buy-in is slower than expected chiefly due to the following areas:

i) Security and Reliability

Security and reliability concerns about storing corporate data with a third party continue to be debated. “For some corporate users, keeping the cloud in-house alleviates the security and privacy concerns that can come with running key applications and data outside the company. However, cloud providers insist that data is safer and less vulnerable with them” (No Man is, 2009). This is generally true because cloud-service providers offer and maintain state-of-the-art facilities and implement security updates immediately as the nature of their business pose a higher risk.

Also, there is on-going debate among technology gurus on the issue of data residency – the time delay between data being requested and delivered i.e. a question on performance in a real business environment.

ii) Privacy and Confidentiality

This issue is closely related to security and reliability. While cloud-service providers may implement high system security measures to ensure and enhance reliability, the human element of potential greed and corruption among the cloud-service providers’ employees of lesser ethics still appear as a point for concern.

iii) Responsibility and Accountability

The level of responsibility and accountability expected by end-users versus what the cloud-service providers are liable to in their service level agreements (SLA) differs. Cloud-service providers cannot afford to extend too much in terms of responsibility and accountability should security or data privacy become breeched as doing so would severely increase their business risks. Thus, it is the norm that cloud-service providers limit themselves to ensuring that the latest security measures are in place and every precaution is checked and double-checked. However, should breeches or failure occur, to what extend are cloud-service providers answerable? Are the answers in long drawn-out legal suits?

iv) Cost savings doubts

In a study conducted by McKinsey & Co., and published in March 2009, McKinsey based their research on Amazon.com’s Web service offering and concluded that it would cost more than double! (Clearing the Air, 2009).

“Forbes, The Wall Street Journal, The New York Times and others have all written pieces quote the report saying ‘clouds are NOT very cost-effective’” (Cohen, 2009).

v) Too many cloud computing platforms?

As cloud computing represents one of the next growth areas in information and communication technology for the IT industry, several cloud computing players exist today championing their flavour of the cloud computing platform, creating some confusion, and leading to concerns and questions about standards and interoperability.

5.0 The future of cloud computing

As companies continue to be driven to reduce costs or better manage costs in the increasingly competitive regional, international or global market, cloud computing is a fast emerging technology that is revolutionizing information and communication infrastructures, providing flexibility and potential cost reductions.

Hardware, software or applications are becoming increasingly costly to maintain as business volumes grow. Thus, with cloud computing, the pricing model of pay-for-what-you-use or rent-what-you-need removes the need for costly capital expenditure in acquiring, implementing and maintaining an enterprise computing system infrastructure. In this aspect, cloud computing can replace corporate private datacentres and multi-dedicated server infrastructures.

Cloud computing enables companies to utilize standard applications or develop and deploy customized applications, and monitor and scale those applications using resources accessed over the Internet.

Presently, cloud computing is still in the infancy stage, where companies and individuals use it for small projects or simple needs, for e.g. office applications. For a greater rate of adoption to take place, a higher level of trust or business buy-in must be achieved in the critical areas of security, privacy and reliability.

References:

Clearing the Air on Cloud Computing. (2009). McKinsey & Co., March 1. Downloaded from http://uptimeinstitute.org/content/view/353/319/

Cloud Backup Tutorial: How to Leverage Cloud Backup Services, Part 1. (2009). SearchDataBackup.com, July 1. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Cloud Backup Tutorial: How to Leverage Cloud Backup Services, Part 2. (2009). SearchDataBackup.com, July 1. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Cloud Computing: Latest Buzzword or a Glimpse of the Future? (2009). CBS Interactive, Inc., February 1. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Cloud Computing: What is its Potential Value for Your Company? (2009). CBS Interactive Inc., February 1. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Cohen, Reuven. (2009). “McKinsey & Co: Clearing the Air on Cloud Computing”. ElasticVapor.com, April 16. Downloaded from http://www.elasticvapor.com/2009/04/mckinsey-co-clearing-air-on-cloud.html

Hosted Enterprise Cloud: The Cloud of Efficiency. (2009). NaviSite Inc., May 22. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Khan, Imrana. (2009). “Cloud Computing set to go Mainstream.” Outsourcing, Issue #13: July – August, pp. 30-31

Nellutla, Thirumal & Teoh, John. (2008). “Cloud Computing”. IBM Corporation, Illinois Digital Government Summit, September 15.

No Man is an Island: The Promise of Cloud Computing. (2009). Knowledge @ Wharton, April 1. Downloaded from http://knowledge.wharton.upenn.edu/article.cfm?articleid=2190

Ortiz, Joseph. (2009). “Slash Storage Costs, Archive to the Cloud.” Storage Switzerland LLC, August 1. Downloaded from http://whitepapers.businessweek.com/data/search?site=bw&qp=site_abbrev%3Abw&qg=VENDOR&cp=bpres&cr=bpres&st=1&qt=Cloud+backup+tutorial%3A

Stroh, Stefan; Acker, Olaf & Kumar, Aneesh. (2009). “Why Cloud Computing is Gaining Strength in the IT Marketplace.” Strategy & Business: Leading Ideas, June 30. Downloaded from http://www.strategy-business.com/li/leadingideas/li00131

Timbuong, Jo. (2009). “Cloud Computing set to Shine”. The Star, InTech, August 18, p. IT15

Timbuong, Jo. (2009). “Red Hat Takes to the Cloud”. The Star, InTech, August 18, p. IT15