What cloud computing means
The classic NIST definition describes cloud computing as convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released. In practical terms, a business rents compute, storage, databases, networking and higher-level services instead of building every platform itself.
Cloud is not automatically cheaper or safer. It is a different operating model: more automation, faster provisioning, more self-service, and more responsibility to design governance correctly.
Service and deployment models
| Model | What you manage | Typical use |
|---|---|---|
| IaaS | Virtual machines, networks, storage, operating systems and applications. | Lift-and-shift, custom platforms, legacy workloads. |
| PaaS | Application code, data and configuration. | Web apps, APIs, managed databases, integration platforms. |
| SaaS | User access, data, configuration and vendor governance. | CRM, email, HR, collaboration, ITSM. |
| Private cloud | Dedicated cloud-like platform in your own or hosted environment. | Strict control, legacy integration, regulatory or latency needs. |
| Hybrid / multicloud | Architecture, identity, networking, policy and operations across environments. | Enterprises mixing on-prem, colocation and multiple public clouds. |
Why landing zones matter
A cloud landing zone is the prepared environment where workloads can be deployed safely. It normally includes account or subscription structure, identity, network topology, logging, security policies, encryption standards, backup, tagging, cost controls, CI/CD patterns and operational monitoring.
Without a landing zone, early projects move quickly but create scattered accounts, inconsistent permissions, hidden public exposure, duplicated networks and unclear ownership. The fix later is usually painful.
Security and shared responsibility
Cloud providers secure the underlying cloud infrastructure. Customers still configure identities, access rules, data protection, application security, keys, workloads and monitoring. The exact split depends on whether the service is IaaS, PaaS or SaaS.
For Singapore organisations, pay close attention to PDPA obligations, data residency expectations, log retention, privileged access, incident notification and vendor due diligence. A cloud region in Singapore can help latency and data-location requirements, but it does not replace governance.
Reliability and architecture choices
Cloud reliability comes from architecture, not from the word "cloud". Use multiple availability zones where the workload justifies it, remove single points of failure, automate recovery, test backups, monitor service limits and design graceful degradation.
Cloud SLAs are also service-specific. A virtual machine, managed database, load balancer and object-storage bucket may each have different SLA terms. The end-to-end application SLA is usually lower than the highest single component SLA unless the architecture is explicitly designed for resilience.
Cost control and FinOps
Cloud costs are variable, which is useful until nobody owns them. FinOps practices turn cloud spend into an operating discipline: tagging, budgets, alerts, rightsizing, reserved capacity, storage lifecycle policies and showback or chargeback by team.
The common waste patterns are oversized compute, forgotten test environments, expensive data egress, unmanaged logging, premium storage used by default and AI workloads left running after experiments end.
Migration patterns
- Rehost. Move servers as-is. Fast, but rarely optimised.
- Replatform. Make small changes, such as moving databases to managed services.
- Refactor. Redesign the application for cloud-native services.
- Retire. Shut down systems that no longer have business value.
- Retain. Keep workloads on-prem or in colocation when latency, cost, licensing or regulation requires it.
Cloud buyer checklist
Sources and further reading
- NIST SP 800-145: The Definition of Cloud Computing
- AWS Well-Architected Framework: Reliability Pillar
- Microsoft Cloud Adoption Framework: Azure landing zones
- Google Cloud Architecture Framework: Reliability