Cloud Computing – CompTIA Security+ SY0-401: 1.3



The term Cloud Computing has
been casually thrown around by marketing professionals,
but it's actually a very good way of
deploying applications in ways that are very flexible. In this video, we'll look at
a number of different ways that cloud computing
can be used, and I think after
watching this video, you'll find you're already
taking advantage of resources and applications that are
using these cloud computing infrastructures. The first implementation
of cloud computing that we'll look at is called
platform as a service. You may see this
abbreviated as PaaS. In platform as a service,
you don't have any software. You don't have any hardware. You don't maintain
a data center. There's no heating and
there's no cooling. You are just the end user. And you're taking advantage of
someone else's infrastructure and simply using the
platform that they've created to run your application
or take advantage of a service. The challenge from a
security perspective though is that you do not
have direct control over any of this infrastructure. You can't touch the application. You don't have control over
the security of a server. You don't handle
the server patching. So you may not have a
direct security control over when those types
of patches are applied. There is a completely
different group of trained
professionals that are in charge of keeping
that service running. And they're going to make
sure that you have access to this platform, and
you're able to use the resources on this platform. But everything
behind the scenes is something that is hands-off
from you directly. A good example of platform as
a service is salesforce.com. Salesforce.com is a customer
relationship manager, or CRM. And they provide a
very flexible front end that allows you as the end user
to customize exactly how you would like to use
their platform. On the back end are the
servers and the databases, but generally speaking,
you don't even have to worry about that part. In fact, you hardly ever see
that part of the platform. This allows every
single customer to create an experience
that's specific for them. And they don't have to worry
at all of the platform that's providing that service
on the back end. In the past, if you wanted
to provide payroll services for your organization, you would
need to go to a third-party. You would purchase their
software application. You would bring it
inhouse and generally install it on your own servers. And then you would be
able to create the payroll and process that
payroll every month. With software as a service,
we've taken that entire process and made it completely turnkey. In fact, the software is
usually posted somewhere else through a third-party. And all we simply do is
log on to their services to be able to perform
that particular tasks. So this way you
wouldn't necessarily need to run your own mail server
inside of your organization, or even have your own
accounting department with their own platform to be
able to provide that payroll service. All you would need to do is log
into this software as a service and use the software hosted
through a third-party and managed through
a third-party to perform these
particular tasks. From a security perspective,
using software as a service is very different than having
your own servers running your own software in
your organization. Take for example payroll. If we use software
as a service, we're connecting to a third-party
and using their resources, and putting all of our
payroll information on that centralized database
that's somewhere else. Of course, that database
is ideally private to us, but it is something
that's now stored outside of our organization. So we have to think
about what type of data we're putting into the
cloud, and if someone was to gain access
to that information, how would that affect
our organization. A good example of
software as a service is something like Google Mail,
or any of the other hosted mail services. We're not running
our own email client. We don't have our
own email server. We don't have to maintain
the mail exchange information in our DNS. All of that is
handled separately through this software
that's running on someone else's computers. And of course, it keeps all
of our information private. We authenticate into this
cloud, to the software as a service on
this mail server, but of course we're
always concerned about someone else also
authenticating as us and gaining access to that data. Another implementation of cloud
computing that you may see is infrastructure as a service. You may hear this also
called hardware as a service, because we are simply
acquiring hardware that we could use
for our own software. In fact, this
hardware may not even have an operating system on it. We are simply taking
advantage of hardware that may be located in
one or multiple places anywhere in the world. From a security
perspective of course, we're still
responsible for this. In fact, we're even more
responsible for this, because now we are in charge of
securing the operating system. We're in charge of
securing the software that is running on this hardware. The data is still
out in the cloud. It's outside of
our organization. So we have to be very careful
about how we implement security on this hardware that we
are acquiring in the cloud. You might see infrastructure
as a service used if you ever want to build your
own web server, but you didn't want to do
it on a shared resource. You wanted your own
hardware that you would run your own software on. In fact, you would
have complete control of the operating system. You might also see this if you
were hosting an email service externally. And you had your own
software for email, and you wanted to
control that software, and you just need hardware
that was located in the cloud to be able to run that. And of course, this also allows
you to very easily scale, because all of the hardware
is located somewhere else. You're not having to
purchase new hardware. You simply buy the
hardware in the cloud and load your software on it
as you need to expand capacity. Up to this point we've
always talked about the cloud as being something that's
outside of our organization, external, and we don't
really have control over it. But the reality is that we
could build a cloud anywhere, including in our
private data center. And it's very common these
days to see a private cloud that we can then pull our
own servers out of the cloud and deploy our own
infrastructure as a service, or deploy our own
platforms as a service internally within
our organization. You generally see this with
larger organizations that have multiple data
centers, but it can be done in any
type of environment. The kind that we
usually talk about when we refer to cloud computing
is generally the public cloud, where everyone has access
to these resources that are located anywhere
in the world. And occasionally
there might be a mix of these– a hybrid
of public and private. It depends on how
your application is used in your environment. You might want to
keep your data local, but have the platform as a
service located externally in the public cloud. You may also see a community
model of cloud computing, where there might be a central
resource in the cloud, like a mail server, and
multiple organizations are using that
exact same resource to be able to use that service. Something that allows
the cloud provider to scale up very
easily and support many different customers
all on the same platform.

One Comment

  1. Fabio Jesus said:

    Fantastic Video!

    June 27, 2019
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *