Tip:
Highlight text to annotate it
X
The term Cloud Computing has been casually thrown around
by marketing professionals, but it's actually
a very good way of deploying applications
in ways that are very flexible.
In this video, we'll look at a number of different ways
that cloud computing can be used,
and I think after watching this video,
you'll find you're already taking advantage of resources
and applications that are using these cloud computing
infrastructures.
The first implementation of cloud computing
that we'll look at is called platform as a service.
You may see this abbreviated as PaaS.
In platform as a service, you don't have any software.
You don't have any hardware.
You don't maintain a data center.
There's no heating and there's no cooling.
You are just the end user.
And you're taking advantage of someone else's infrastructure
and simply using the platform that they've
created to run your application or take advantage of a service.
The challenge from a security perspective
though is that you do not have direct control over any
of this infrastructure.
You can't touch the application.
You don't have control over the security of a server.
You don't handle the server patching.
So you may not have a direct security control
over when those types of patches are applied.
There is a completely different group
of trained professionals that are
in charge of keeping that service running.
And they're going to make sure that you have access
to this platform, and you're able to use
the resources on this platform.
But everything behind the scenes is
something that is hands-off from you directly.
A good example of platform as a service is salesforce.com.
Salesforce.com is a customer relationship manager, or CRM.
And they provide a very flexible front end
that allows you as the end user to customize exactly how you
would like to use their platform.
On the back end are the servers and the databases,
but generally speaking, you don't even
have to worry about that part.
In fact, you hardly ever see that part of the platform.
This allows every single customer
to create an experience that's specific for them.
And they don't have to worry at all of the platform that's
providing that service on the back end.
In the past, if you wanted to provide payroll services
for your organization, you would need to go to a third-party.
You would purchase their software application.
You would bring it inhouse and generally
install it on your own servers.
And then you would be able to create the payroll
and process that payroll every month.
With software as a service, we've taken that entire process
and made it completely turnkey.
In fact, the software is usually posted somewhere else
through a third-party.
And all we simply do is log on to their services
to be able to perform that particular tasks.
So this way you wouldn't necessarily
need to run your own mail server inside of your organization,
or even have your own accounting department
with their own platform to be able to provide that payroll
service.
All you would need to do is log into this software as a service
and use the software hosted through a third-party
and managed through a third-party
to perform these particular tasks.
From a security perspective, using software as a service
is very different than having your own servers running
your own software in your organization.
Take for example payroll.
If we use software as a service, we're
connecting to a third-party and using their resources,
and putting all of our payroll information
on that centralized database that's somewhere else.
Of course, that database is ideally private to us,
but it is something that's now stored
outside of our organization.
So we have to think about what type of data
we're putting into the cloud, and if someone
was to gain access to that information,
how would that affect our organization.
A good example of software as a service
is something like Google Mail, or any of the other hosted mail
services.
We're not running our own email client.
We don't have our own email server.
We don't have to maintain the mail exchange
information in our DNS.
All of that is handled separately
through this software that's running
on someone else's computers.
And of course, it keeps all of our information private.
We authenticate into this cloud, to the software
as a service on this mail server,
but of course we're always concerned
about someone else also authenticating as us
and gaining access to that data.
Another implementation of cloud computing that you may see
is infrastructure as a service.
You may hear this also called hardware as a service,
because we are simply acquiring hardware
that we could use for our own software.
In fact, this hardware may not even
have an operating system on it.
We are simply taking advantage of hardware
that may be located in one or multiple places
anywhere in the world.
From a security perspective of course,
we're still responsible for this.
In fact, we're even more responsible for this,
because now we are in charge of securing the operating system.
We're in charge of securing the software that
is running on this hardware.
The data is still out in the cloud.
It's outside of our organization.
So we have to be very careful about how we implement security
on this hardware that we are acquiring in the cloud.
You might see infrastructure as a service used if you ever
want to build your own web server,
but you didn't want to do it on a shared resource.
You wanted your own hardware that you
would run your own software on.
In fact, you would have complete control
of the operating system.
You might also see this if you were hosting an email service
externally.
And you had your own software for email,
and you wanted to control that software,
and you just need hardware that was located in the cloud
to be able to run that.
And of course, this also allows you to very easily scale,
because all of the hardware is located somewhere else.
You're not having to purchase new hardware.
You simply buy the hardware in the cloud
and load your software on it as you need to expand capacity.
Up to this point we've always talked about the cloud
as being something that's outside of our organization,
external, and we don't really have control over it.
But the reality is that we could build a cloud anywhere,
including in our private data center.
And it's very common these days to see a private cloud
that we can then pull our own servers out of the cloud
and deploy our own infrastructure as a service,
or deploy our own platforms as a service
internally within our organization.
You generally see this with larger organizations that
have multiple data centers, but it
can be done in any type of environment.
The kind that we usually talk about when
we refer to cloud computing is generally the public cloud,
where everyone has access to these resources that
are located anywhere in the world.
And occasionally there might be a mix
of these-- a hybrid of public and private.
It depends on how your application
is used in your environment.
You might want to keep your data local,
but have the platform as a service located externally
in the public cloud.
You may also see a community model of cloud computing, where
there might be a central resource in the cloud,
like a mail server, and multiple organizations
are using that exact same resource
to be able to use that service.
Something that allows the cloud provider
to scale up very easily and support
many different customers all on the same platform.