Learn About the Cloud
Learning Objectives
After completing this unit, you’ll be able to:
- Describe cloud computing.
- Explain the benefits of cloud computing.
- List cloud services.
- Describe where cloud resources are hosted.
- Describe types of cloud computing models.
What Is Cloud Computing?
Before the cloud, companies purchased their own computer systems to run their business. But, it became clear that while all an organization’s computer systems were running, there were only a few of these systems that were completely busy at any given moment. As a result, a new way of using server hardware was developed called virtualization. Virtualization enables a single server to run the operating systems and applications from multiple servers simultaneously. This process consolidates workloads onto fewer servers, increasing their utilization and saving money.
Cloud computing helps companies achieve agility, durability, and global scalability of their technology resources. Entrepreneurs built enormous data centers, filled with generalized computer hardware, and rented out portions of this infrastructure to their customers to run their virtualized applications there, instead of on their own hardware. With that development, the cloud was born.
The cloud is a collection of virtualized, software-defined information technology (IT) functions that have been abstracted from the hardware. Think of your computer’s hard drive, which is where you store your photos, documents, and music. Your hard drive is like your own personal storage warehouse. Now picture a giant warehouse filled with hard drives. This is basically a physical data center. The cloud is like renting a hard drive in that warehouse instead of using your own hard drive to store photos, documents, and music. And not only can you store things, but you can also run programs from that warehouse, vs. running programs from your own computer. The hard drives and other computing resources like RAM, are all taken care of by the owner of the warehouse.
Why Cloud Computing?
Why does someone use shared public transportation versus driving a private car? The benefit is that you don’t have to do it yourself. The time you spend driving yourself can be spent doing something else, thereby providing the potential to improve your productivity. Just like public transportation, there are some common benefits that cloud computing provides.
-
On-demand resources and rapid elasticity: Moving the cost of running applications on expensive, company-owned hardware assets to a cloud model where the price is a recurring operating cost is very attractive. The cloud offers businesses more flexibility overall versus hosting on a local server. If you need extra bandwidth, a cloud-based service can meet that demand instantly, rather than undergoing a complex (and expensive) update to your IT infrastructure. This improved freedom and flexibility can make a significant difference to the overall efficiency of your organization. The ability to quickly meet business demands is one of the most important reasons a business moves to a cloud environment.
-
Broad network access: Cloud capabilities are available over the network and accessed through standard mechanisms that promote use by different devices, such as mobile phones and laptops.
-
Resource pooling: The provider’s computing resources are pooled together to serve multiple customers, with different physical and virtual resources dynamically assigned and reassigned according to the customer’s demand. Multitenant clouds, which allow customers to share computing resources, provide a lower cost for running an application and maintaining it.
While there are many upsides to cloud computing, there are also some challenges. One is downtime. Since cloud computing systems are internet-based, service outages are possible and can occur for any reason. Another consideration is security and privacy. Although cloud service providers (CSPs) implement the best security standards and industry certifications, storing data and important files on external services may open up risks. Additionally, in cloud computing, every component is online, which exposes potential vulnerabilities. Because of this, even the best teams can experience security breaches from time to time. This is why it’s key to make security a core aspect of all IT operations. Part of your job as a cloud security engineer is to help minimize these risks.
Cloud Services
Cloud computing is the storing and accessing of data and programs over the internet as an alternative to the local computer’s or server’s hard drive. CSPs offer services like compute, storage, databases, and migration, among others. Let’s take a closer look at each of these.
Cloud Service |
Description |
---|---|
Compute
|
Using servers/serverless resources to support workloads and provide bandwidth that can be easily scaled, allowing you to build, deploy, and manage applications efficiently. |
Storage
|
Storing data online so that it can be accessed from multiple distributed and connected resources, allowing easy accessibility, increased reliability, and quick deployment of applications. |
Databases
|
Software development is moving to the cloud, and databases are no exception. Performing transactions, searching, analyzing, indexing, querying, reading, and writing data are just some of the things you can do with databases in the cloud. |
Migration
|
Moving applications and data from on-premise hosting to the cloud, including providing backup and restoration services. |
Software-defined networking
|
Using a network architecture approach that enables the network to be intelligently and centrally controlled using software applications. This provides admins the ability to dynamically adjust network-wide traffic flow to meet changing needs. |
Public key infrastructure (PKI)
|
Making use of a set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. |
Key management service (KMS)
|
Employing a service that makes it easy for you to create and manage cryptographic keys and control their use across a wide range of services in your applications. |
Secrets management
|
Operating tools for managing digital authentication credentials (secrets) including passwords, keys, and tokens for use in applications, services, privileged accounts, and other sensitive parts of the IT ecosystem. |
Where Cloud Resources Are Hosted
If your organization is like the majority of modern enterprises out there, you’re probably using a combination of private, and public cloud computing. Let’s take a closer look at where cloud resources are hosted.
-
Private cloud: A private cloud is a computing service offered either over the internet or a private internal network, and only to select users instead of the general public. The CSP takes care of hosting infrastructure while you focus on virtual machines and applications. Private cloud gives your organization the flexibility to customize the environment to meet specific business needs and control resources. It’s a single-tenant environment, meaning the organization using it (the tenant) does not share resources with other users. Like your private residence, when using a private cloud, you control who you invite into your home. You are the only person who has the keys.
-
Public cloud: A public cloud is a computing service offered by third-party providers over the public internet, making them available to anyone who wants to use them. The public cloud provider owns and administers the data centers where the customers’ workloads run. The public cloud is like a hotel. You book a room, and the concierge decides who enters the hotel and what the guests are allowed to do. The concierge provides you with the key to your room. Nevertheless, the concierge has a duplicate key to your room for housekeeping services, and so forth. You have to trust the concierge, just as you have to trust your cloud provider.
-
Hybrid: Many modern organizations use some combination of physical, virtual, private, and public cloud computing. The cloud may be a good thing, but not for every part of your IT environment. That’s why many organizations have adopted a hybrid cloud approach. Keeping certain elements in the private cloud while moving less sensitive applications to the public cloud may be the best strategy for your organization. To prepare for a cloud migration, IT personnel need to understand how hybrid clouds work and whether it is the best decision for their infrastructure. A heterogeneous approach like this can significantly improve the affordability and efficiency of your IT resource use, but it also complicates your cybersecurity posture if your toolset can’t keep up.
-
Multi-cloud: While hybrid involves having some resources in the cloud and some maintained in physical systems, multi-cloud involves using different CSPs for different situations. Like a hybrid environment, this can present some challenges to security due to lack of visibility across hosts and services, possibly making it easier for hackers to find exploitable vulnerabilities.
Types of Cloud Computing Models
In general, CSPs provide three types of models: Infrastructure, Platform, and Software.
Cloud Computing Model |
Description |
---|---|
Infrastructure as a Service (IaaS)
|
IaaS lets customers run virtualized applications on a rented infrastructure instead of their own hardware. An example is virtual machines, which use software instead of a physical computer to allow you to operate multiple operating systems at the same time. |
Platform as a Service (PaaS)
|
Sitting between IaaS and Software as a Service (SaaS) in terms of functionality and responsibility is PaaS. This includes services where the cloud provider manages much more of the underlying infrastructure, such as operating system patching, and abstracts away a lot of the work for users, who in this case acquire a stable environment to run containers. PaaS is becoming increasingly prevalent. |
Software as a Service (SaaS)
|
Some cloud providers offer up the infrastructure to run applications with managed services, like databases that a customer does not need to patch and maintain, or even complete application environments themselves. This is known as SaaS. If you’ve ever used Gmail, or something like it, then you’ve used SaaS. |
Resources
- External Link: Fortinet: The Evolution of Cybersecurity (login required)
- External Link: Center for Internet Security (CIS): Shared Responsibility for Cloud Security: What You Need to Know