Part 2 - Cloud Definitions

Video Activity

This lesson covers cloud definitions and opens with NIST SP 800-145 which defines cloud computing as, "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction." In addition, p...

Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

5 hours 31 minutes
Video Description

This lesson covers cloud definitions and opens with NIST SP 800-145 which defines cloud computing as, "a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction." In addition, participants also learn about: • Managed service providers • Cloud computing definitions o Anything as a service o Business continuity o Cloud applications o CAMP (Cloud Application Management for Platforms) o Cloud Backup o Cloud Migration o Cloud Portability o Cloud provisioning o Desktop as a Service o Infrastructure as a Service o Platform as a Service o Software as a Service

Video Transcription
Okay, So just to get us started Ah, we wanted just reference at least the mist special publication that defines the cloud and some of the service's that are available. So that is Miss Special Publication 800-1 45
and just gonna read this for you because I think that it's significant. Cloud computing is a model for enabling ubiquitous so everywhere that accessibility that global accessibility convenient on demand network access
to a shared pool of configurable computing resource is
so ultimately, this idea is on demand. This wherever I wanted to shared resource is whether their networks storage specific applications, mechanisms, whatever there's elements, maybe,
and we want to be able to create them rapidly, rapidly provisioned and released with minimal management effort or serve service provider interaction. So NOUs lays out the groundwork, lays out what our plans are when our hopes, our what our goals are for the cloud.
So when we talk about this idea of a managed service provider, this a term we want to start off with.
So this is the company that remotely manages our I T infrastructure and or end user systems. So this is the environment that many of us may be coming from as we shift over to the clouds, sort of a predecessor of the cloud. So ultimately,
maybe we were smaller organization. We didn't have qualified staff and house.
Perhaps We turn this over to an organization that I work for managed service provider for many years where we would remotely you know they would. Essentially, they're still outsourcing their infrastructure. But the infrastructure resigned on their premises,
and we would be able to remotely access those servers and their service is
and provide them the elements of networking in the elements of application security access that they would need. So ultimately, the technology still resides on the client site. The client has full ownership of everything has all the decision making,
but it was still managed and serviced by an outsourced entities. So I worked for service provider and we had many organizations, you know, maybe 50 employees couldn't afford a full time I t staff and really not the i t infrastructure that was necessary.
You know, we would come in and kind of advise them,
and then we would continue maintaining troubleshooting the monitoring and in those sorts of activities and one of the things was they would commit. They signed a contract with us and then on a monthly baby basis they pay for our service is so whether we were managing their
infrastructure once a month or whether they were having many problems and we were
manipulating resource is every day for a month, they had the same predictable cost. Now, that's great, because we know what to expect. But there isn't that elasticity that the more I need, the more I pay in, the less I need, the less I pay that really comes to us is a benefit of the cloud.
So we're gonna talk about manage Service's versus the cloud in just a few minutes. But I want to go through some definitions here, and I'm not gonna cover every single definition. But I do want to point out a couple of things.
All right, so
we'll get anything is a service. And I mentioned that earlier. When you see that A s lower case, a lower case, a capital s, whatever goes in front of that is implied that it's being accessed through the Internet as opposed to being hosted on cider provided locally.
So whether it's business continuity, desk cop platform infrastructure, any of those elements that are
as a service are provided within the cloud
so you could see business continuity. And let me just go back and mention that the this document we looked at just a couple of minutes ago specifies three elements as a service platform. Software and infrastructure is a service, but from there we're branching out into all sorts of other service is
that could be provided in the flowers? Well, so business continuity is but one of them
aren't cloud applications. So here we have applications that aren't installed locally, better access through the cloud. So you may be familiar with those who may be already working with cloud based applications, but it gets us away from some of the issues of having to install the software locally on a particular machine
on. We'll talk about some of the back,
the benefits there,
um, you know, and again you can look at these definitions yourself. I'm gonna hit kind of the ones that I think are most important.
So cloud back up, back up to a remote cloud based server. We've been doing cloud backup for 20 years. You know, if you've ever e mailed yourself a file because it was important and you wanted to make sure it was backed up, you wanted to make sure it was available anywhere. That's, you know, that's cloud storage. That's cloud backup.
So now we've got a little bit more formalized structure for doing that. We're backing up our file servers,
uh, it within our organizations. But it's still the same concept.
Portability, cloud portability. So being able to move applications in and out of the cloud, being able to transfer from one cloud provider to another, making sure we can move things to the cloud, remove them from the cloud in a secure fashion. All that has to do with portability.
All right, a few more definitions, cloud provisioning. That's a term that's gonna come up in the term provisioning as well. So here we're looking at the actual deployment. We're gonna implement our strategy, we're gonna deploy it. So all the things that we need to do to interface with cloud applications
monitoring automatic security, ease of utilization following the principle of Lise privilege, Essentially, what we're doing is deploying. Moving to the cloud we are moving to the cloud when we talk about cloud provisioning. So making sure all of those elements for access
are provided in are structured force.
All right, I mentioned Death Cup is a service. Infrastructures of service. Platform is the service software's of service.
Anything, as the service is gonna be delivered through the cloud
I A s p a s s a s, we're gonna get into in a little bit more depth.
Desktop is a service is essentially very comparable to what we've seen in the old days of remote desktop service is, or even prior to that terminal service is if you've ever accessed a Web form. You know, maybe you citrate, sir, you've logged onto your company's web providers or, uh,
you know, file servers that are actually arranged A cloud.
Ah, that are actually structured as a logical entity. That's desktop. Is the service
all right? Virtual cloud computing. I'm sorry. Vertical cloud computing. So the idea there is using the cloud across on industry specific environment. So maybe for each industry, they're being perhaps a community cloud,
uh, or a specific application that's available across those.
all right. Public cloud versus private cloud. Just exactly what it sounds like. A my accessing a cloud provider that anyone in the general public and access and store their information on. Is it hosted at a cloud provider? While you know the difficulty with that, maybe privacy and security issues.
Private cloud means the storage is hosted within my organization and I have much more exclusive control over access doesn't necessarily make it more secure because the responsibility is on me, but I do have greater control.
Up Next
ISC2 Certified Cloud Security Professional (CCSP)

This online course will guide you through the contents of the CCSP certification exam. Obtaining your CCSP certification shows that you are a competent, knowledgeable, cloud security specialist who has hands-on experience in the field.

Instructed By