From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering

What is the cloud?

From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering

Start my 1-month free trial

What is the cloud?

- Cloud computing is the most transformative development in information technology in the past decade. Organizations around the world are retooling their entire IT strategies to embrace the cloud and this change is causing disruptive impact across all sectors of technology, but what is the cloud? Let's start with a simple definition. In my view, cloud computing is any case where computing services are being delivered to a customer at a remote location over a network. Now this definition is broad and it encompasses many different types of activity. When you access your Gmail account, you're making use of cloud computing. Google is providing you with email service over the internet. You don't need to know or care about the massive technical infrastructure that makes Gmail work. You simply open your web browser and visit the site. All the technology magic is transparent to you. When you build a server in Amazon Web Services you're also making use of cloud computing. Amazon presents you with what appears to be your very own server, but the reality is that it's a virtualized server, running in a massive Amazon data center on hardware shared with many other customers. Again, the technology that makes this happen remains invisible to you. When you write a script that automatically follows up with your customers in Salesforce you're also making use of cloud computing. You might've written the code to make the follow up email happen, but that code is being executed on top of Salesforce's massive cloud-based platform. Once again, you don't need to worry about how your code is executed. You depend upon Salesforce to manage those details and my simple definition of cloud computing is good enough for a conceptual understanding, but we should also take a look at a more formal definition. Here's the definition used by the National Institute for Standards and Technology or NIST. NIST defines cloud computing as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources, for example, networks, servers, storage, applications and services that can be readily provisioned and released with minimal management effort or service provider interaction. Now that's a really long definition. So let's pick it apart a little bit. Cloud computing is ubiquitous and convenient. The resources of the cloud are everywhere. No matter what cloud solution I use. If I have access to the internet I can reach those resources. Cloud computing is also on-demand. In most cases I can create and destroy cloud resources on and as needed basis. If I need a new server, I can click a few buttons and have one running in a matter of seconds. We've talked about network access already. Cloud resources are usually accessible over the internet but in the case of private clouds they may also be only on private networks. Many of the key benefits of the cloud derived from the fact that it uses a shared pool of resources that may be configured for different purposes by different users. This sharing allows oversubscription, because not everyone will use all of their resources at the same time and it achieves a economy of scale. The resources that are accessed maybe any type of computing service. We'll dive into this more later in the course but cloud computing may allow access to networking, servers, storage, applications and other services. Cloud resources can be rapidly spun up as needed and this is normally done in a self-service fashion. You don't need to call AWS and ask them to get a new server ready for you, the cloud just works and from the perspective of a typical user, it presents seemingly infinite capacity.

Contents