Section 15.133 Security Architecture: On Premise vs The Cloud Flashcards
Objective 3.1 Compare and contrast security implications of different architecture models. Objectives 4.1 Given a scenario, apply common security techniques to computing resources
Security Architecture
Design, structure, and behavior of an organisations information security environment
On-premise versus the Cloud
Cloud Computing
Delivery of computing services over the internet, including servers, storage, databases, networking, software, analytics, and intelligence
Cloud Computing Advantages
● Faster innovation
● Flexible resources
● Economies of scale
Responsibility Matrix
Outlines the division of responsibilities between the cloud service provider and the customer
Example: A service Model Business
Cloud service provider = Manages the infrastructure
Customer (Netflix) = Handles everyting esle like Operating system, Middleware, Runtime, Data and Application
Third-Party Vendors
Provides specialised services to enhance functionality, security, and efficiency of cloud solutions
Hybrid Solutions
Combined on-premise, private cloud, and public cloud services, allowing
workload flexibility
Considerations:
● Sensitive data is protected
● Regulatory requirements are met
● Systems can communicate with each other
● The solution is cost-effectiveness
On-Premise Solutions
Computing infrastructure physically located on-site at a business
Key Considerations in Cloud Computing
1 Availability
System’s ability to be accessed when needed
Key Considerations in Cloud Computing
2 Resilience
System’s ability to recover from failures
Key Considerations in Cloud Computing
3 Cost
Consider both upfront and long-term costs
Key Considerations in Cloud Computing
4 Responsiveness
Speed at which the system can adapt to demand
Key Considerations in Cloud Computing
5 Scalability
System’s ability to handle increased workloads
Key Considerations in Cloud Computing
6 Ease of Deployment
Cloud services are easier to set up than on-premise solutions
Key Considerations in Cloud Computing
7 Risk Transference
Some risks are transferred to the provider, but customers are responsible for security
Key Considerations in Cloud Computing
8 Ease of Recovery
Cloud services offer easy data recovery and backup solutions
Key Considerations in Cloud Computing
9 Patch Availability
Providers release patches for vulnerabilities automatically
Key Considerations in Cloud Computing
10 Inability to Patch
Compatibility issues or lack of control can hinder patching
Legacy systems
Key Considerations in Cloud Computing
11 Power
● Cloud provider manages infrastructure, including power supply
● Reduces customer costs and eliminates power management concerns
Key Considerations in Cloud Computing
12 Compute
● Refers to computational resources, including CPUs, memory, and storage
● Cloud providers offer various compute options to suit different needs
