Security in the Cloud 3.7 Flashcards
On-Premise, Hosted, and Cloud
On Premise: All apps are on your local hardware and your servers are in your data center, in your building.
Hosted: Your servers are not in your building and you may not even own the hardware. Usually a specialized computing environment.
Cloud: Entire app instances can be created and torn down on demand. Resources are avail as necessary.
Cloud Storage
Popular service. Data is available anywhere you have a connection at any time. Integrates with your enterprise authentication. Can include two factor authentication. Encryption is required. Strong encryption mechanisms are critical.
Virtual Desktop Infrastructure (VDI)
You are running apps in the cloud. All of the computing power is in the data center. Has enhanced security because its all centralized and easier to manage. Changes can be tightly controlled and the data never leaves the data center.
Cloud Access Security Broker (CASB)
When clients are at work and the data is in the cloud, how do you keep everything secure? Though well defined security polices and integrating a CASB. You apply your local security policies to the cloud and use either client software, local security appliances, or cloud-base security solutions. CASB’s provide visibility and gives you the ability to see what apps are in use and if people are authorized to use them. Furthermore you can see if the users are compliant with policies.
Security as a Service (SECaaS)
Instead of paying for all the hardware for security (firewalls, routers, etc) you pay for the the virtualized security as you need it. Can be scaled up and down as needed. These security devices can sit in the cloud with continuous monitoring. This means you can react to problems very quickly because you make one change to update all your anti-virus/malware.