1 00:00:00,810 --> 00:00:02,960 Cloud computing isn't a single thing, though, 2 00:00:02,960 --> 00:00:06,180 because there are many different ways to implement the cloud. 3 00:00:06,180 --> 00:00:07,570 For the Security+ exam, 4 00:00:07,570 --> 00:00:10,230 you should know that there are four different cloud types. 5 00:00:10,230 --> 00:00:13,550 Public, private, hybrid, and community. 6 00:00:13,550 --> 00:00:15,380 The most common type of cloud architecture 7 00:00:15,380 --> 00:00:16,840 is the public cloud. 8 00:00:16,840 --> 00:00:19,190 Under this model, a service provider makes resources 9 00:00:19,190 --> 00:00:21,790 available to the end user over the Internet. 10 00:00:21,790 --> 00:00:24,530 There are numerous public cloud solutions available today, 11 00:00:24,530 --> 00:00:27,910 including those from Google, Microsoft, and Amazon. 12 00:00:27,910 --> 00:00:30,460 For example, Google Drive is a public cloud service 13 00:00:30,460 --> 00:00:33,830 that's offered both as a free and pay-for-use model. 14 00:00:33,830 --> 00:00:36,120 Public clouds can often be an inexpensive way for 15 00:00:36,120 --> 00:00:38,580 an organization to gain the required capability 16 00:00:38,580 --> 00:00:41,600 and service they need quickly and efficiently. 17 00:00:41,600 --> 00:00:44,330 The second option is what's known as a private cloud. 18 00:00:44,330 --> 00:00:46,610 This service requires that a company create its own 19 00:00:46,610 --> 00:00:49,660 cloud environment that only it can utilize as an internal 20 00:00:49,660 --> 00:00:52,350 enterprise resource to manage its cloud. 21 00:00:52,350 --> 00:00:54,790 With a private cloud, your organization is responsible 22 00:00:54,790 --> 00:00:57,550 for the design, implementation and operation of the 23 00:00:57,550 --> 00:01:00,890 cloud resources, and the servers that host them. 24 00:01:00,890 --> 00:01:03,070 For example, the United States Government runs a 25 00:01:03,070 --> 00:01:05,210 private cloud for use by different organizations 26 00:01:05,210 --> 00:01:06,420 within the government. 27 00:01:06,420 --> 00:01:09,080 But my company and yours can't get access to it, 28 00:01:09,080 --> 00:01:10,980 like we could with Google Drive. 29 00:01:10,980 --> 00:01:13,680 Generally, a private cloud is chosen when security is 30 00:01:13,680 --> 00:01:16,720 more important to the organization than cost. 31 00:01:16,720 --> 00:01:19,160 A hybrid cloud solution combines the benefits of both 32 00:01:19,160 --> 00:01:21,810 the public cloud and the private cloud options. 33 00:01:21,810 --> 00:01:24,520 Under this architecture, some resources are developed 34 00:01:24,520 --> 00:01:27,020 and operated by the organization itself like a private 35 00:01:27,020 --> 00:01:29,930 cloud would be, but the organization can also utilize 36 00:01:29,930 --> 00:01:33,000 the publicly-available resources or outsource services 37 00:01:33,000 --> 00:01:36,140 to another service provider like a public cloud does! 38 00:01:36,140 --> 00:01:38,490 Because of this mixture of private and public cloud 39 00:01:38,490 --> 00:01:41,640 resources, strict rules should be applied for what type 40 00:01:41,640 --> 00:01:44,920 of data is hosted in each portion of this hybrid cloud. 41 00:01:44,920 --> 00:01:47,940 For example, any confidential information should always 42 00:01:47,940 --> 00:01:51,310 be hosted on the organization's private cloud portion. 43 00:01:51,310 --> 00:01:54,250 Our fourth option is known as a community cloud. 44 00:01:54,250 --> 00:01:56,730 Under this model, the resources and cost are shared 45 00:01:56,730 --> 00:01:59,390 among several different organizations who have a common 46 00:01:59,390 --> 00:02:02,630 service need. This is similar to taking several private 47 00:02:02,630 --> 00:02:04,810 clouds and connecting them together. 48 00:02:04,810 --> 00:02:07,810 Now, the security challenge here is that each organization 49 00:02:07,810 --> 00:02:09,830 may have their own security controls. 50 00:02:09,830 --> 00:02:12,610 Remember, if you connect your network to another network, 51 00:02:12,610 --> 00:02:14,870 you inherit their security risks, as well. 52 00:02:14,870 --> 00:02:16,350 This doesn't change just because we've moved 53 00:02:16,350 --> 00:02:17,650 to the cloud environment. 54 00:02:17,650 --> 00:02:20,560 So, which of these four models or combination of models 55 00:02:20,560 --> 00:02:22,660 is right for your organization? 56 00:02:22,660 --> 00:02:24,080 Well, there's no clear-cut answer 57 00:02:24,080 --> 00:02:26,430 because it really depends on your security needs, 58 00:02:26,430 --> 00:02:29,110 your cost restrictions, and your risk tolerance. 59 00:02:29,110 --> 00:02:31,900 Generally, it's cheapest to use a public cloud model, 60 00:02:31,900 --> 00:02:34,310 but this also increases the risk to your information's 61 00:02:34,310 --> 00:02:36,680 confidentiality and availability. 62 00:02:36,680 --> 00:02:38,770 Well, there's many other things you need to consider as 63 00:02:38,770 --> 00:02:41,830 a security practitioner. There is going to be no single right 64 00:02:41,830 --> 00:02:45,280 answer here. Instead, it's our job to weigh the benefits 65 00:02:45,280 --> 00:02:47,910 and the drawbacks of each of these models to decide 66 00:02:47,910 --> 00:02:50,500 which one is right for our organization's security needs 67 00:02:50,500 --> 00:02:51,623 and their concerns.