1 00:00:00,800 --> 00:00:02,240 Cloud computing also comes 2 00:00:02,240 --> 00:00:04,310 as four different types of services 3 00:00:04,310 --> 00:00:06,300 according to the Security+ exam. 4 00:00:06,300 --> 00:00:07,200 I like to refer to these 5 00:00:07,200 --> 00:00:09,470 by the generalized term of as a service 6 00:00:09,470 --> 00:00:10,630 because as you're going to see, 7 00:00:10,630 --> 00:00:13,740 everything in the cloud is something as a service. 8 00:00:13,740 --> 00:00:15,390 The four types you need to be aware of 9 00:00:15,390 --> 00:00:17,000 are Software as a Service, 10 00:00:17,000 --> 00:00:18,490 Infrastructure as a Service, 11 00:00:18,490 --> 00:00:19,710 Platform as a Service, 12 00:00:19,710 --> 00:00:21,870 and Security as a Service. 13 00:00:21,870 --> 00:00:23,320 With Software as a Service, 14 00:00:23,320 --> 00:00:26,040 you're going to be provided with a complete solution. 15 00:00:26,040 --> 00:00:28,570 This includes the hardware, the operating system, 16 00:00:28,570 --> 00:00:30,630 the software, the applications, 17 00:00:30,630 --> 00:00:33,360 everything that's needed for that service to be delivered. 18 00:00:33,360 --> 00:00:36,730 For example, if you use Office 365 for Microsoft, 19 00:00:36,730 --> 00:00:38,930 this is considered Software as a Service, 20 00:00:38,930 --> 00:00:41,510 and it allows your end users to access their email, 21 00:00:41,510 --> 00:00:43,870 their Word documents, their PowerPoint presentations, 22 00:00:43,870 --> 00:00:46,850 and all of that directly from within their web browser. 23 00:00:46,850 --> 00:00:48,230 Sometimes, though, you're going to have 24 00:00:48,230 --> 00:00:50,320 to build a customized piece of software 25 00:00:50,320 --> 00:00:52,500 to meet your particular service needs. 26 00:00:52,500 --> 00:00:54,790 In this case, you might only need the service provider 27 00:00:54,790 --> 00:00:56,890 to give you the hardware, the operating system, 28 00:00:56,890 --> 00:00:58,990 and the backend server software. 29 00:00:58,990 --> 00:01:00,720 With Infrastructure as a Service, 30 00:01:00,720 --> 00:01:02,930 you get the benefit of this dynamic allocation 31 00:01:02,930 --> 00:01:05,640 of additional resources known as elasticity, 32 00:01:05,640 --> 00:01:07,110 but you don't have to deal with the headache 33 00:01:07,110 --> 00:01:10,330 of long-term commitments and contracts, buying the hardware, 34 00:01:10,330 --> 00:01:12,900 and installing the underlying operating systems. 35 00:01:12,900 --> 00:01:14,720 For example, you might want a contract 36 00:01:14,720 --> 00:01:16,510 for a new cloud-based web host 37 00:01:16,510 --> 00:01:18,650 to host your company's website upon. 38 00:01:18,650 --> 00:01:20,160 The server might be built and hosted 39 00:01:20,160 --> 00:01:21,500 by the cloud service provider, 40 00:01:21,500 --> 00:01:23,850 and come with a pre-installed Linux operating system 41 00:01:23,850 --> 00:01:25,580 and an Apache web server. 42 00:01:25,580 --> 00:01:27,500 Now, your programmers can simply create 43 00:01:27,500 --> 00:01:30,000 a custom application for your customers 44 00:01:30,000 --> 00:01:32,020 that's run on top of this web server 45 00:01:32,020 --> 00:01:32,853 without having to worry 46 00:01:32,853 --> 00:01:35,620 about the underlying operating system and hardware. 47 00:01:35,620 --> 00:01:38,690 The third type of service is called Platform as a Service. 48 00:01:38,690 --> 00:01:40,700 Under this model, the third party vendor 49 00:01:40,700 --> 00:01:42,100 will provide your organization 50 00:01:42,100 --> 00:01:44,120 with all the hardware and software needed 51 00:01:44,120 --> 00:01:46,350 for a specific service to operate. 52 00:01:46,350 --> 00:01:48,560 For example, if your company is developing a new piece 53 00:01:48,560 --> 00:01:50,880 of software, they might have a development platform 54 00:01:50,880 --> 00:01:53,260 that's provided by a third-party cloud provider. 55 00:01:53,260 --> 00:01:55,880 This might be an example of Platform as a Service. 56 00:01:55,880 --> 00:01:58,070 Now, if we want to summarize these three types, 57 00:01:58,070 --> 00:02:00,310 remember that Infrastructure as a Service, 58 00:02:00,310 --> 00:02:02,510 you're provided with everything you need to run a server, 59 00:02:02,510 --> 00:02:05,270 including the power, the space, the cooling, 60 00:02:05,270 --> 00:02:07,870 the network, the firewalls, the physical servers, 61 00:02:07,870 --> 00:02:09,690 and the virtualization layer. 62 00:02:09,690 --> 00:02:11,270 With Platform as a Service, 63 00:02:11,270 --> 00:02:13,830 the operating system and the infrastructure software 64 00:02:13,830 --> 00:02:16,030 is added to that list I just gave you. 65 00:02:16,030 --> 00:02:17,790 Now, infrastructure software includes things 66 00:02:17,790 --> 00:02:20,620 like an Apache web server, a MySQL database, 67 00:02:20,620 --> 00:02:22,960 programming languages, and lots more. 68 00:02:22,960 --> 00:02:24,440 With Software as a Service, 69 00:02:24,440 --> 00:02:26,200 the hosted application software is added 70 00:02:26,200 --> 00:02:29,470 to the top of this infrastructure and platform portions. 71 00:02:29,470 --> 00:02:32,300 As you can see, Software as a Service is much closer 72 00:02:32,300 --> 00:02:34,890 to your end user than either Platform as a Service, 73 00:02:34,890 --> 00:02:37,030 or Infrastructure as a Service. 74 00:02:37,030 --> 00:02:38,550 Now, at the beginning of this lesson, 75 00:02:38,550 --> 00:02:41,260 I said that there was four types of as a service 76 00:02:41,260 --> 00:02:43,130 that you had to know for the exam. 77 00:02:43,130 --> 00:02:45,540 The fourth one is Security as a Service. 78 00:02:45,540 --> 00:02:47,480 This allows smaller organizations 79 00:02:47,480 --> 00:02:49,640 that don't have the necessary security skills 80 00:02:49,640 --> 00:02:52,570 to essentially outsource them to some larger company. 81 00:02:52,570 --> 00:02:54,130 This can provide them with a lower cost 82 00:02:54,130 --> 00:02:56,470 than trying to hire a team of cybersecurity professionals 83 00:02:56,470 --> 00:02:58,410 to work directly for your organization. 84 00:02:58,410 --> 00:03:01,240 It can give your company an immediate security expertise, 85 00:03:01,240 --> 00:03:03,100 and you can outsource common tasks 86 00:03:03,100 --> 00:03:04,410 and provide the organization's 87 00:03:04,410 --> 00:03:05,990 information technology staff 88 00:03:05,990 --> 00:03:08,730 with a simple interface that they can use. 89 00:03:08,730 --> 00:03:10,780 One of the first security services that began 90 00:03:10,780 --> 00:03:13,710 to be offered in the cloud was anti-malware products. 91 00:03:13,710 --> 00:03:15,740 Instead of installing a traditional antivirus 92 00:03:15,740 --> 00:03:18,410 or anti-malware program on your desktop or your server, 93 00:03:18,410 --> 00:03:20,810 the client was instead configured to utilize the cloud 94 00:03:20,810 --> 00:03:22,510 to provide these protections. 95 00:03:22,510 --> 00:03:24,580 There's a couple of advantages to doing this. 96 00:03:24,580 --> 00:03:27,140 First, it removed the need for installing an antivirus 97 00:03:27,140 --> 00:03:29,830 or anti-malware solution on your end client. 98 00:03:29,830 --> 00:03:32,340 Instead, a small utility was installed. 99 00:03:32,340 --> 00:03:34,860 This utility uses very little processing power 100 00:03:34,860 --> 00:03:35,970 and is always up-to-date 101 00:03:35,970 --> 00:03:38,360 with the latest signatures and definitions. 102 00:03:38,360 --> 00:03:40,890 This is the true power of a cloud-based solution. 103 00:03:40,890 --> 00:03:42,160 Because as soon as the provider 104 00:03:42,160 --> 00:03:44,170 creates a signature for a piece of malware, 105 00:03:44,170 --> 00:03:46,520 all of its registered clients immediately have access 106 00:03:46,520 --> 00:03:48,980 to that new signature and protection. 107 00:03:48,980 --> 00:03:50,090 Unfortunately, though, 108 00:03:50,090 --> 00:03:52,440 there are some downsides to using this approach. 109 00:03:52,440 --> 00:03:54,260 The main one is that it's highly reliant 110 00:03:54,260 --> 00:03:56,040 on a good Internet connection. 111 00:03:56,040 --> 00:03:58,100 Because the scanning engine resides in the cloud 112 00:03:58,100 --> 00:04:00,010 and relies on its processing power, 113 00:04:00,010 --> 00:04:03,080 your machine may be vulnerable when it's offline. 114 00:04:03,080 --> 00:04:04,860 Some of these cloud services are configured 115 00:04:04,860 --> 00:04:07,230 to only scan portions of the computer, as well. 116 00:04:07,230 --> 00:04:09,580 This means that it might look at the core Windows files, 117 00:04:09,580 --> 00:04:12,870 but not all of your users' documents and file storage. 118 00:04:12,870 --> 00:04:14,500 One of the most effective forms 119 00:04:14,500 --> 00:04:16,370 of Security as a Service solutions 120 00:04:16,370 --> 00:04:19,260 is found in the form of anti-spam products. 121 00:04:19,260 --> 00:04:21,910 These products allow all of the organization's email 122 00:04:21,910 --> 00:04:24,360 to be routed through this cloud server first 123 00:04:24,360 --> 00:04:27,030 in order to detect any malware or spam. 124 00:04:27,030 --> 00:04:29,650 Any suspect emails are placed in a quarantine area 125 00:04:29,650 --> 00:04:31,140 that's accessible through a web browser 126 00:04:31,140 --> 00:04:33,080 by the local administrator for review 127 00:04:33,080 --> 00:04:35,470 and possible release to the end user. 128 00:04:35,470 --> 00:04:37,300 Another great cloud-based security solution 129 00:04:37,300 --> 00:04:40,080 that you can utilize is vulnerability scanning. 130 00:04:40,080 --> 00:04:41,780 With traditional vulnerability scanners, 131 00:04:41,780 --> 00:04:44,230 you perform the scan from within your own network. 132 00:04:44,230 --> 00:04:45,720 With the cloud-based scanner, though, 133 00:04:45,720 --> 00:04:48,210 you have the option of using it from within your network 134 00:04:48,210 --> 00:04:51,700 or from the Internet, simulating an attacker's perspective. 135 00:04:51,700 --> 00:04:53,730 There are many advantages to this approach. 136 00:04:53,730 --> 00:04:55,880 First, the installation costs are lower. 137 00:04:55,880 --> 00:04:58,190 Second, your maintenance costs are also lower. 138 00:04:58,190 --> 00:04:59,920 This is because the cloud service provider 139 00:04:59,920 --> 00:05:01,560 is responsible for providing all 140 00:05:01,560 --> 00:05:03,810 of the hardware and software that's necessary 141 00:05:03,810 --> 00:05:05,600 for you to conduct these scans. 142 00:05:05,600 --> 00:05:08,470 Also, the vulnerability scanners always remain up-to-date 143 00:05:08,470 --> 00:05:11,060 under this paid service subscription model. 144 00:05:11,060 --> 00:05:13,270 In most organizations, vulnerability scanners 145 00:05:13,270 --> 00:05:15,910 aren't used 24 hours a day, seven days a week, 146 00:05:15,910 --> 00:05:17,870 so there's a lot of wasted time here. 147 00:05:17,870 --> 00:05:20,030 By utilizing a cloud service provider, 148 00:05:20,030 --> 00:05:22,630 the equipment can be shared across multiple organizations, 149 00:05:22,630 --> 00:05:24,130 and that cost is distributed 150 00:05:24,130 --> 00:05:27,300 amongst all of those clients, saving you money. 151 00:05:27,300 --> 00:05:30,750 Unfortunately, though, there is one major disadvantage here. 152 00:05:30,750 --> 00:05:32,300 Because scanning is being conducted 153 00:05:32,300 --> 00:05:34,130 from the cloud provider's system, 154 00:05:34,130 --> 00:05:35,930 the vulnerability data may be stored 155 00:05:35,930 --> 00:05:37,520 on their systems, as well. 156 00:05:37,520 --> 00:05:39,410 This is the same data that shows all 157 00:05:39,410 --> 00:05:41,920 of your vulnerabilities that are open to exploitation 158 00:05:41,920 --> 00:05:43,780 and therefore, the security of this data 159 00:05:43,780 --> 00:05:46,510 should be a top concern for your organization. 160 00:05:46,510 --> 00:05:48,370 Another security technique that can be provided 161 00:05:48,370 --> 00:05:51,480 by cloud services is the use of sandboxing. 162 00:05:51,480 --> 00:05:54,110 Sandboxing utilizes separate virtual networks 163 00:05:54,110 --> 00:05:55,640 to allow security professionals 164 00:05:55,640 --> 00:05:58,220 to test suspicious or malicious files. 165 00:05:58,220 --> 00:06:00,280 For example, if your organization is conducting 166 00:06:00,280 --> 00:06:02,280 an incident response, your responders 167 00:06:02,280 --> 00:06:03,440 could place a piece of malware 168 00:06:03,440 --> 00:06:05,610 in a cloud-hosted sandboxed environment 169 00:06:05,610 --> 00:06:08,480 to see the effects of the malware as it's run in real time. 170 00:06:08,480 --> 00:06:11,320 This will allow them to do a dynamic analysis of it. 171 00:06:11,320 --> 00:06:13,930 Another type of thing you can do is content filtering. 172 00:06:13,930 --> 00:06:16,670 This is another example of possible security services 173 00:06:16,670 --> 00:06:18,690 that a cloud provider might offer you. 174 00:06:18,690 --> 00:06:21,520 When your organization signs up for content filtering, 175 00:06:21,520 --> 00:06:22,880 all of your organization's traffic 176 00:06:22,880 --> 00:06:24,800 will be diverted from your network 177 00:06:24,800 --> 00:06:27,030 to the cloud provider through a VPN 178 00:06:27,030 --> 00:06:29,390 prior to going out to the larger Internet. 179 00:06:29,390 --> 00:06:31,640 The provider then can be able to give you the ability 180 00:06:31,640 --> 00:06:33,970 to create policies such as time limits, 181 00:06:33,970 --> 00:06:36,280 categories of content that should be blocked, 182 00:06:36,280 --> 00:06:38,190 as well as reporting to see any users 183 00:06:38,190 --> 00:06:39,930 who are attempting to access the websites 184 00:06:39,930 --> 00:06:41,690 that are on your block list. 185 00:06:41,690 --> 00:06:43,270 As you can see, there are a lot 186 00:06:43,270 --> 00:06:44,980 of different options that you should consider 187 00:06:44,980 --> 00:06:47,450 when dealing with cloud-based security offerings. 188 00:06:47,450 --> 00:06:50,290 Other services can include things like data loss prevention, 189 00:06:50,290 --> 00:06:52,580 continuous monitoring, access control, 190 00:06:52,580 --> 00:06:54,920 identity management, business continuity, 191 00:06:54,920 --> 00:06:57,470 disaster recovery, and many others. 192 00:06:57,470 --> 00:06:59,930 If you continue on into your cybersecurity career, 193 00:06:59,930 --> 00:07:02,300 at some point you might even find yourself working 194 00:07:02,300 --> 00:07:06,383 for one of these Security as a Service providers.