Followers
Sunday, July 1, 2012

Get Off of My Cloud

7:42 PM | Posted by Sue Parler | | Edit Post


http://edocumentsciences.com
With all due respect to the Rolling Stones, Get Off of my Cloud could easily be an ad pitch for cloud-based security.  With our looming topic as Cloud Based Computing in an educational setting, several questions have arisen about security.  As with all things technology related, I felt it was important to find the most current information possible, rest assured, this information is current within the past two months.

First, let's make sure we're all singing from the same sheet - can you hear Mick Jagger in the background? If so, just hum along.  Let's be sure we envision "The Cloud" in the same general manner. Cloud computing is storing data and accessing application software via the Internet.  As online education is anytime, anywhere learning; cloud computing allows users anytime, anywhere access to their data and the applications to generate and manipulate that data.  As long as a user has access to the Internet, s/he has access to the cloud.

There are three different cloud hosting options:  private, public, and hybrid.  A private cloud provides hosted services to a limited number of specified people behind a firewall.  Generally, users are assigned log ins and passwords to access data.  In a public cloud setting, a vendor makes resources available to the general public free or on a pay-per-usage basis. As the name suggests, a hybrid model combines some in-house resources (private) with public resources.

Now let's tip-toe into the Alphabet Soup of cloud acronyms:

SaaS - Software as a service.  An information- and application-based cloud.  A business-level service over the public Internet.

PaaS - Platform as a service.  Development clouds. Software authoring - within the rules of the host - this is an economical way to develop without a hardware investment.

IaaS - Infrastructure as a service. Information technology made available via remote access.


And now a stroll through security...

The cloud service provider takes on the bulk of the responsibility for security, although the "client" is not free of responsibility.  The provider's job is simple:  within the provided infrastructure, isolate an environment for each client.  Each client should be able to access his data, not the data of any other client.  No one should be able to see the structure, systems, data or any attribute of any other client's environment.

Just because operating systems may run in the cloud does not free the the administrator of the client's network, or the client himself, from keeping up to date with the latest patches, and installing endpoint based antivirus, and firewalls.  Individual users should be reminded to keep confidential data, such as usernames and passwords, safe and secure.  Sensitive data should be encrypted, as always.


Labels: , | 5 comments |
Subscribe to: Posts (Atom)
About Me
My Photo
Sue Parler
I'm currently in my 32nd year teaching at DePaul Catholic HS in Wayne, NJ. I teach Game Design, Cryptology, and Spanish -- yes, it's an odd mix -- even I admit it. I am the IT Coordinator at DePaul Catholic as well, which means I manage the network, the student information system, the website, and the 900+ computers in the building. Yep, keeps me busy.
View my complete profile
My Blog List