You likely already use some kind of cloud-based technology in your everyday work.
Take certain file collaboration capabilities. In this remote working world, can you edit numbers on a spreadsheet while colleagues work on the same file simultaneously? Or can you upload a document in a folder for your team members to immediately see and access?
These are capabilities powered by cloud computing. It’s easy to see the impacts and outcomes the technology produces. But do you know what the cloud really is?
To help, Greg Tinsley, Architect at Red Hat, an open source software company, broke down cloud computing’s characteristics at GovLoop’s online training Wednesday.
To be considered a “cloud,” it must have five essential traits:
- It provides on-demand self-service, which means you can gain access to a resource whenever you need it without having to contact the service provider.
- It has broad network access, which means you can connect to a compute resource from wherever you need it (your laptop, smartphone, sensors, etc.).
- It has resource pooling, which means you and other consumers can use services that are connected to one large resource pool, rather than individual ones.
- It provides rapid elasticity, which means you can flex capacity depending on the demand for resources.
- It measures service, which means you have the transparency to know how much compute power you’re using and are charged appropriately for it.
A Cloud Concern: Security
With the advent of cloud, the amount of data produced and consumed has skyrocketed. “We’ve gone from terabytes of data to an infinite path of acceleration,” Tinsley said. “That means we have to protect all this data.”
In this path of growing data, the elephants it brought into the room were security and compliance, said Khary Mendez, Senior Principal Consultant at Red Hat. Security focuses on the practice of minimizing risks in IT systems. Compliance focuses on the theory and making sure organizations abide by standards and regulations.
“Sometimes we find that organizations focus on compliance, but we really need to be careful that we’re following good security practices as well,” Mendez said. For example, that could mean performing more intrusion tests on a regular basis, even if it doesn’t check a compliance standard.
To maintain cloud security, Tinsley recommended focusing on securing four areas: the data, the network, the hosts and access.
Protecting data is one of the most important aspects of cloud security, Tinsley said, because the data is what is most valuable to an organization.
Securing the network and hosts are also important, because they are both vessels that contain or transport the data. Likewise, having secure access controls ensures that the right people access the right data – and that the wrong people don’t.
“When it comes to cloud security, it’s a burden on all of our shoulders. It’s a shared responsibility,” Tinsley said.
This online training was brought to you by: