Banner

No More Worries!

image Our orders are delivered strictly on time without delay

Paper Formatting

  • Double or single-spaced
  • 1-inch margin
  • 12 Font Arial or Times New Roman
  • 300 words per page

No Lateness!

image 

Our orders are delivered strictly on time without delay

Our Guarantees

image
  • Free Unlimited revisions
  • Guaranteed Privacy
  • Money Return guarantee
  • Plagiarism Free Writing

Many organizations are moving to the cloud to protect their infrastructure

Many organizations are moving to the cloud to protect their infrastructure, reduce infrastructure costs, and improve their backup capabilities. As a cybersecurity practitioner, you may very well be asked to assist in the selection and implementation of a cloud computing service model.

Compare and contrast the cloud computing service models defined by NIST.
Integrate practical examples of organizations you have researched that that are using the various platforms, highlighting the advantages and disadvantages of each.
Provide full citations and references, formatted according to Strayer Writing Standards.
This course requires the use of Strayer Writing Standards (SWS). The library is your home for SWS assistance, including citations and formatting. Please refer to the Library site for all supports. Check with your professor for any additional instructions.

Full Answer Section

         

Platform as a Service (PaaS)

  • Description: PaaS provides a platform for developing, deploying, and managing applications. The provider manages the underlying infrastructure and operating systems, allowing the customer to focus on application development.  
  • Advantages:
    • Simplified application development and deployment.
    • Reduced infrastructure management overhead.
    • Faster time to market.
  • Disadvantages:
    • Less control over infrastructure compared to IaaS.
    • Vendor lock-in potential.
    • Security vulnerabilities in the platform can affect applications.  
  • Practical Example:
    • Google App Engine: Developers use Google App Engine to build and deploy web applications without managing servers. For example, many startups use this platform to rapidly develop and deploy applications.  
    • Salesforce Heroku: Heroku is used by many companies to deploy and manage web applications.  
  • Cybersecurity Considerations:
    • Focus on application security, including secure coding practices.
    • Data encryption and access control.
    • Understanding the provider's security responsibilities.

3. Software as a Service (SaaS)

  • Description: SaaS provides ready-to-use applications over the internet. The provider manages all aspects of the application, including infrastructure, operating systems, and security.  
  • Advantages:
    • Easy to use and access.
    • Reduced IT management burden.
    • Automatic updates and maintenance.
  • Disadvantages:
    • Limited customization and control.
    • Data security and privacy concerns.
    • Dependence on the provider's availability.
  • Practical Example:
    • Microsoft 365: Organizations use Microsoft 365 for email, productivity tools, and collaboration. The provider manages the entire application and infrastructure.  
    • Salesforce: Many companies use salesforce to manage customer relationship management.  
  • Cybersecurity Considerations:
    • Data security and privacy are paramount.
    • Ensure the provider has robust security measures.
    • Implement strong access controls and data loss prevention.
    • Ensure that the SaaS provider is compliant with all applicable regulations.

Comparison and Contrast

Feature IaaS PaaS SaaS
Control Highest Medium Lowest
Responsibility Highest Medium Lowest
Flexibility Highest Medium Lowest
Management Overhead Highest Medium Lowest
Security Responsibility Shared, with high customer responsibility Shared, with medium customer responsibility Shared, with low customer responsibility
Typical Use Infrastructure control Application development End-user applications

References

Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. National Institute of Standards and Technology. https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf

Amazon Web Services. (n.d.). Netflix case study. Retrieved from https://aws.amazon.com/solutions/case-studies/netflix/

Microsoft. (n.d.). Microsoft Azure. Retrieved from https://azure.microsoft.com/en-us/

Google Cloud. (n.d.). Google App Engine. Retrieved from https://cloud.google.com/appengine

Salesforce. (n.d.). Heroku. Retrieved from https://www.heroku.com/

Microsoft. (n.d.). Microsoft 365. Retrieved from https://www.microsoft.com/en-us/microsoft-365.

Cybersecurity Practitioner's Role

As a cybersecurity practitioner, it's vital to:

  • Conduct thorough risk assessments for each cloud service model.
  • Implement strong security controls, including encryption, access management, and intrusion detection.
  • Ensure compliance with relevant regulations and standards.
  • Educate users on security best practices.
  • Ensure that any cloud provider that the organization chooses, has strong security policies in place.

By understanding the nuances of each cloud computing service model, cybersecurity practitioners can help organizations make informed decisions and implement robust security measures.

Sample Answer

     

Cloud Computing Service Models: A NIST Perspective

The National Institute of Standards and Technology (NIST) defines three primary cloud computing service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Each model provides varying levels of control and responsibility for the organization.  

1. Infrastructure as a Service (IaaS)

  • Description: IaaS provides fundamental computing infrastructure—virtual servers, storage, networking—over the internet. The customer manages operating systems, applications, and data, while the provider manages the underlying infrastructure.  
  • Advantages:
    • High flexibility and control over infrastructure.
    • Scalability to meet fluctuating demands.
    • Cost-effectiveness for organizations with existing IT expertise.
  • Disadvantages:
    • Significant responsibility for security and maintenance.
    • Requires in-depth IT knowledge.
    • Potential for increased complexity.
  • Practical Example:
    • Amazon Web Services (AWS): Many enterprises use AWS IaaS to build and manage their own virtual data centers. For example, Netflix utilizes AWS for its vast streaming infrastructure, managing its own applications and data while leveraging AWS's robust infrastructure.  
    • Microsoft Azure: Many companies also use Azure IaaS to create virtual machines, and virtual networks.  
  • Cybersecurity Considerations:
    • Organizations must implement strong security measures for operating systems, applications, and data.
    • Network security configurations are crucial.
    • Regular vulnerability assessments and penetration testing are essential.

Our Services

image
  • Research Paper Writing
  • Essay Writing
  • Dissertation Writing
  • Thesis Writing

Why Choose Us

image
  • Money Return guarantee
  • Guaranteed Privacy
  • Written by Professionals
  • Paper Written from Scratch
  • Timely Deliveries
  • Free Amendments