Page 263 - Using MIS
P. 263
Q6 How Can Organizations Use Cloud Services Securely? 231
IaaS Services at AllRoad
As stated, IaaS provides basic hardware in the cloud. Some companies acquire servers this way
and then load operating systems onto them. Doing so requires considerable technical expertise
and management, and hence a small company like AllRoad is unlikely to do so.
AllRoad might, however, obtain data storage services in the cloud. Amazon.com, for exam-
ple, offers data storage with its S3 product. Using it, organizations can place data in the cloud
and even have that data be made elastically available. Again, however, a small organization like
AllRoad would more likely use SaaS and PaaS because of the added value they provide.
Q6 How Can Organizations Use Cloud Services
Securely?
The Internet and cloud services based on Internet infrastructure provide powerful pro-
cessing and storage services at a fraction of the cost of private data centers. However, the
Internet is a jungle of threats to data and computing infrastructure, as discussed in Chapter
10. How can organizations realize the benefits of cloud technology without succumbing to
those threats?
The answer involves a combination of technologies that we will address, at a very high
level, in this question. As you read, realize that no security story is ever over; attackers con-
stantly strive to find ways around security safeguards, and occasionally they succeed. Thus,
you can expect that cloud security will evolve beyond that described here throughout your
career. We begin with a discussion of VPNs, a technology used to provide secure communica-
tion over the Internet.
Virtual Private Networks (VPNs)
A virtual private network (VPN) uses the Internet to create the appearance of private, secure
connections. In the IT world, the term virtual means something that appears to exist but in fact
does not. Here, a VPN uses the public Internet to create the appearance of a private connection
on a secure network.
A Typical VPN
Figure 6-20 shows one way to create a VPN to connect a remote computer, perhaps an employee
working at a hotel in Miami, to a LAN at a Chicago site. The remote user is the VPN client. That
client first establishes a public connection to the Internet. The connection can be obtained by
accessing a local ISP, as shown in Figure 6-20, or, in some cases, the hotel itself provides a direct
Internet connection.
Used during
Chicago Site tunnel setup
Local Area
Network 1
ISP
VPN
Server Tunnel VPN Client
Figure 6-20 Internet
Remote Access Using
VPN; Actual Connections
