An overview of IaaS, PaaS, and SaaS
1. An overview of IaaS, PaaS, and SaaS
Imagine you work for a nonprofit organization. Your boss schedules a meeting to explain that the organization is migrating some resources to the cloud in an effort to save money. As the nonprofit’s security analyst, it’s your job to decide which cloud service model is the best fit for your organization’s security needs. To help you make that decision, let’s examine some of the most widely used service models. Cloud computing has several service models available depending on the degree of service customers need. The three major models include infrastructure as a service, or IaaS; platform as a service, or PaaS; and software as a service, or SaaS. The type of workload determines the level of responsibility the CSP has over your organization’s security and resources. The CSP has the least responsibility in the IaaS model. In IaaS, the CSP provides instant access to infrastructure services, ranging from compute, storage, and networking to virtualization. The customer manages all other services, like virtual machines, operating systems, data, and security. With IaaS, the customer doesn’t have to worry about maintaining their own data center infrastructure. Next, in a PaaS model, the CSP supplies and manages the hardware and software resources needed to develop applications. Customers write the code and manage all the apps, data, and security, while the CSP is responsible for maintaining the software development platform. PaaS manages more resources than the IaaS model, so IT and development teams have less operational responsibilities. Lastly, the CSP has the most responsibility in a SaaS model, where customers only need to focus on securing their content and access policies. So, customers pay for web applications accessed over a network connection. SaaS is widely used in cases where companies don’t have the staff or resources to build their own applications. Google’s Gmail offering is an example of a SaaS environment. Gmail users control the data on the email platform, while Google provides the software and the hardware. All of these models share one thing in common: the customer is always responsible for securing their data. There are several service models beyond IaaS, SaaS, and PaaS. For example, functions as a service, or FaaS, provides serverless computing to developers who want to run singular pieces of code. Serverless computing separates physical servers from development environments. Developers use this service when they don’t want to manage backend infrastructure like servers or resources like containers. Identity as a service, or IDaaS, is another cloud service model. IDaaS is commonly used for multifactor authentication, single sign-on, and identity and access management. Implementing IDaaS is one measure to prevent threat actors from gaining unauthorized access to your data. Lastly, firewall as a service helps organizations create more secure networks. Firewall as a service is useful for growing organizations that need firewalls to block unauthorized access. As the volume of employees and their connected devices increase, so does the need for firewalls to protect the organization’s resources and network. Let’s come back to the nonprofit scenario. Your overview of the cloud service models helps you make a decision about the best model for your organization. You narrow your search down to the IaaS, PaaS, and Sas models because they all remove the need for maintaining your organization’s infrastructure. PaaS is useful for your developers, so they can focus more on writing code and less on the actual platform. And with SaaS, your organization only needs to secure your data and access policies. When you consider the strengths of each service model, you decide IaaS is the best fit for the nonprofit. Using the cloud’s infrastructure means you’ll spend less time managing physical resources and you’ll still maintain control over a lot of your services, like your operating systems and data. With the information you learned about cloud service models, you are better equipped to choose the best model to meet your organization’s needs.2. Let's practice!
Create Your Free Account
or
By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.