Cloud Deployment Models – CompTIA Security+ SY0-501 – 3.7

There are many different cloud architectures to consider when designing the perfect cloud. In this video, you’ll learn about cloud services, public clouds, private clouds, and more.

<< Previous Video: Virtualization Security Next: Security in the Cloud >>


With Software as a Service, there’s no need to have any local installation of hardware or software on your premises. Instead, all of that service is being provided in the cloud. A good example of this might be the use of an email distribution service or perhaps a payroll service.

Instead of having all of that hardware and software maintained locally, a third party handles all of that for you. This not only means that the application is in the cloud, but all of your data is in the cloud, as well. And if you’re concerned about security, it’s important to know what type of security is going to be applied to all of the data that’s available in the cloud.

This also means that you don’t have to provide any of the development work on this application. You don’t have to handle any software upgrades or maintain any part of the back-end infrastructure. You simply use the application that’s available to you in the cloud. A good example of this might be something like Google mail, where you don’t have to worry about any of the internal mail systems, you simply connect to and log into Google mail and manage all of your email from there.

Infrastructure as a Service, or IaaS is sometimes called Hardware as a Service because instead of having an application and software that’s already running, you’re effectively using simply hardware that is available in the cloud. You’re outsourcing your equipment and using somebody else’s equipment to run your own software. This means that you are responsible for the ongoing installation and management of that software.

And you’re also responsible for the security of the data that’s on this infrastructure as a service. This does give you more control over the data, but the data is still located in the cloud, and you have to put the proper security controls on all of this data that you’re storing in the cloud. A good example of Infrastructure as a Service might be a web-service provider that provides you with the server, and then you’re responsible for adding the operating system, the web services, and any other software that you’d like to use on that infrastructure.

Platform as a Service, or PaaS, is somewhere between Software as a Service and Infrastructure as a Service. You still don’t maintain any hardware or software on your local premises. Someone else is handling the platform in the cloud. You’re still responsible for providing all of the development that would get that software running on that Platform as a Service.

Very similar to Software as a Service, Platform as a Service has its own set of people managing that platform, all of the security, and all of the controls on that data are based around the people that are maintaining that platform as a service. With Platform as a Service, you’re given a number of building blocks that you can use to build the application that you need. A good example of this is the Platform as a Service offering from Salesforce.com. They gave you all of the software modules and development tools that you can use to customize software that works best for your organization.

There are many different ways to deploy a cloud. One is to have the entire cloud internal to your organization. This is a private cloud where you’re building out your own virtualized local data center. A public cloud would be one that’s available to everyone on the internet.

When you go to Microsoft or Amazon and take advantage of their cloud-based offering, you’re using a public cloud. A hybrid cloud offering might be a mix of the two, where part of the cloud is private and other parts are available to third parties. And with a community cloud deployment model, you’re expanding on a private cloud and allowing many different organizations to share the same resources.