If Google Groups isn't available in your work or school account, ask your administrator to turn on Groups for Business. Show
Using Google Groups, you can share content with multiple people via a single email address. For example, you could create a group with the email address and add several members. You could then use the group's email address to share a document with everyone in the group. If you share content with a group that contains another group, the subgroup, or child group, members have the same access to the content as the parent group members. If you remove members from a group, they lose access to content shared with the group. Learn more about subgroups or child groups. Benefits of sharingSharing content lets you:
If you add members laterMembers you add to the group later can immediately access previously shared content via file URLs. However, previously shared content doesn’t automatically appear in new members’ Shared with Me view in Google Drive. For files to appear in Shared with Me, you need to reshare them with the group, or share the files with new members individually. Sharing outside your organizationYour administrator can prevent the sharing of content with group members outside your organization. If external sharing is prohibited, only group members who are in your organization can access the group's shared content. Share content with a groupYou can share documents, sites, and even your calendar. Share a documentVisit Share Docs, Sheets, Slides, and Forms. Share a site
Share your calendar
Each group member receives a sharing invitation. If you have the Who can view members permission for the group, the calendar event appears automatically on members’ calendars. If not, members must manually enter the event on their calendars. Members must click the link in the invitation to view your calendar. Because this link works only for group members, you can safely post it on websites or send it in other email messages. If your group includes people who don't use Google Calendar, you can share your calendar publicly. Was this helpful? How can we improve it? Derrick Rountree, Ileana Castrillo, in
The Basics of Cloud Computing, 2014 NIST defines four cloud deployment models: public clouds, private clouds, community clouds, and hybrid clouds. A cloud
deployment model is defined according to where the infrastructure for the deployment resides and who has control over that infrastructure. Deciding which deployment model you will go with is one of the most important cloud deployment decisions you will make. Each cloud deployment model satisfies different organizational needs, so it’s important that you choose a model that will satisfy the needs of your organization. Perhaps even more important is the fact
that each cloud deployment model has a different value proposition and different costs associated with it. Therefore, in many cases, your choice of a cloud deployment model may simply come down to money. In any case, to be able to make an informed decision, you need to be aware of the characteristics of each environment. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780124059320000037 Migrating to the CloudTom Laszewski, Prakash Nauduri, in Migrating to the Cloud, 2012 Cloud Computing Deployment ModelsCloud deployment models indicate how the cloud services are made available to users. The four deployment models associated with cloud computing are as follows: •Public cloud As the name suggests, this type of cloud deployment model supports all users who want to make use of a computing resource, such as hardware (OS, CPU, memory, storage) or software (application server, database) on a subscription basis. Most common uses of public clouds are for application development and testing, non-mission-critical tasks such as file-sharing, and e-mail service. •Private cloud True to its name, a private cloud is typically infrastructure used by a single organization. Such infrastructure may be managed by the organization itself to support various user groups, or it could be managed by a service provider that takes care of it either on-site or off-site. Private clouds are more expensive than public clouds due to the capital expenditure involved in acquiring and maintaining them. However, private clouds are better able to address the security and privacy concerns of organizations today. •Hybrid cloud In a hybrid cloud, an organization makes use of interconnected private and public cloud infrastructure. Many organizations make use of this model when they need to scale up their IT infrastructure rapidly, such as when leveraging public clouds to supplement the capacity available within a private cloud. For example, if an online retailer needs more computing resources to run its Web applications during the holiday season it may attain those resources via public clouds. •Community cloud This deployment model supports multiple organizations sharing computing resources that are part of a community; examples include universities cooperating in certain areas of research, or police departments within a county or state sharing computing resources. Access to a community cloud environment is typically restricted to the members of the community. With public clouds, the cost is typically low for the end user and there is no capital expenditure involved. Use of private clouds involves capital expenditure, but the expenditure is still lower than the cost of owning and operating the infrastructure due to private clouds' greater level of consolidation and resource pooling. Private clouds also offer more security and compliance support than public clouds. As such, some organizations may choose to use private clouds for their more mission-critical, secure applications and public clouds for basic tasks such as application development and testing environments, and e-mail services. TIPUsing hypervisor-based virtualization software to provide isolation between different customer environments can lead to increased utilization of system resources such as CPU and memory. Using native virtualization technologies offered by hardware vendors, such as Solaris Zones when using the Oracle Solaris operating system, can be much more effective and efficient depending on the customer environment. Native virtualization technologies offered by hardware vendors are more restrictive in terms of what is supported than hypervisor-based virtualization software. Figure 1.1 summarizes the computing architecture evolution. FIGURE 1.1. Evolution of Computing Architectures As Figure 1.1 shows, cloud computing primarily impacts how IT infrastructure and platforms are set up, deployed, and provisioned from an end-user perspective. The applications running in a cloud environment should be able to seamlessly interact with the cloud ecosystem, including other applications within or outside the cloud environment. Table 1.1 highlights the pros and cons of different computing architectures. Table 1.1. Pros and Cons of Different Computing Architectures
To take advantage of cloud computing, legacy applications such as those developed using mainframe client/server technologies need to be adapted or migrated to modern languages and APIs so that they can interact with other applications regardless of where they are deployed. Cloud-enabling an application requires that the application be able to interact with databases, middleware, and other applications using standards-based mechanisms such as Web services. Most legacy and client/server applications today do not have this capability natively. Typically, these legacy applications require adapters and wrapper software to make them accessible via Web services. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597496476000016 Cloud Computing ArchitectureVic (J.R.) Winkler, in Securing the Cloud, 2011 Cloud Deployment ModelsMell and Grance next define the four Cloud Deployment models8:
These four deployment models can see significant variation depending on other factors that we will discuss in the next section, but they serve to address the broad questions as to how one can deploy pooled cloud resources. Before we move on, it is important to make two points about the NIST Cloud Model: •A customer or tenant can have greater security control over more resources as one moves from SaaS to PaaS and again from PaaS to the IaaS service model. •A customer or tenant can achieve greater security control over more resources when moving from a Public cloud to a community cloud and again from a community cloud to a Private cloud. Figure 2.3 is an adaption of the NIST Cloud Computing Model, which has been annotated to reflect the discussion in this section on customer and tenant control. We will examine the issue of control in greater detail in the next section. Figure 2.3. The annotated NIST cloud model. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597495929000026 FedRAMP primerMatthew Metheny, in Federal Cloud Computing (Second Edition), 2017 Change ControlChanges to an operational environment are inevitable as a system undergoes routine maintenance. However, some changes may cause significant impacts to the security posture of the cloud service.63 Therefore, the CSP is required to report “changes in the CSP’s point of contact with FedRAMP, changes in the CSP’s risk posture, changes to any applications residing on the cloud system, and/or changes to the cloud system infrastructure” [6], and submit any residual artifacts associated with significant changes such as the SSP, security impacts analysis, and a re-assessment by a 3PAO to the FedRAMP PMO. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128097106000081 Cloud LoggingAnton Chuvakin, ... Chris Phillips, in Logging and Log Management, 2013 SummaryWe covered a lot of material in this chapter. The main points you need to take away are: ▪Cloud service delivery models: The three basic types are SaaS, IaaS, and PaaS ▪Cloud deployment models: The four basic types are Public, Private, Community, and Hybrid ▪Cloud logging: It’s a young field which is growing every day. Be sure you understand what it is you and your organization require before you embark on logging all your log data to the cloud. Be sure to ask lots of questions of whatever perspective provider you are interested in using. ▪SIEM in the cloud: MSSPs have supported this model for years. Traditional Shrink-wrapped SIEM vendors are starting to realize the value in this model and are scrambling to build cloud capabilities and offerings into their products. ▪Security concerns: Be sure you understand how the provider approaches IT security. Also, make sure you understand your responsibility when it comes to legislative and regulatory compliance when operating in a cloud environment. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B978159749635300021X Secure migration to the cloud—In and outThomas Kemmerich, ... Carsten Momsen, in The Cloud Security Ecosystem, 2015 8 Migration phasesFor the migration to a CSP under consideration that a remigration to another IT-Service provisioning must be possible, a Five-Phase-Model of secure cloud migration is introduced. The migration process to a CSP is divided into five phases that correspond to each other. It is important that an organization, intending to move its IT-Services, and IT-Processes to a CSP is aware of all phases and develops and tests a strategy to get in each step of the phases during the whole process of migration and operation. It is also essential for an organization to think about cloud migration to develop a scenario to leave the CSP without any losses of IT-Services and data and with a predictable amount of investment and manpower. Applying the Five-Phase-Model of secure cloud migration will ensure this. The five phases of cloud migration are: 1.Planning 2.Contracts 3.Migration 4.Operation 5.Termination These five phases will not follow straightward each other. It depends on the success whether the next phase can be entered or not. Under every circumstance, it is necessary to develop the light gray (left in Figure 5) and gray strategy (right in Figure 5) to leave the CSP. The way back to an internal IT-Service is the safest backup, because the customer can define all SLAs and remigration conditions. But all assumed advantages of using a CSP would be lost. The gray strategy offers, on the one hand, the possibility to negotiate regularly new condition with the actual CSP. On the other hand, it is a clear strategy available to move to another CSP if the required service, the service quality, the maintenance, or the economical conditions are not sufficient anymore. In the following section, the single phases are described according to Figure 5. This subchapter gives an overview, which subtasks during each step of the Five-Phase-Model have to be fulfilled. A detailed description of all subtasks during the migration process is not scope of this chapter because the design of the subtasks depends strongly on the required IT-Services, the kind of data which shall be processed and which legal requirements have to be applied. Figure 5. Five-Phase-Model of secure migration to a Cloud Service Provider. 8.1 PlanningThe planning phase is the most important phase because the prerequisites for all following phases and the accompanying procedures will be defined during the planning phase. Mistakes or uncertainties during this phase can affect the whole migration and operation. Especially an eventually necessary termination process could be massively disturbed or is not possible without enormous costs and may be with loss of reputation for the cloud customer. The business analysis and the constitutive security analysis are the fundaments for all further decisions and concepts. So it is recommended to develop these two concepts very carefully and complete. From the practical experience, a comprehensive business analysis will often also give starting-points for an improvement of detailed or entire processes. So at the example of the lawyer office, we were able to detect optimization potentials in some of the internal workflows as well as in communication procedures with courts. The subtasks of the planning phase shall include as a minimum the following points: -Business analysis -Security analysis -Definition of required SLAs -Definition of security requirements -Definition of required cloud services -Definition of required cloud deployment model -Definition of the CSP (call for tender or scan the Internet) -Requirements for interoperability •Virtualization software (vendor, type, version, upgrade cycle, …) •Flexibility in upgrading or keeping the version level in accordance also to other cloud customers -Definition of the basic rollback scenario 8.2 ContractsBased on the strategy and the cloud policy, the contracts with the CSP as well as with the ISPs have to be negotiated. Depending on the legal situation in the country of the cloud customer, the contracts have to be negotiated and regularly adopted if necessary. Basic guidelines are described in Section 5. Because network connectivity is the basis of the successful access to the cloud services, it is essential that the ISP (mostly the CSP will be accessed via Internet) will offer the required service quality and availability. All contractual defined service levels with the CSP cannot be provisioned if the network is not available in the required condition. This often causes complex disputes. Furthermore, it is important to describe the termination processes in the contract that includes the secure and complete erasure of all customer data and process information (including backups). The CSP has to ensure that no data can be retrieved in any way from any media after termination of the cloud service. Nondisclosure agreements also for the time after service provisioning are essential and have to be part of the contract with the CSP. Essential subtasks for the contract design are: -Definition of the form of the contracts (especially in international services) -Ensure that all related law areas are involved and covered -Description of the location, where the service are allowed to be provided (processing and storage of data) -Definition of indicators of service provisioning and other relevant requirements (measurability and auditing) -Definition of required certifications, quality of the certifications, and cycles to renew the certifications -Definition of the framework for auditing processes -Definition of Service Level Agreements and how to ensure the provisioning of the defined services (this includes the conditions and terms of termination) -Definition of technical forms and software versions -Definition of termination of the cloud service. 8.3 MigrationThe migration phase is the most complex phase. On the basis of the former conducted business and security analysis the implementation and Migration Security Concept (MSC) has to be developed. The migration starts with a realistic test scenario, which is executed by employees of the cloud customer with real applications, but mostly as a simulation and not in real service. During this subphase, the decision to keep staying in the former situation or to migrate has to be made and necessary changes in the concept of service provisioning by the CSP can be done. During each stage of the migration phase, a rollback to the beginning must be possible. Relevant aspects for the migration phase are: -Implementation of the IT-Processes and IT-Services according to the business processes analysis -Definition of the IT-Service concept -Definition of the security concept for the migration phase (MSC) and the operation phase -Definition of the migration concept, this includes: •Test-concept, description, requirements, documentation, evaluation of the test •Concept for change over (parallel service provision, consistency of services and data, rollback scenario) •Secure transfer of the data and processes to the CSP -Definition of a checklist for the migration process, as a basis for a necessary start of the rollback scenario -Definition of responsibilities during the whole migration process from definition of concepts—testing—transfer—takeover, etc. 8.4 OperationThe operations phase is a more or less steady-state situation where the cloud customer mostly has to take care that the quality of the IT-Service provision is sufficient. Measures described in ISO 9000 (Quality Management) and ISO 27000 (Information Security Management) families have to be applied to guaranty the required service quality. Independent audits have to be done to guarantee the defined service quality. Relevant aspects for the operation phase are: -Definition of the IT-Service operation •What services are available? •How to access the services? •Authentication and authorization requirements and how are they realized •Service provisioning (e.g., based on ITIL) -Security concept (based on ISO 27001)—follows from the planning phase -Qualification concept for administrators and users -Definition of the concrete auditing concept -Emergency Handbook and test-procedure for the emergency case -Auditing concept (see also Chapter 8) 8.5 TerminationThe termination phase is necessary under the consideration that the rollback to internal IT-Service provisioning or the change of the CSP usually is not under consideration by a cloud customer in long-term planning. Often economic reasons or insufficient service provisioning leads to a decision to change the IT-Service provisioning that might lead to leaving the actual CSP. An intensive preparation makes a change of the CSP safer and more secure. Relevant aspects for the termination phase are: -Termination plan •Definition, who shall provide the IT-Services •Ensure how to get access to all data and business processes during the whole termination process (documented guideline) •New contract with another CSP or an internal IT-Service Provider •Time schedule of the termination and remigration process •SLAs for the remigration -Definition how to secure the processes and the data •Secure permanent access to the data during the termination process •Secure data in transit •Ensure secure and sustainable erasure of customer data -Termination of the contract with the existing CSP -Penalty rules if the CSP does not fulfill the SLAs (part of the contract) -Definition of an emergency scenario for the case that the CSP does not cooperate -Nondisclosure agreement for a time after service provisioning of the former CSP Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128015957000100 Introduction to the CloudDerrick Rountree, Ileana Castrillo, in The Basics of Cloud Computing, 2014 SummaryThere are five key cloud characteristics: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. A solution must exhibit these five characteristics to be considered a true cloud solution. There are four cloud deployment models: public, private, community, and hybrid. Each deployment model is defined according to where the infrastructure for the environment is located. There are three main cloud service models: Software as a Service, Platform as a Service, and Infrastructure as a Service. SaaS was the original cloud service model but the cloud has continued to grow and expand. Now a vast array of service models is available. There are many factors pushing organizations toward the cloud, as well as many factors that are keeping organizations away. Each organization must evaluate cloud offerings for itself to see what best fits its needs. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780124059320000013 Securing Cloud Computing SystemsCem Gurkok, in Computer and Information Security Handbook (Third Edition), 2017 Managing the Risks of Public CloudsThough a public cloud deployment is suitable for most uses that are nonsensitive, migrating sensitive, mission critical, or proprietary data into any cloud environment that is not certified and designed for handling such data introduces high risk. A customer should first select a cloud deployment model and then make sure that sufficient security controls are in place. These actions should be followed by a reasonable risk assessment: •Data and encryption: If the data is stored unencrypted in the cloud, data privacy is at risk. There is the risk for unauthorized access either by a malicious employee on the cloud service provider side or an intruder gaining access to the infrastructure from the outside. •Data retention: When the data is migrated or removed by the cloud provider or customer, there may be data residues that might expose sensitive data to unauthorized parties. •Compliance requirements: Various countries have varying regulations for data privacy. Because some public cloud providers don't provide information about the location of the data, it is crucial to consider the legal and regulatory requirements about where data can be stored. •Multitenancy risks: The shared nature of public cloud environments increases security risks, such as unauthorized viewing of data by other customers using the same hardware platform. A shared environment also presents resource competition problems whenever one of the customers uses most of the resources either due to need or due to being exposed to targeted attacks, such as DDoS. •Control and visibility: Customers have restricted control and visibility over the cloud resources because the cloud provider is responsible for administering the infrastructure. This introduces additional security concerns that originate from the lack of transparency. Customers need to rethink the way they operate as they surrender the control of their IT infrastructure to an external party while utilizing public cloud services. •Security responsibility: In a cloud the vendor and the user share the responsibility of securing the environment. The amount of responsibility shouldered by each party can change depending on the cloud model adopted. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128038437000636 Securing Cloud Computing SystemsCem Gurkok, in Network and System Security (Second Edition), 2014 Managing the Risks of Public CloudsAlthough a public cloud deployment is suitable for most uses that are nonsensitive, migrating sensitive, mission-critical, or proprietary data into any cloud environment that is not certified and designed for handling such data introduces high risk. A customer should first select a cloud deployment model and then make sure that sufficient security controls are in place. These actions should be followed by a reasonable risk assessment: •Data and encryption: If the data is stored unencrypted in the cloud, data privacy is at risk. There is the risk for unauthorized access either by a malicious employee on the cloud service provider side or an intruder gaining access to the infrastructure from the outside. •Data retention: When the data is migrated or removed by the cloud provider or customer, there may be data residues that might expose sensitive data to unauthorized parties. •Compliance requirements: Various countries have varying regulations for data privacy. Because some public cloud providers don’t offer information about the location of the data, it is crucial to consider the legal and regulatory requirements about where data can be stored. •Multi-tenancy risks: The shared nature of public cloud environments increases security risks, such as unauthorized viewing of data by other customers using the same hardware platform. A shared environment also presents resource competition problems whenever one of the customers uses most of the resources due either to need or to being exposed to targeted attacks, such as DDoS (distributed denial of service). •Control and visibility: Customers have restricted control and visibility over the cloud resources because the cloud provider is responsible for administering the infrastructure. This introduces additional security concerns that originate from the lack of transparency. Customers need to rethink the way they operate as they surrender the control of their IT infrastructure to an external party while utilizing public cloud services. •Security responsibility: In a cloud the vendor and the user share responsibility forsecuring the environment. The amount of responsibility shouldered by each party can change depending on the cloud model adopted. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780124166899000046 IntroductionDinkar Sitaram, Geetha Manjunath, in Moving To The Cloud, 2012 SummaryThis chapter has focused on many concepts that will be important in the rest of the book. First, the NIST definition of cloud computing and the three cloud computing models defined by NIST (Infrastructure as a Service or IaaS, Platform as a Service or PaaS, Software as a Service or SaaS) have been described. Next, the four major cloud deployment models – private cloud, public cloud, community cloud, and hybrid cloud, were surveyed and described. This was followed by an analysis of the economics of cloud computing and the business drivers. It was pointed out that in order to quantify the benefits of cloud computing, detailed financial analysis is needed. Finally, the chapter discussed the major technological challenges faced in cloud computing – scalability of both computing and storage, multi-tenancy, and availability. In the rest of the book, while discussing technology, the focus will be on how different cloud solutions address these challenges, thereby allowing readers to compare and contrast the different solutions on a technological level. Go ahead – enjoy the technology chapters now and demystify the cloud! Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597497251000019 What term is used to describe a space that is rented at a data center facility?A colocation facility, or colo, is a data center facility in which a business can rent space for servers and other computing hardware. Typically, a colo provides the building, cooling, power, bandwidth and physical security, while the customer provides servers and storage.
What type of cloud service model involves hardware services that are provided virtually including network infrastructure devices such as virtual servers?IaaS architecture
In an IaaS service model, a cloud provider hosts the infrastructure components that are traditionally present in an on-premises data center. This includes servers, storage and networking hardware, as well as the virtualization or hypervisor layer.
What is a platform as a service PaaS quizlet?Platform as a service (PaaS) Software and hardware that provides an operating system on which developers can create and deploy solutions without administrating the underlying system software.
What type of scenario would be best served by using a platform as a service cloud model?aaaaaaaaaa borger. |