A quick look at cloud terminology

The more IT terms you understand, the more you can help your institution stay safe

When you frame the question that way, you can determine where to place your compute power, and you begin to gain control over the dynamic. Want to reduce costs? Increase efficiencies? Achieve some other objective? First, decide what your metrics are and how they serve the business; then select the technology.

IaaS, SaaS, and PaaS

At its most basic level, IaaS (Infrastructure as a Service) enables you to move all or part of your computing environment to the cloud (off premises) and to make the migration without modifying any of your existing applications. The market is now awash in IaaS tools and technologies, empowering institutions that may lack traditional computing resources to benefit from robust products and platforms—and perhaps gain a little independence from vendors.

IaaS is distinguished from two other “as a service” models, Software as a Service (SaaS) and Platform as a Service (PaaS). SaaS is essentially a software rental model, in which individual applications are hosted (again, off-premises) for a monthly subscription fee. All your users need is a web browser and they’re good to go.

PaaS is somewhat more ambitious while remaining user- and application-specific. PaaS is often better suited to smaller institutions writing applications that are specific to their environment; they don’t need to build and maintain the infrastructure usually required to develop and launch an app. PaaS makes it possible, even easy, to develop applications rapidly with little technical know-how. If the platform for which the app was written changes or ceases to exist, however, users are out of luck. With PaaS, internal development teams are compelled to ride the IT rollercoaster, forever investing and reinvesting in platform-specific application development.

Getting a handle on security

Sound security planning requires assessing threats, choosing tools to meet those threats, implementing those tools, assessing the effectiveness of the tools implemented, and repeating this process on an ongoing basis.

I recommend measures like clustered firewalls, multi-factor authentication (“layered” passwords), and intrusion detection and prevention systems, which go above and beyond traditional firewalls. Increasingly, threats are emanating from distributed denial of service attacks on hosting providers and from massive volumetric attacks. These attacks are new and particularly troubling, and no single firewall can stop them, especially when the attacks originate from connected devices.

This is a very brief sampling of the jargon that typically separates the IT realm from the world of the syllabus and the SAT. The more you know, the more you’re in a position to bring those worlds together, for your institution and for its population.

eSchool Media Contributors