CISSP Case Study – Moving To Cloud
If you’ll look into Sagar Bansal Companies, you will find out that we have more than two dozens of domain names. So our Godaddy account, it looks like three pages filled with that, one after another. Well, if we have so many domain names, we certainly run a lot of websites and that needs servers. So we got two dedicated servers. Now one day I was just checking the finance of the company and I found out that you’re spending $50,000 on maintaining these websites and I was like freaking $50,000. I mean seriously, $50,000! Where the hell is this money flowing? And I just asked my CIO, I was like, man, where is this money flowing? $50,000 to manage these websites. What are you doing? And I just asked him to get me a quick report and seems like the major cost factor is people, you know, these people, they cost a lot.
We got to pay salaries, we got to have freelancers. You are paying them every day, so these people are costing a lot and these servers… Electricity Bills, Internet Dedicated IPs, they’re costing a lot. So I need to cut down this cost Like, I mean this is unjustified $50,000 for maintaining the websites. I am not going to take that and this means it’s time for a board meeting. So you being the CISO suggests that if we decide to move on the cloud by which we can save a lot of money, we will face some problems and the major one is maintaining the updates and the patches. That’s going to be a big problem. And after doing a lot of research, talking to a lot of companies, we decide to go with this provider called cloudways. They’re a service provider which will be managing our servers, you know, updates, maintaining them, patching them, any security vulnerabilities.
They will be managing everything in the server hardware, operating system, run time, you name it. Well but that our problem is solved and we are ready to push our code on their platform. Now, most of the services we have are basically based on WordPress, which is a CMS if you don’t know. But we also got some custom coded stuff which is running on NodeJS, Ruby, Python, PHP. My developer, he’s basically crying is saying that we need a version control system. We need a code management system. We cannot just manually go ahead and upload the code. We need something which can automate the process. And luckily we reached the cloudways support. They tell us that, listen, we got GIT Integration. G I T Integration through which you can automate everything. You can easily push or pull your code, you can keep the track of versioning.
It’s a complete solution for our needs. So we got GIT integration prebuilt in the service plan, which we were taking. And with that the problem is solved. But again, I am the CEO of the company. I got a big, big problem. You know, I, I talk about the money stuff. I talk about finance. Uh, downtime is my major concern. You know, if this was a dedicated server, I mean it’s front of me. I can just go ahead and fix it. I can just go ahead and change things. But now it’s a cloud and I don’t know how do they deal with downtime? If my websites, my projects goes down, my applications, they go down, I’m going to face serious crisis. I can afford maximum three hours of downtime in a day and that should not be very frequent. Three hours is my limit. So we reach CloudWays again and luckily they say that they have signed an agreement, they have signed, an SLA service level agreement with another companies, their partner companies, which provides them 99.99% uptime.
So I guess we are all set. We just paid them for one year in advance, which wasn’t required, but we love their service. So we just paid them and now we have a cloud service provider taking care of all of our needs. You know, taking care of our bulky stuff, managing the updates, managing every single thing in our operating system. Even services like Apache, MySQL database, they’re managing all of that. Our data is very secure, we can keep track of versioning by GIT which they have provided as an integration. It’s a 99.99% uptime. What else do we need? And the bonus, we are saving $35,000 now. So earlier, we were paying 50,000 now you’re paying 15,000. We are Saving $35,000 every year. Goodbye to dedicated servers
Now Question Time:
which cloud model we have just moved to?
A. Managed SaaS
B. Unmanaged SaaS
C. Managed PaaS
D. Managed IaaS
Answer To This CISSP Question:
If you try to google a little but about these models
Option A is Managed Software As A Service where the cloud provider gives you the software and you can use it. They are the one who fully manages it. You are only responsible for your data. An example here is Microsoft Office 365. It is a cloud version of their office which normally comes in versions like Office 2016 or 2019 etc. They are the one who manages this software, You just use it using your browser.
Option B which is Unmanaged Software As A Service is same as SaaS but the difference between both is that in a MSaaS, the cloud provider configures and take cares of every single client. A completely custom setup as per needs. But in a SaaS, you are just leasing the license. What everyone get’s is what you will get.
Option C which is Managed Platform As A Service consists of basic infrastructure like hardware, networking, etc as well as operating system, run-time environment, services installed on that. You can just deploy your own code and spin up your applications which is what exactly happened in this case. There were many clues in this case studies like CloudWays showed you their partner companies have SLA of 99.99% uptime which basically means they are taking an IaaS Service from someone else and giving you as a PaaS by adding their support and managing addons.
Option D is Managed Infrastructure As A Service and here the provider only helps you with basic infrastructure related issues like networking issues, storage faliures etc. Normally you don’t even get to know when something happened and what happened. They just keep managing it in backend. You are the one responsible for maintaining every thing you setup with that infrastructure. Even the operating system is your headache
Were you able to answer this correctly?
My CISSP MASTERCLASS has changed thousands of lives, It’s time for you to take action. Click Here To Start Your Free Trial