Читать книгу The Official (ISC)2 CCSP CBK Reference - Leslie Fife, Aaron Kraus - Страница 59

Maintenance and versioning in a cloud environment have some advantages and disadvantages. Each party is responsible for the maintenance and versioning of their portion of the cloud stack. In a SaaS solution, the maintenance and versioning of all parts is the responsibility of the CSP, from the hardware to the SaaS solution. In a PaaS solution, the customer is responsible for the maintenance and versioning of the applications they acquire and develop. The platform and tools provided by the platforms, as well as the underlying infrastructure, are the responsibility of the CSP. In an IaaS solution, the CSP is responsible for maintenance and versioning of hardware, network and storage, and the virtualization software. The remainder of the maintenance and versioning is the responsibility of the customer.

What this means in practical terms is that updates and patches in a SaaS or PaaS environment may occur without the knowledge of the customer. If properly tested before being deployed, it will also be unnoticed by the customer. There remains the potential for something to break when an update or patch occurs, as it is impossible to test every possible variation that may exist in the cloud environment of the customers. This is true in a traditional on-premise environment as well. In an IaaS environment, the customer has much more control over patch and update testing and deployment.

On the positive side, there will not be the endpoints that exist in every organization that never get updated and have older, insecure versions of potentially unlicensed software. When connecting to the cloud service, the customer will always be using the newest, most secure version of the solution in a SaaS solution.

In a PaaS or IaaS, the customer is responsible for some of the maintenance and versioning. However, each customer that connects to the PaaS and IaaS environment will be accessing the most current version provided. The maintenance and versioning are simplified by restricting the maintenance and versioning to the cloud environment. It is not necessary to update each endpoint running a particular piece of software. Everyone connecting to the cloud is running the same version, even if it is old and has not been updated.