The easiest way to explain cloud is by talking about Pizza. We updated the story to talk about Security and the AWS Shared Security Model by talking about cake! Cloud, Security, Pizza and Cake what could be better?

1. Pizza & Cloud
2019 Update: Now Includes Cake & Security

2. One of the easiest ways to define cloud is
to compare it to pizza!
No, seriously!
You’ve probably already seen this but
we’re surprised by how many people
haven’t so we thought we’d share it
again.

3. Four Strategies of Pizza:
➔Made at Home
➔Take & Bake
➔Delivery
➔Dine out
All the models have the same key elements for making an
awesome pizza experience including the dough, sauce, cheese,
toppings, fuel / electric, oven, pan, table and soda.

4. Soda
Table
Pan
Oven
Fuel / Electric
Toppings
Cheese
Sauce
Pizza Dough
Soda
Table
Pan
Oven
Fuel / Electric
Toppings
Cheese
Sauce
Pizza Dough
Soda
Table
Pan
Oven
Fuel / Electric
Toppings
Cheese
Sauce
Pizza Dough
Soda
Table
Pan
Oven
Fuel / Electric
Toppings
Cheese
Sauce
Pizza Dough
Pizza as a Service
Made at Home Take & Bake Delivery Dine Out

5. ➢Obviously Made at Home makes you
completely responsible for everything.
➢Take & Bake allows you to pick up a pizza of
your choice, throw it in the oven at home and
enjoy.
➢Delivery makes it so seriously easy, it just
shows up and you enjoy.
➢Dine Out means you don’t even have to throw
the paper plates away.

6. How often you eat pizza, the types of pizza, if you
have a pizza oven, how lazy you are and many
other factors go into picking the right model for
you.
Heck, you might even use all the models for your
pizza sourcing. We do!

7. Four Cloud Strategies (compared to Pizza):
➔On Premise – You Manage
➔Infrastructure as a Service (Iaas)
➔Platform as a Service (PaaS)
➔Software as a Service (SaaS)
Key elements to determine your cloud service needs include
Networking, Storage, Servers, Virtualization, Operating
System, Middleware, Runtime, Data and Applications. You
also need to include Security, Automation / Orchestration,
Service Assurance / Monitoring and Governance & Processes.

8. Application
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Application
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Application
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
Application
Data
Runtime
Middleware
OS
Virtualization
Servers
Storage
Networking
On Premise
You Manage
Value -->
IaaS
Infrastructure as a Service
Cut IT Expenses &
Complexity
PaaS
Platform as a Service
Accelerate Time
To Market
SaaS
Software as a Service
Immediate Access
& Value
Security
Automation /
Orchestration
Service
Assurance /
Monitoring
Governance &
Processes
Cloud Stacks Move as Far Up The Stack As Possible

9. Maybe this comparison takes it too far for some, but for
us it works to keep the conversation very simple (it also
makes us very hungry).
It’s amazing how often we come back to this
conversation. We always encourage our customers and
business partners to move their services as far up the
stack as possible (where and when it makes business
sense)!
Enjoy your pizza and your cloud!

10. But wait,
there’s more...

11. One of the easiest ways to talk about
security is to talk about cake, err I mean
layers!
No, seriously!
You’ve come this far, be patient and see
where this crazy story goes. Plus after all
that pizza you need some dessert!

12. “Layers...
You both have layers. You know, not
everybody likes onions (security).
Cake!
Everybody loves cakes!
Cakes have layers!”
Donkey, From Shrek

13. Security in the Cloud is a Shared Responsibility.
"Security IN the Cloud" - Customer responsibility
is determined by services they consume. You are
always responsible for your content and
applications.
"Security OF the Cloud" - Your Cloud Provider is
responsible for protecting the infrastructure that
runs all of the services they offer.

14. Customer Content
Client-side
Data
Encryption
Platform, Apps, IAM
OS, Network & Firewalls
Foundational Services
Compute, Storage, Database,
Network
Infrastructure
Server-side
Data
Encryption
Network
Traffic
Protection
Customer Content
Client-side
Data
Encryption
Platform, Apps, IAM
OS, Network & Firewalls
Foundational Services
Compute, Storage, Database,
Network
Infrastructure
Availability Zones, Regions, Edge
Locations
Server-side
Data
Encryption
Network
Traffic
Protection
Customer Content
Client-side
Data
Encryption
Platform, Apps, IAM
OS, Network & Firewalls
Foundational Services
Compute, Storage, Database,
Network
Infrastructure
Availability Zones, Regions, Edge
Locations
Server-side
Data
Encryption
Network
Traffic
Protection
Customer Content
Client-side
Data
Encryption
Platform, Apps, IAM
OS, Network & Firewalls
Foundational Services
Compute, Storage, Database,
Network
Infrastructure
Availability Zones, Regions, Edge
Locations
Server-side
Data
Encryption
Network
Traffic
Protection
On Premise You Manage AWS Infrastructure Services AWS Container Services AWS Serverless, Micro
Services & SaaS
AWS Shared Security ModelMove as Far Up The Stack As Possible
Customer’s Security Responsibility Decreases as They Move
Right
Customer
Responsibility
ASW
Responsibility

15. Similar to the Pizza & Cloud models,
Security becomes easier the further up
the stack you go!
Changing your applications, technology
stacks and culture is where you have to
invest to get the value! And that’s not
always so easy.

16. Just like AWS always says, Security is Job
Zero! It has to come before anything else
and has to be baked (see what we did
there?) into everything!
There are core Security Design Principles
that need to be addressed no matter
where you are hosting.

17. Security Design Principles
★ Implement a Strong Identity Foundation
★ Enable Traceability
★ Apply Security at All Layers
★ Automate Security Best Practices
★ Protect Data in Transit and at Rest
★ Prepare for Security Events

19. Cake &
Security
Have
Layers

20. Happiness = Piece of Cake
Security Layers = Cake Layers
Good Cloud Security = Much Happiness

21. aarons@zuggand.com
linkedin.com/in/aaronsandeen
Aaron V Sandeen
Thanks!
Please let me know if you’d like to talk about Pizza or Cake. I guess it’s ok if
you’d like to talk about Cloud or Security too!
I’d love to hear what you think!