This report aims to provide a detailed discussion of the methods, risks and security issues for the implementation of cloud computing in the business of Smiths Security. The report completes the six tasks that are required for implementing cloud computing in the business structure of the company.
The company Smith Security Ltd. Runs several security businesses all over Australia. The head office of the company is located in Sydney Metro. The company has its data centres in some of the major cities, which are Sydney, Melbourne, Brisbane, Adelaide, and Perth. As the infrastructure of the company has not been modified for a significant time. So, the company is planning on migrating to cloud computing for its benefits. The idea of the company is to increase the flexibility and responsiveness.
The architectures that need to be implemented are:
The workload Distribution Architecture utilises resources of IT that can be easily scaled horizontally by utilising several similar IT resources. This can be achieved by utilising a load balancer, which delivers runtime logic that distributes the workload between the available assets of IT equally (Arora, Parashar & Transforming, 2013). This model is applicable to any resource of IT and it is commonly used with cloud services, cloud storage services, and distributed virtual services. The reason for deploying this architecture is to exercise the benefit of the cloud usage monitor that is involved in executing the runtime tracking of the workload. This architecture is also useful for information processing.
Resource pooling architecture
This architecture is based on the pooling of similar resources of IT into several groups. The pools can be either virtual or physical resources (Dinh et al., 2013). These similar pools are grouped automatically and monitored by the system that ensures the constant synchronisation. The reason for deploying this architecture is to track and synchronise the elements that are required by the resources of IT that are pooled. The monitors of cloud usage are included in this architecture during runtime. Some examples of pools of resources are:
The physical server pools consists of the networked servers that possesses operating systems and other essential applications that are installed and ready to use.
The configuration from pre-chosen templates by any customer is done by the virtual server pools when they are implemented.
The files or block based containers of storage resides in the storage pools (Varia & Mathew, 2014).
The benefits of the presented cloud architecture are:
The major issues of the recommended cloud computing architecture are maintaining confidentiality and the integrity of data for assisting in data security. Some of the problems related to cloud computing are:
|
Risks |
Description of the risks |
Controls to mitigate the risks |
|
Lack of encryption |
The transmissions of network are susceptible to eavesdropping or data theft |
Use of cryptographic protocols for shielding the transmissions from indiscriminate attacks |
|
Insufficient security risk valuation |
determining and detection of any intrusion cannot be achieved without conducting proper risk management |
Strict assessment and risk prevention must be implemented and the systems of IPS/IDS should monitor the traffic for malicious activities |
|
Poor compliance |
the breach in the parameters of compliance between the private cloud and the provider of public cloud |
The coordination of the cloud must be maintained and the demonstration of compliance of both the clouds is required |
|
Weak management of security |
The situation in the enterprise when the managers fail to service authentication, management of identity, and procedures of authorisation is weak management of security |
The controls for both the cloud should be replicated and proper synchronisation of the security data should be maintained |
|
Deprived data redundancy |
The enterprise and the hybrid cloud is put at risk if there is a lack of redundancy. This security issues rises when there are no redundant copies of data in all the data centres. |
The implementation of redundant copies of data mitigates this issue. The implementation can be done by utilising the multiple data centres that are provided by the cloud provider |
|
Failure in identifying and authenticating |
This risk is generated when there is an improper management of security management in the organisation |
The control for this risk is proper monitoring and verification of all permissions for access and synchronisations of data security. |
|
Unprotected APIs |
Unprotected endpoints of APIs exposes delicate data to several malicious attacks that can create leak of sensitive data |
The handling of the API keys should be monitored same as encryption and the keys must handled properly by any third party developers. |
|
The risk of poor protection of IP creates severe security risks that can damage the network. |
The mitigation method for this threat is manual classification of IP and quantification of risk. |
The most common threats to the cloud of AWS workspace is the issue of data breaches. This issue is a growing concern for the organisation who implement cloud in their organisation. The analysis of this security issue is provided in this section for the company.
The steps and controls that are required to prevent any security breaches are:
Reason for these steps
These controls are implemented in the security structure of the cloud for controlling the user access who are utilising the resources of cloud. The access of the user can be limited on the resources and the applications from the workspaces of the users. Specific policies need to be made for allowing the specific users the permission of creating and managing the resources for EC2 and Workspaces (Bahrami & Singhal, 2015).
Recommendation to the board
The board is recommended to implement security policies to prevent unauthorised access in the environment of cloud. These policies can be unique individual credentials to all the employees who need access in the cloud. Firewalls can be implemented in the server of the cloud to prevent the access of resources of the cloud by any unauthorised user.
The hybrid cloud implementation is essential to the companies for various aims. Some of the advantages are business reinforcement, disaster retrieval and resilience. The major reason for providing these benefits is agreement of spanning through isolated storages and locally. The enabling of these alternatives are provided by the storing in hybrid cloud. This is caused as the unprotected cloud is utilised intensively for the purpose of backup. Each application retains a distinctive characteristics and requirements of High Availability or HA. AWS provides several infrastructural building blocks for helping the organisation for requirement meeting in methods that are cost efficient. The analysis for high availability that will be carried out for confirming the applications recovery as the needs arises and not just the component recovery would be included in an effective HA strategy (Hwang, Dongarra & Fox, 2013). The recommends, which are required to be involved in the business BCP according to the checklist of Morad and Dalbhanjan are as follows:
Disaster Recovery and backup
All the applications that are hosted in the cloud of the organisation has a distinct requirement of recovery of disaster that needs to be connected with the purposes of requirements associated to the geographical location of the cloud, recovery points and the recovery time that checks the physical vicinity of the disaster recovery sites. An effective disaster recovery strategy includes the DR type that needs to be included for confirming the expected application restoring. An effective strategy should include strategy of DR that will consist the regional duplication, recovery midst region-wise, administration of the comprehensive traffic or popularly known as load balancing, and maintaining. The techniques and the AWS that needs to be included in the business BCP for implementing an efficient strategy of DR:
The backup recommends that needs to be considered are:
|
ü |
The understanding of which Amazon EBS instances is supported versus the instances that are store-backed is done and the most suitable storage type is chosen purposely and get the understanding of the results of data determination, recovery and backup. |
|
ü |
Dynamic IP addressing of AWS is understood and it has been ensured that the application will operate when the components of the applications are restarted |
|
ü |
The deployment of the acute components of the applications across zones of several availability, those are suitably duplicating the data among the zones, and it has been tested how the failure within the components affects the availability of application. |
|
ü |
The understanding of how the failover will take place through the deployed components of application in the multiple zones of availability and they are utilising Elastic load balancing or third party and the elastic IP addresses wherever suitable. |
|
ü |
The utilisation of the suitable credentials is done for accessing the user account of the operating system and they are not involved in the key pairing of private key of the AWS instance with each administrators of the system. |
|
ü |
The utilisation of the CNAME records is executed for mapping the DNS name of the Elastic load balancing or the buckets of Amazon S3. |
|
ü |
Before the sharing of the images of Amazon machine with others is done, the removal of all the confidential and sensitive information that includes embedded private/public key pairs of instance is done and the reviewing of all the files of SSH authorised keys is done. |
|
ü |
The signing up of the production accounts of AWS for the enterprise or business support is done and the plan to incorporate reports of trusted advisor of AWS into the ongoing reviews of operation is done. |
The AWS RDS database is the service of distributed relational database by the AWS. It is based on the services that are running inside the cloud, which are designed for simplifying the operation, setup, and the scaling of the relational database to utilise in the applications.
The features of Amazon RDS are:
The benefits of the cloud service of AWS needs to be exercised. Some of the benefits of the services of AWS are:
Issues of AWS are:
Conclusion
Therefore, it can be concluded that the migration of the company to hybrid cloud storage creates several opportunities of business growth. The architectures that need to be implemented are workload distribution architecture and resource pooling architecture. The benefits of the cloud architectures are Innovative software are flexible costs, availability, mobility improvement, developed collaboration, and scalability. The information security steps and controls are access administration controls and effective identity, regular data encryption, protection of APIs, collection and utilisation of security logs, responsibility of managing the cloud, utilisation of optimised solutions for data security, controls of deployment in cloud and centralisation of governance, and understanding of the vulnerabilities.
References
Aazam, M., Khan, I., Alsaffar, A. A., & Huh, E. N. (2014, January). Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved. In Applied Sciences and Technology (IBCAST), 2014 11th International Bhurban Conference on (pp. 414-419). IEEE.
Ali, M., Khan, S. U., & Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and challenges. Information sciences, 305, 357-383.
Amanatullah, Y., Lim, C., Ipung, H. P., & Juliandri, A. (2013, June). Toward cloud computing reference architecture: Cloud service management perspective. In ICT for Smart Society (ICISS), 2013 International Conference on (pp. 1-4). IEEE.
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing using encryption algorithms. International journal of engineering research and applications, 3(4), 1922-1926.
Bahrami, M., & Singhal, M. (2015). The role of cloud computing architecture in big data. In Information granularity, big data, and computational intelligence (pp. 275-295). Springer, Cham.
Computing, C., Storage, R., & Storage, E. B. Amazon Web Services. HPC Server Clusters (8 years).
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing: architecture, applications, and approaches. Wireless communications and mobile computing, 13(18), 1587-1611.
Hwang, K., Dongarra, J., & Fox, G. C. (2013). Distributed and cloud computing: from parallel processing to the internet of things. Morgan Kaufmann.
Kumar, R., Gupta, N., Charu, S., Jain, K., & Jangir, S. K. (2014). Open source solution for cloud computing platform using OpenStack. International Journal of Computer Science and Mobile Computing, 3(5), 89-98.
Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE transactions on parallel and distributed systems, 24(1), 131-143.
Modi, C., Patel, D., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey on security issues and solutions at different layers of Cloud computing. The journal of supercomputing, 63(2), 561-592.
Pino, C., & Di Salvo, R. (2013, January). A survey of cloud computing architecture and applications in health. In International Conference on Computer Science and Electronics Engineering.
Rewagad, P., & Pawar, Y. (2013, April). Use of digital signature with diffie hellman key exchange and AES encryption algorithm to enhance data security in cloud computing. In Communication Systems and Network Technologies (CSNT), 2013 International Conference on (pp. 437-439). IEEE.
Sareen, P. (2013). Cloud computing: types, architecture, applications, concerns, virtualization and role of it governance in cloud. International Journal of Advanced Research in Computer Science and Software Engineering, 3(3).
Sharkh, M. A., Jammal, M., Shami, A., & Ouda, A. (2013). Resource allocation in a network-based cloud computing environment: design challenges. IEEE Communications Magazine, 51(11), 46-52.
Varia, J., & Mathew, S. (2014). Overview of amazon web services. Amazon Web Services.
Zhou, J., Leppanen, T., Harjula, E., Ylianttila, M., Ojala, T., Yu, C., … & Yang, L. T. (2013, June). Cloudthings: A common architecture for integrating the internet of things with cloud computing. In Computer Supported Cooperative Work in Design (CSCWD), 2013 IEEE 17th International Conference on (pp. 651-657). IEEE.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download