Discuss About The Cloud Computer Security Techniques Tactics?
The content of this paper is about cloud computing and its benefits and to organization currently adopting to cloud computing. Cloud computing is a type of information technology paradigm or a model which enables ubiquitous access to various shared pools of configurable items within an organization. It gives access to resources such as computer servers, computer networks, applications, storage and services. The main issues behind this report is to provide accurate information to the board members of Webb’s an organization which is currently migrating to the use of cloud computing for daily operations. Webb’s as an organization requires a cloud computing system and is determined to adoption of a hybrid cloud methodology. The organization is also concerned with the benefits, risks related to cloud data backup, management and issues. The company has settled on the use of cloud computing system in order to reduce the costs of LTO 6 tapes used for back up critical missions. The organization is also determined to reduce the cost of off-site storage the tapes and also interested in the fast backup of database through the cloud computing. The content of this paper therefore provides information to the board of Webb’s on the types of security that should deployed to protect the migration mission from the MS SQL Server 2012 R2 database to an IaaS instance in a public cloud. The content of this report ends with a well outlined recommendation on how the board of members of Webb’s on how they can fully secure and protect the newly cloud computing.
Type of security to be deployed to protect the migration of data from MS SQL Server 2012 R2 database to an IaaS instance in a public cloud
As Webb’ is planning on moving workloads to Infrastructure as a service (IaaS) the organization should consider various security measures as the mission always results to various threats to a system.
During such missions data is always susceptible to threats which must contained through deployment of various security measures. When data is being moved from one database to another, the company of an organization such as Webb’s in most of the occasions have their data shared with the service provider and this may be competitive risk to the organization as this may lead to leakage of key consumer information to the rival firm (Furht & Escalante, 2010). The management of the organization should therefore consider application of expertise in securing the virtual environments as well as utilizing new options to secure the mission.
During such missions Webb’s is likely to fall a prey to cyber attackers who are always ready during such missions as a result of various organizational administrators’ performance of action while using their accounts which have elevated rights. During the mission critical use of resources such as emails and internet browsing can be hazardous even though these applications seems innocent enough (Antonopoulos & Gillam, 2017). During the mission use of emails and browsers may expose the elevated accounts to a state of compromise by various malicious actors. The board should therefore ensure the application of privileged access workstations to reduce the susceptibility of the system during the mission to cyber-attacks as well as malicious actors.
In order to secure data during the migration, the management board should consider data encryption and application of multi- factor authentication. When migrating from one system of database to another both the new system and the previous system must be secure. Webb’s should therefore apply the above security measure during the mission critical and this security method should be simple and comply with the exceptional demands of their demands on privacy as well as secure the whole system (Buyya, Broberg & Gos?cin?ski, 2011). Encryption of data during transmission applied together with an operational multi-factor authentication as well as authorizations tools should provide security to the mission.
Webb’s management board should also verify the provider who is contracted to help with the migration mission. The board should read the cloud contracted provider’s service level agreement and check how the provider is prepared to secure the whole system during the mission. They should also check to see the provider’s rate of transparency and apply various legal issues to ensure that the whole proses is secure. The board and the cloud provider should be aware of their responsibilities during the whole process, this will enable the appropriate action to be taken by each party.
The implementations of the above security measures during the mission critical comes with a lot of benefits and issues to an organization going through the process. The first issues is the identification of various important organizational team to give the privilege action to the to the created work station. The board should be keen enough when coming up with the privileged workstations as this may lead to some team members feel inferior to other fellows at the same level of duty. Even though this may an issues the board is mandated to ensure security for the whole critical transmission process (Furht & Escalante, 2010). The use of privileged access workstation will prevent the loss of key information to malicious actors through elevated accounts. Any organizational data is important to the competing entity in the same sector thus application of this security measure during the critical mission is of great important to the organization.
The data encryption as security measure may be an additional work to the board to decide on but it is the best security measure for the data migration. The process of moving various system form some of Webb’s branches to the main firm is quite a threat, the organization should therefore key encrypt various data from the branches. This will prevent the access of information by malicious people internally and externally (Antonopoulos & Gillam, 2017). The encryption of the data is also important as data is always being shared with the cloud computing provider during the transfer, with the encryption the organization is therefore able to keep their privacy.
It is also beneficial for the organization to use the multi-factor authentication as this will identify the management in cases of a login to the system during the mission. The system of multi-factor authentication is beneficial to Webb’s as it will safeguard the access to the data during the migration process while meeting various demands of the whole process (Encyclopedia on cloud computing, 2014). The firm will may have and issues with acquiring mobile phones linked to the system as multi-factor security measure provides strong authentication using options such as phone calls, phone text messages or mobile phone notifications. The board of management should therefore decide on one of the notification methods to in order to protect their privacy during the data migration.
As reveled by the Cloud security alliance, cloud computing system may be beneficial to an organization such as Webb’s, however, the system faces top three threats or risks. These threats include insecure interfaces together with API’s, loss of data and leakages and failures related to hardware (Ivanov, Sinderen & Shishkov, 2012). These three risks accounts to 29 percent, 25perceng as well as 10 percent respectively. Risks during the migrations affects various systems of the cloud system. There are various risks associated with cloud migration which must not be ignored by Webb’s as an organization.
Migration to the cloud system may result into data loss within the data base or even breaches. Even though cloud providers as seen as people who build better infrastructure equipped with the redundancy compared to other firms offering the same services, there is a possible risk of data loss that may be as a result of a breach or even how errors occurring within the database are being handled by the provider (Vaquero, Caceres & Hierro, 2012). Cloud providers may at the point of migration provide poorly configured permissions leading to massive data loss to people attackers. Since the organization is adopting hybrid cloud system, the breach from data bases may be from within the organization or from the providers. Some of the logging identities to the database may be accessed without proper restriction of access by various attackers leading to data breach or loss of data in the database (Furht & Escalante, 2010).
The cloud system is susceptible to various risks and threats ranging from the traditional threats, IT environment threats as a result of the provider. Migration to the cloud computing system by Webb’s can leading to breaches and even data losses. In case of improper implementation of IPIs system the system can easily be reached by malicious actors. Improper installation of the IPIs system may lead to breakdown of existing client data in the cloud system (Jamsa, 2013). Another risk which may occur in the IaaS system is stolen credentials, the logging credentials may be leaked by the malicious insiders and this may lead to access of key information to opponent firms making the organization susceptible to competition. Stealing of information can be done through the application of information stealing malwares and through phishing mails (Ruparelia, 2016). This is a big risk to the management as a result of cloud migration as it may lead to leakage of key Webb’s information that can be miss used by the attacker. Migration to the IaaS system often lead gives storage access to customers through personal domains known as the buckets for data backup. These domains can allow attackers to conduct as dictionary attack using word list and access to genuine domain prefixes leading to leakage of information.
The communication between Webb’s and their IaaS in the cloud may be easily suffer hacking attacks if the provider to not properly create an implement the APIs. With the implementation of the Cloud system, Webb’s as an organization have all their client application like a black box running on a provider servers. During the communication the cloud system share a lot of resources across the multiple clients (Antonopoulos & Gillam, 2017). Due to the sharing of the information and resources the key information from the organization may be leaked there by providing information to malicious actors. This happens through the side communication channel timing attacks which have been witnessed a lot in the past, and these attacks always results into cryptographic keys across the virtual system. Most of the side channel attacks can massively course vulnerabilities within the core components in the system leading such as the hypervisor leading to collapse of the whole cloud computing system.
Backing of data is one of the most important action firms always take in order to remain hold of various key information. Accidents may occur, files may be deleted or corrupted, the management may change file then require the old files or software may crush leading to loss of information (Antonopoulos & Gillam, 2017). Some of the organization migrating to cloud computing system may as a result back up their data in cloud system and this in most occasions comes with issues and challenges. Backing of data into the cloud system may be risky as the Webb’s internet pipe is likely to be a limited factor. When data is backed up in a cloud system, the organization is required to have access to an internet connection in order to have the backup data (Furht & Escalante, 2010). The backups subjected to cloud are therefore slow to access as sometimes the internet is slow due to the latency and congestion within the internet. The company should therefore have to look for a quality service provider which may an issues as finding service providers who can provide endless support the backups may be a problem top reach. The organization may also have an extra responsibility having with, monitoring the usage of the bandwidth in since the organization based on the limited pipeline would be require to have a bigger pipe.
Storage of data within the cloud is risk to an organization mainly because, the organization will have to fully rely on the cloud service provider. Most the cloud providers may suffer from attacks or some without legal measures may share information with a third party and this may be a bigger risk to an organization such as Webb’s. Storage of data within the cloud system will also require the organization to rely on the security measures of the provider which may also not be strong enough (Winkler, 2011). Reputable companies like Webb’s may suffer security breaches incase of an attack to the providers system. The organization storing information within the cloud system should therefore consider backing up the data in an encrypted format due remain safe in case of a breach to the provider’s system.
The retrieval of data from the cloud may be a risk to an organization such as Webb’s. In a situation that the organization is going through a disaster and may be in the fastest need of the restore services to get the operation yup and running. Retrieval of data from down from the cloud back to the system may be slow as cloud operates through the internet thus may not be as fast as the restoration is required (Jamsa, 2013). This is a risk compare to the tapes which one may get as fast as possible to the Webb’s DR site to restore the whole system. The issue with the retrieval of data from the cloud is the need for proper evaluation of the recovery time as well as the objectives. Another issue is the time for testing the data retrieved from the cloud system.
The application of cloud backup will highly affect the DR plans set prior by the organization. By backing up the company data in the cloud system the company will therefore be in need of the DR premises which use the tapes to retrieve data. The DR site will therefore not be in much use as the organization will be able to access the backed up data through internet pipes (Jamsa, 2013). Even though the organization may reside on the cloud back, they can still have the use of the DR site as in case of emergencies the organization may not be able to retrieve the backed data within the require time. The organization, however, will need to properly assess their objectives in relation to the issues of DR sites as it may be important or not with the use of the cloud system.
The management board of Webb’s as an organization after settling into the use of IaaS infrastructure should employ various measures to take care of the system. The IaaS is one of the most basic and fundamental cloud service which should be highly secured. In order to secure the whole system the organization should adopt manage operating system since they will still deploy the system. The management of the IaaS system is one of the management responsibilities and it is recommended for the organization to organize patching, hardening assignment of rights as well as organize other various forms of maintaining the system (Furht & Escalante, 2010). In order for the system to operate smoothly the board members should organize various security protocols such use of various antivirus tools, antimalware, path the system as well as provide backup for the IaaS system.
Just as the other cloud infrastructures, the Ms SQL Server 2012 R2 cloud instance is important to the organization. This server since the organization has settled on the use of hybrid cloud system is important as it holds various key information relating to Webb’s customers. The organization should therefore encrypt the whole system in order to secure it (Jamsa, 2013). The data within the server should be encrypted whenever possible through ensuring a proper key management implementation.
The cloud network infrastructure is one of the most vulnerable infrastructure that can easily be accessed by malicious actors. This system of the cloud system should be well managed and secured. The organization should create a logging system that will always indicate and notify the responsible personnel (Hurwitz, 2009). The management should employ as mentioned a two factor user authentication while dealing with the network infrastructure. This will help increase the security in to the cloud network infrastructure. The access tokens should not be hardcoded publically with user privileges highly restricted. The logging system to the network infrastructure should be well monitored, this will help the organization to easily identify breaches and taken appropriate actions (Hurwitz, 2009). The logged in data should be well aggregated as well as correlated with the security information and event management in order to increase cloud network infrastructure.
The cloud backup system and restore infrastructure is another important part of the cloud computing system that should be well organized. Just the Webb’s would like to maintain other system (Hurwitz, 2009). Updates, backups and restoration infrastructure should also be as well taken into deeper consideration. The backup and restoration infrastructure is a true part of the cloud system and it is therefore recommended for the management to apply security measures (Antonopoulos & Gillam, 2017). A back up follow strategies should be fully followed and implementation and the workload moved to the backup system should be integrated, deployed and properly tested. The backup system should also have a multi-factor authentication in order to ensure that only authorized individuals have access to the backup and restore system.
Conclusion
Cloud computing has various benefits to various organizations such Webb’s which is currently planning adopt cloud computing. This kindly of set is cost effective to organization and will see the operation cost of Webb’s reduced by a given margin. Even though cloud computing is cost effective and may lead to profit maximization. The cloud system is also vulnerable to breaches and can see an organizations privacy being accessed by a third party who might even be the management of rivalry firm. Webb’s board members should therefore take into consideration various security measures before implementing cloud system. As recommended above, cloud computing system requires keen checking of security breaches and the organization should take cloud system audits after a given time frame.
References
Antonopoulos, N., & Gillam, L. (2017). Cloud computing: Principles, systems and applications. Cham, Switzerland: Springer
Buyya, R., Broberg, J., & Gos?cin?ski, A. (2011). Cloud computing: Principles and paradigms. Hoboken, N.J: Wiley.
Encyclopedia on cloud computing. (2014). Place of publication not identified: John Wiley.
Furht, B., & Escalante, A. (2010). Handbook of cloud computing. New York: Springer.
Hurwitz, J. (2009). Cloud computing for dummies. Hoboken, NJ: Wiley Pub.
Ivanov, I., Sinderen, M. J., & Shishkov, B. (2012). Cloud computing and services science. New York: Springer.
Jamsa, K. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones & Bartlett Learning.
Ruparelia, N. (2016). Cloud computing.
Vaquero, L. M., Caceres, J., & Hierro, J. J. (2012). Open source cloud computing systems: Practices and paradigms. Hershey, Pa: Information Science Reference.
Winkler, V. J. R. (2011). Securing the Cloud: Cloud Computer Security Techniques and Tactics. Burlington: Elsevier Science.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download