Consider the security risk imposed by the internet which is the support environment for the cloud computing resources. The IaaS infrastructure can be compromised using an array of intrusion methods including interceptions, snooping and malware among many others. Therefore, the users of this service must implement several security measures to protect the acquired IaaS resource.
System encryption: A security method that serves as the single most important resource for any publicly deployed resource. In this security feature, the data used by the enterprise is encrypted using certain protocols and access keys. These keys are integrated into the operating system and provided to the members of the organizations (verified members) which protects the information being used. Furthermore, the channels of communication (networks) are also encrypted using specialized parameters such as VPNs (virtual private networks) which boosts the security of the access environments (Mogull, 2017).
IaaS service isolation: The cloud resource will be accessed by different people within the leasing organization. These people will hold different roles within the organization and thus will require different data and resources. Similarly, the IaaS instance should be isolated based on a specified access policy. This policy would isolate the structure of the IaaS infrastructure thus enhance its accountability and management.
Infrastructure assessment and management: These roles that would be accomplished by using firewalls and intrusion detection systems. In essence, these security features would assess the data packets being transferred between the host organization and the IaaS instance thus filter out all the negative intrusions and content (Walker, 2015).
Time convenience: When properly implemented, the security features of the IaaS instance would mitigate attacks and intrusion. This outcome would enhance the speed of operations as the computational power of the IT equipment would be dedicated to service delivery (Shumaker, 2016)..
Cost saving: Similarly, the security features would minimize the expenditures of fixing damaged equipment and resources due to attacks. Moreover, the cloud resource would suffer minimal damages and congestion which would improve the cost expenditures.
Virtualization conveniences: Without the security limitations of virtualization i.e. the internet, the subscriber can benefit from the affiliated conveniences of online systems such as the flexibility, scalability and mobility of IT resources (Shinder, 2011).
The complexity of the security configurations: During the deployment of the IaaS instance, the user will have to consider many different parameters in order to successfully utilize the leased resources. In addition to this, the security feature will also have to consider the environment of operation and deployment languages which will intensify the risks of the security features.
Compatibility of security methods: All security methods will require privileged access to the resources being used. While in action they will also root out other complementary features accessing the same system which may serve as a conflict in case multiple security features are used (Mehtra, 2014).
Data security and privacy – the data is migrated to unknown locations and is handled by a third party member. Therefore, its security is not fully guaranteed and can also be exposed to reveal confidential information (Healy, 2015).
Migration complexities – a database owned by an organization like Webb’s Stores will contain billions of records which may be lost during the migration process due to the complexity of the move.
Limited data control – unlike in-house facilities, the subscribers do not have a physical access to their data. Moreover, they cannot adequately track their information as its ferried over the internet (Braddy, 2014).
System compatibility – to date there are no specified standards for cloud resources, this outcome enables service providers to use different operational standards including the deployment languages. As a subscriber, the leased resource (IaaS) may fail to align with the in-house facilities.
Limited user control – again, the subscriber cannot adequately track the resource hosted online. Therefore, the IaaS instance may lose some resources while the subscriber is unaware. Moreover, the overall control of the cloud resources is maintained by the service provider and not the user (leasing party) (Badola, 2015).
System outage and downtimes – the IaaS resource is subject to the limitations of online facilities such as internet downtime and bandwidth. In true sense, the IaaS infrastructure is fully an online resource that depends on an internet connection and its affiliated risks.
Data leakage – while using the IaaS resource, Webb’s Stores will require regular communication with its service provider for support services. This communication will take place through public channels which if not well encrypted and protected will leak information to the public.
Cyber-intrusions – secondly, the organization will also have to contend with the possibility of being hacked or attacked by malicious individual trolling the internet. Their communication channels may also be intercepted to acquire access information for the leased services, a common occurrence today (Healy, 2015).
Data privacy – in addition to this, the subscriber may be required to verify their identity using confidential information such as address and identification number in order to improve the security of the access procedures. Now, in case of a data leak during the communication process, the privacy of the parties involved is lost, an outcome that can also endanger their security.
i. Backing up data risks
Storage/size limitation – the backup process will be limited by the speeds of the internet connection. This outcome will affect the time frame used to store data online which will interfere with the backup process
Backup window – due to the limitations of the network (e.g. bandwidth), the subscriber will frequently have a short access window to back up their resources more so, when the access networks are affected by the elements of internet operation (Manes, 2012).
Downtime – internet downtime is a substantial risk for the backup process as it will interfere with the entire storage plan of the organization. Similarly, any outage associated by the service provider will affect the backup process.
ii. Data storage
Data leaks – cloud resources are prone to data leakages because of their operating environment which is associated with intrusion and system interceptions. Therefore, any data stored in these facilities will have to contend with the risk of being exposed to the public.
Data security and privacy – cloud service providers will store data in different locations unknown to the subscriber which eliminates the physical security available to users using in-house storage facilities.
Data management – most of the risks identified above stem from the limited control provided to the subscriber who essentially surrenders their data to a third party member. This minimal control presents the biggest risk to using cloud storage facilities (Prinzlau, 2017).
iii. Data retrieval
Varying access time – when disaster strikes, the affected organization requires a fast solution to acquire its original resources. The process of re-acquiring the backup resources stored in cloud facilities will also be subject to the limitation of internet connections which will affect the access window and time (Healy, 2015).
Unavailable SLAs – the risk identified above is as a result of the problems caused by internet connection. Now, Webb’s Store may have a service agreement with the cloud service provider however, this agreement does not guarantee the data retrieval process as its subject to the limitations of the network, be it bandwidth or data throughput.
First, the recovery procedure is transformed from a physical IT component to a virtualized resource hosted in an online facility. Therefore, there will be a distinct isolation between the physical structure of the organization and the software or system applications. This outcome will improve the DR plan because the organization will not need to replicate all the foundational elements of a recovery procedure. What does this mean? Backup resources of the overall system such as operating systems, patches and support applications will be hosted in a centralized system which will be continuously updated based on the original system (Healy, 2015).
In addition to this, the benefits of virtualization will also trickle down to the backup and recovery procedures where resources will be readily available so long as an internet connection is provided. Again, this will increase the flexibility and scalability of the DR plan where any given business location will serve as a backup location in case of a disaster. Finally, the DR plan will become both time and cost effective due to the availability of resources.
End to end access protection – starting with the encryption of the access ports of the network, the IaaS resource should be protected at both ends i.e. one the service provider systems and the subscribers.
System authentication – a multifactor system should be used to access the IaaS instance. This authentication process can be done using passwords and biometric systems (Microsoft, 2017).
Constrain the privileged access – very few members of the subscribing organization should have access to the privileged modes of the IaaS infrastructure. Furthermore, this access should be given to a single individual to avoid a single point of failure.
Access policy – the policy adopted should reflect the roles of the company’s staff a strategy that would improve the system’s accountability and facilitate the management of attacks (Microsoft, 2017).
SQL authentication and management – all logical SQL instances are developed with automatic security features. These features will include system authentication, a measure that should be activated in this instance.
Packet filters – traffic between the SQL instance and the host organization should be closely monitored for any variations that may harbour attacks.
Limited network administration – a basic access protection method that ensures very few people are able to alter the state of the network. These individuals will also monitor the network using intrusion detection systems and firewalls.
Encrypting the access nodes – all access nodes to the cloud network should be encrypted to frustrate the objectives of intruders. Now, this security feature is necessary as most network systems are designed to offer an all-access path to any given network, e.g. the Cisco devices which have access ports in dynamic modes. Therefore, the first step in access protection should be to encrypt and shut off all unused network ports (Sovetkin, 2017).
Standardized access procedures – the enterprise has many business locations and they all require access to the backup facilities. Therefore, the access to these resources should be centralized to standardize the security measures put in place. Furthermore, this standardization will help in system updates which will be executed across all business locations.
Encrypt the storage facilities – the backup resources i.e. server disks should be tokenized to limit their access to verified members of the organization. The same feature will also protect the access keys used in the cloud resources as they are integrated into the backup procedures (Healy, 2015).
References
Badola, V. (2015). Cloud migration: benefits and risks of migrating to the Cloud. Cloud Migration for Enterprises , Retrieved 22 September, 2017, from: https://cloudacademy.com/blog/cloud-migration-benefits-risks/.
Braddy, R. (2014). Risks And Rewards Of Moving Data To The Cloud. Enterprise Tech, Retrieved 23 September, 2017, from: https://www.enterprisetech.com/2014/09/26/risks-rewards-moving-data-cloud/.
Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Retrieved 09 September, 2017, from: https://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud.
Manes, C. (2012). What are the risks of backing up your business data in the cloud? DR Journal, Retrieved 22 September, 2017, from: https://www.drj.com/articles/online-exclusive/what-are-the-risks-of-backing-up-your-business-data-in-the-cloud.html.
Mehtra, H. (2014). Issues and Standards in Cloud Security. Retrieved 09 September, 2017, from: https://www.cse.wustl.edu/~jain/cse571-14/ftp/cloud_security/index.html.
Microsoft. (2017). Security best practices for IaaS workloads in Azure. Microsoft Azure, Retrieved 23 September, 2017, from: https://docs.microsoft.com/en-us/azure/security/azure-security-iaas.
Mogull, R. (2017). Cloud computing encryption and IaaS security. Tech target, Retrieved 23 September, 2017, from: https://searchcloudsecurity.techtarget.com/tip/Cloud-computing-encryption-and-IaaS-security.
Prinzlau, M. (2017). 6 security risks of enterprises using cloud storage and file sharing apps. Data insider, Retrieved 23 September, 2017, from: https://digitalguardian.com/blog/6-security-risks-enterprises-using-cloud-storage-and-file-sharing-apps.
Shinder, D. (2011). Security Considerations for Infrastructure as a Service Cloud Computing Model. TechGenix, Retrieved 23 September, 2017, from: https://techgenix.com/security-considerations-infrastructure-service-cloud-computing-model/.
Shumaker, L. (2016). 5 key benefits of the Microsoft Azure Cloud Platform. Menlo Technologies, Retrieved 22 September, 2017, from: https://info.menlo-technologies.com/blog/5-key-benefits-of-the-microsoft-azure-cloud-platform.
Walker, S. (2015). 5 Benefits of a Cloud Computing Security Solution. TBCONSULTING, Retrieved 09, September, 2017, from: https://www.tbconsulting.com/blog/5-benefits-of-a-cloud-computing-security-solution/.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download