Saturday, December 7, 2019

In Privacy And Security For Cloud Computing -Myassignmenthelp.Com

Question: Discuss About The In Privacy And Security For Cloud Computing? Answer: Introducation It is very important that Webb stores should not fully rely on the encryption services offered by the cloud vendors. As encryptions services consumer, huge resources, cloud vendors offer minimal encryption services. Instead Webb stores should also use encryption at their end before sending the data on the cloud. They also ensure that encryption key is located in on premise locations only and not on cloud. Restricted access to employees: People should have restricted access based on their role and should see only the data they need. Critical data should be read only so that no one can change it. Using RSA Secure ID systems for generating real time passwords and extra layer of prevention (Khanezaei, Hanapi, 2014) Ensure that all the machines have latest anti-viruses and all the fixes whether they belong to software, operating systems or any other should be installed as soon as possible. The only way to ensure is that controlling the updates features centrally and do not give users the choice of not installing updated (Hashizume, et al., 2013). Recent attack on NHS hospitals of UK by malware WannaCry was happened because the company did not update the latest fix by Microsoft which Microsoft released 2 month before this ransomware attack. Describe the benefits and issues that would be the result of your deployment of these security measures. Using encryption at Webb stores before sending data to the cloud is highly effective and while transmitting also, data is encrypted. Also, this will provide another layer of data protection and maintain confidentiality since even cloud vendors will do no have access to your data. Restricting access will ensure that only the key people have access to important functions like edit the data (Pearson, 2013) Secure ID systems that will generate real time password will add multi factor authentication and even if one of the password of user is leaked, still the intruders will not able to enter the system due to non-verification of RSA secure password. Ensuring updated version of every tool will ensure the protection because these tools and operating systems found the vulnerabilities in their systems from time to time and release fixes to remove these vulnerabilities (Rittinghouse, Ransome, 2016) What are the risks associated with migrating this mission critical database to the cloud? You should name and describe each risk that you identify that applies to: The database Data loss risks applies to the database. In case of a provider going of a business or suffers from technical problem at their end, there is a risk of losing the complete databased for the Webb stores. Data removal risk: This data is mission critical and suppose Webb stores wants to remove any data from their database, it will be removed from its database but how it will be permanently removed from the cloud as cloud is maintaining multiple copies at multiple locations. The IaaS infrastructure Compliance risks: There are rules and polices of Cloud computing designed by the Australian and New Zealand government and each IaaS Infrastructure must abide by those polices. There are policies that prevent vendors from storing data outside the country but cloud vendors maintain numerous copies of their Cloud and stored them in their data centers across different parts of the world. There are various Audits like SAS 70 and many more and each cloud vendor must furnish the details of conducting these audits and thus it is mandatory that cloud vendor must abide by all such policies. Vendor lock in risks: It is possible that IaaS vendor has suddenly increase the prices of their services or there can also be any other conflict and thus, Webb stores want to move their data out of the cloud on some other vendor cloud or on their premise, how it will be handled. Sometimes vendors claim their proprietary data if data is created or analyzed by using their tool, how such things will be handled is a big risk (ALi, Khan, Vasilakos, 2015). The communications between Webbs and their IaaS database in the cloud Data leakage risks: There is risk of intruders and attackers during data communication between Webbs and their IaaS database (Chang, 2015) Identity Access management risk: There is risk of identity verification and if right authorized person is accessing the data. Webbs is considering the use of the Cloud for backup and possibly also for archival of records. What are the risks and issues associated with backing up data to the cloud? You should name and describe each risk that you identify that applies to: Backing up data to the Cloud Too much time in restoring backup: Backing up the data is used so that in case anything goes wrong, backup data can be used. Now, Webb must ensure the timely retrieval of their backup data from the cloud. Restoring data from cloud using bandwidth will be very slow as compared to the restoring the backup from the tapes (Nicolini, et al., 2015) Backup Windows size: For backup, Data needs to be moved from machines to servers on a continuous basis and thus it will be consuming the bandwidth making the overall network slow (Yao, Lu, Zhu, 2014) Storage of data in the Cloud Data privacy risk: Webb stores having the confidential information related to payment details of customers and many more and any compromise of the cloud security vendor can put the companys data on risk iii. Retrieval of data from the cloud. Identity Risk: Cloud vendors do not have strong mechanism in place to distinguish between the authentic traffic and malicious traffic which is a very high risk for the Webb stores. Network risk: Cloud vendor will send the data after decryption to your systems and if the Webb stores is not using encryption/decryption at their end, unencrypted data transmission over the network can be very much vulnerable to attackers and intruders. How does Webbs use of a Cloud backup affect their DR plans? Describe how you see that their backup and restore strategy will change as a result of this service. Earlier backup was maintained on the tapes in-house and hence retrieval is pretty much fast however in case of outsourcing backup services also to the cloud vendor, Disaster recovery plan must be changed. In this case, DR plans will make use of bandwidth and thus Webb stores should ensure that it is using high speed internet so that restoration can happen very quickly. Webb stores also plan to conduct a pilot project regarding restoring the backup and can analyses the time needed, costs and bandwidth requirements (Couto, et al., 2014). How should Webbs protect access to these services that they are now moving to the Cloud? Describe what you would recommend to Webbs Board to protect access to: Their IaaS infrastructure, Webb stores should give access to only authorized person based on their role. For example, a person responsible for buying should see only the relevant details based on his role and not everything that is stored on the cloud. Another way is to use services of specialized security and Access management vendors like RSA Secure ID that generates a password on real time basis and involves multi-factor authentication (Khalil, Khreishah, Azeem, 2014). This will drastically reduce any unauthorized access. Their Ms SQL Server 2012 R2 cloud instance, Webb stores should use encryption at their end also and do not rely solely on the encryption and security services of the cloud network. In this case, if the data of the cloud is compromised, Webb stores data will still be encrypted. Web stores must ensure that it is storing the data encryption key somewhere else and not on the cloud. Their Cloud network infrastructure The biggest challenge here is that cloud vendor does not have any firewalls that can differentiate the data from the Webb stores and the data coming from malicious users. In such cases, they should ensure that cloud vendor is using the virtual cloud firewall using virtual security device that will be deployed within your tenant environment and separate customer traffic from malicious traffic. Also, Webb stores should clearly bring this topic in contract with the cloud vendors and also adds clause of penalty in case of any default. Their Cloud backup and restore infrastructure challenges, security issues as well as how these issues can be solved. Backup and restoring is a time taking activity and involves a lot of challenges. It is recommended that Webb stores should ask their vendor to conduct a Pilot project where they will be showcasing their capability how fast they can restore the back up and also Webb stores should setup the Service Level agreements (SLAs) that restoration must happen within this time frame otherwise there will be a penalty. Also, there should be clauses like network should be up and available more than 99% of the time and any downtime must be communicated 2 weeks in advance (Almorsy, Grundy, Muller, 2016). Webb stores also need to educate its IT users how to handle phishing emails because clicking on malicious emails by any user on a network can pose a risk to entire network. References Ali, M., Khan, S. U., Vasilakos, A. V. (2015). Security in cloud computing: Opportunities and challenges.Information Sciences,305, 357-383. Almorsy, M., Grundy, J., Mller, I. (2016). An analysis of the cloud computing security problem.arXiv preprint arXiv:1609.01107. Chang, V. (2015). Towards a Big Data system disaster recovery in a Private Cloud.Ad Hoc Networks,35, 65-82. Couto, R. D. S., Secci, S., Campista, M. E. M., Costa, L. H. M. K. (2014). Network design requirements for disaster resilience in IaaS clouds.IEEE Communications Magazine,52(10), 52-58. Hashizume, K., Rosado, D. G., Fernndez-Medina, E., Fernandez, E. B. (2013). An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), 5. Khalil, I., Khreishah, A., Azeem, M. (2014). Consolidated Identity Management System for secure mobile cloud computing.Computer networks,65, 99-110. Khanezaei, N., Hanapi, Z. M. (2014, December). A framework based on RSA and AES encryption algorithms for cloud computing services. InSystems, Process and Control (ICSPC), 2014 IEEE Conference on(pp. 58-62). IEEE. Nicolini, M. J., Wildes, R. A., Slawsky, J. E., Sabjan, C. A., Alexander, J. W., Freiheit, K., ... Gregory, R. D. I. (2015).U.S. Patent No. 9,122,711. Washington, DC: U.S. Patent and Trademark Office. Pearson, S. (2013). Privacy, security and trust in cloud computing. InPrivacy and Security for Cloud Computing(pp. 3-42). Springer London. Rittinghouse, J. W., Ransome, J. F. (2016).Cloud computing: implementation, management, and security. CRC press. Yao, J., Lu, P., Zhu, Z. (2014, June). Minimizing disaster backup window for geo-distributed multi-datacenter cloud systems. InCommunications (ICC), 2014 IEEE International Conference on(pp. 3631-3635). IEEE.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.