Wednesday, May 6, 2020

Cloud Computer Security Techniques Tactics â€Myassigtnmenthelp.Com

Question: Discuss About The Cloud Computer Security Techniques Tactics? Answer: Introduction The content of this paper is about cloud computing and its benefits and to organization currently adopting to cloud computing. Cloud computing is a type of information technology paradigm or a model which enables ubiquitous access to various shared pools of configurable items within an organization. It gives access to resources such as computer servers, computer networks, applications, storage and services. The main issues behind this report is to provide accurate information to the board members of Webbs an organization which is currently migrating to the use of cloud computing for daily operations. Webbs as an organization requires a cloud computing system and is determined to adoption of a hybrid cloud methodology. The organization is also concerned with the benefits, risks related to cloud data backup, management and issues. The company has settled on the use of cloud computing system in order to reduce the costs of LTO 6 tapes used for back up critical missions. The organization is also determined to reduce the cost of off-site storage the tapes and also interested in the fast backup of database through the cloud computing. The content of this paper therefore provides information to the board of Webbs on the types of security that should deployed to protect the migration mission from the MS SQL Server 2012 R2 database to an IaaS instance in a public cloud. The content of this report ends with a well outlined recommendation on how the board of members of Webbs on how they can fully secure and protect the newly cloud computing. Type of security to be deployed to protect the migration of data from MS SQL Server 2012 R2 database to an IaaS instance in a public cloud As Webb is planning on moving workloads to Infrastructure as a service (IaaS) the organization should consider various security measures as the mission always results to various threats to a system. During such missions data is always susceptible to threats which must contained through deployment of various security measures. When data is being moved from one database to another, the company of an organization such as Webbs in most of the occasions have their data shared with the service provider and this may be competitive risk to the organization as this may lead to leakage of key consumer information to the rival firm (Furht Escalante, 2010). The management of the organization should therefore consider application of expertise in securing the virtual environments as well as utilizing new options to secure the mission. Application of privileged access workstations During such missions Webbs is likely to fall a prey to cyber attackers who are always ready during such missions as a result of various organizational administrators performance of action while using their accounts which have elevated rights. During the mission critical use of resources such as emails and internet browsing can be hazardous even though these applications seems innocent enough (Antonopoulos Gillam, 2017). During the mission use of emails and browsers may expose the elevated accounts to a state of compromise by various malicious actors. The board should therefore ensure the application of privileged access workstations to reduce the susceptibility of the system during the mission to cyber-attacks as well as malicious actors. Data encryption and use of multi-factor authentication In order to secure data during the migration, the management board should consider data encryption and application of multi- factor authentication. When migrating from one system of database to another both the new system and the previous system must be secure. Webbs should therefore apply the above security measure during the mission critical and this security method should be simple and comply with the exceptional demands of their demands on privacy as well as secure the whole system (Buyya, Broberg Gos?cin?ski, 2011). Encryption of data during transmission applied together with an operational multi-factor authentication as well as authorizations tools should provide security to the mission. Provider verification Webbs management board should also verify the provider who is contracted to help with the migration mission. The board should read the cloud contracted providers service level agreement and check how the provider is prepared to secure the whole system during the mission. They should also check to see the providers rate of transparency and apply various legal issues to ensure that the whole proses is secure. The board and the cloud provider should be aware of their responsibilities during the whole process, this will enable the appropriate action to be taken by each party. Benefits and issues that would be as the result of the deployment of above security measures The implementations of the above security measures during the mission critical comes with a lot of benefits and issues to an organization going through the process. The first issues is the identification of various important organizational team to give the privilege action to the to the created work station. The board should be keen enough when coming up with the privileged workstations as this may lead to some team members feel inferior to other fellows at the same level of duty. Even though this may an issues the board is mandated to ensure security for the whole critical transmission process (Furht Escalante, 2010). The use of privileged access workstation will prevent the loss of key information to malicious actors through elevated accounts. Any organizational data is important to the competing entity in the same sector thus application of this security measure during the critical mission is of great important to the organization. The data encryption as security measure may be an additional work to the board to decide on but it is the best security measure for the data migration. The process of moving various system form some of Webbs branches to the main firm is quite a threat, the organization should therefore key encrypt various data from the branches. This will prevent the access of information by malicious people internally and externally (Antonopoulos Gillam, 2017). The encryption of the data is also important as data is always being shared with the cloud computing provider during the transfer, with the encryption the organization is therefore able to keep their privacy. It is also beneficial for the organization to use the multi-factor authentication as this will identify the management in cases of a login to the system during the mission. The system of multi-factor authentication is beneficial to Webbs as it will safeguard the access to the data during the migration process while meeting various demands of the whole process (Encyclopedia on cloud computing, 2014). The firm will may have and issues with acquiring mobile phones linked to the system as multi-factor security measure provides strong authentication using options such as phone calls, phone text messages or mobile phone notifications. The board of management should therefore decide on one of the notification methods to in order to protect their privacy during the data migration. Risks associated with migrating from MS SQL Server 2012 R2 database to an IaaS instance in a public cloudin relation to: As reveled by the Cloud security alliance, cloud computing system may be beneficial to an organization such as Webbs, however, the system faces top three threats or risks. These threats include insecure interfaces together with APIs, loss of data and leakages and failures related to hardware (Ivanov, Sinderen Shishkov, 2012). These three risks accounts to 29 percent, 25perceng as well as 10 percent respectively. Risks during the migrations affects various systems of the cloud system. There are various risks associated with cloud migration which must not be ignored by Webbs as an organization. The database Migration to the cloud system may result into data loss within the data base or even breaches. Even though cloud providers as seen as people who build better infrastructure equipped with the redundancy compared to other firms offering the same services, there is a possible risk of data loss that may be as a result of a breach or even how errors occurring within the database are being handled by the provider (Vaquero, Caceres Hierro, 2012). Cloud providers may at the point of migration provide poorly configured permissions leading to massive data loss to people attackers. Since the organization is adopting hybrid cloud system, the breach from data bases may be from within the organization or from the providers. Some of the logging identities to the database may be accessed without proper restriction of access by various attackers leading to data breach or loss of data in the database (Furht Escalante, 2010). The IaaS infrastructure The cloud system is susceptible to various risks and threats ranging from the traditional threats, IT environment threats as a result of the provider. Migration to the cloud computing system by Webbs can leading to breaches and even data losses. In case of improper implementation of IPIs system the system can easily be reached by malicious actors. Improper installation of the IPIs system may lead to breakdown of existing client data in the cloud system (Jamsa, 2013). Another risk which may occur in the IaaS system is stolen credentials, the logging credentials may be leaked by the malicious insiders and this may lead to access of key information to opponent firms making the organization susceptible to competition. Stealing of information can be done through the application of information stealing malwares and through phishing mails (Ruparelia, 2016). This is a big risk to the management as a result of cloud migration as it may lead to leakage of key Webbs information that can be miss used by the attacker. Migration to the IaaS system often lead gives storage access to customers through personal domains known as the buckets for data backup. These domains can allow attackers to conduct as dictionary attack using word list and access to genuine domain prefixes leading to leakage of information. The communications between Webb's and their IaaS database in the cloud The communication between Webbs and their IaaS in the cloud may be easily suffer hacking attacks if the provider to not properly create an implement the APIs. With the implementation of the Cloud system, Webbs as an organization have all their client application like a black box running on a provider servers. During the communication the cloud system share a lot of resources across the multiple clients (Antonopoulos Gillam, 2017). Due to the sharing of the information and resources the key information from the organization may be leaked there by providing information to malicious actors. This happens through the side communication channel timing attacks which have been witnessed a lot in the past, and these attacks always results into cryptographic keys across the virtual system. Most of the side channel attacks can massively course vulnerabilities within the core components in the system leading such as the hypervisor leading to collapse of the whole cloud computing system. Risks and issues associated with: Backing up data to the Cloud Backing of data is one of the most important action firms always take in order to remain hold of various key information. Accidents may occur, files may be deleted or corrupted, the management may change file then require the old files or software may crush leading to loss of information (Antonopoulos Gillam, 2017). Some of the organization migrating to cloud computing system may as a result back up their data in cloud system and this in most occasions comes with issues and challenges. Backing of data into the cloud system may be risky as the Webbs internet pipe is likely to be a limited factor. When data is backed up in a cloud system, the organization is required to have access to an internet connection in order to have the backup data (Furht Escalante, 2010). The backups subjected to cloud are therefore slow to access as sometimes the internet is slow due to the latency and congestion within the internet. The company should therefore have to look for a quality service provider w hich may an issues as finding service providers who can provide endless support the backups may be a problem top reach. The organization may also have an extra responsibility having with, monitoring the usage of the bandwidth in since the organization based on the limited pipeline would be require to have a bigger pipe. Storage of data in the Cloud Storage of data within the cloud is risk to an organization mainly because, the organization will have to fully rely on the cloud service provider. Most the cloud providers may suffer from attacks or some without legal measures may share information with a third party and this may be a bigger risk to an organization such as Webbs. Storage of data within the cloud system will also require the organization to rely on the security measures of the provider which may also not be strong enough (Winkler, 2011). Reputable companies like Webbs may suffer security breaches incase of an attack to the providers system. The organization storing information within the cloud system should therefore consider backing up the data in an encrypted format due remain safe in case of a breach to the providers system. Retrieval of data from the cloud The retrieval of data from the cloud may be a risk to an organization such as Webbs. In a situation that the organization is going through a disaster and may be in the fastest need of the restore services to get the operation yup and running. Retrieval of data from down from the cloud back to the system may be slow as cloud operates through the internet thus may not be as fast as the restoration is required (Jamsa, 2013). This is a risk compare to the tapes which one may get as fast as possible to the Webbs DR site to restore the whole system. The issue with the retrieval of data from the cloud is the need for proper evaluation of the recovery time as well as the objectives. Another issue is the time for testing the data retrieved from the cloud system. Effect of Cloud backup service on Webbs DR plans The application of cloud backup will highly affect the DR plans set prior by the organization. By backing up the company data in the cloud system the company will therefore be in need of the DR premises which use the tapes to retrieve data. The DR site will therefore not be in much use as the organization will be able to access the backed up data through internet pipes (Jamsa, 2013). Even though the organization may reside on the cloud back, they can still have the use of the DR site as in case of emergencies the organization may not be able to retrieve the backed data within the require time. The organization, however, will need to properly assess their objectives in relation to the issues of DR sites as it may be important or not with the use of the cloud system. Recommendations to Webb's Board on how to protect access to: Their IaaS infrastructure The management board of Webbs as an organization after settling into the use of IaaS infrastructure should employ various measures to take care of the system. The IaaS is one of the most basic and fundamental cloud service which should be highly secured. In order to secure the whole system the organization should adopt manage operating system since they will still deploy the system. The management of the IaaS system is one of the management responsibilities and it is recommended for the organization to organize patching, hardening assignment of rights as well as organize other various forms of maintaining the system (Furht Escalante, 2010). In order for the system to operate smoothly the board members should organize various security protocols such use of various antivirus tools, antimalware, path the system as well as provide backup for the IaaS system. Their Ms SQL Server 2012 R2 cloud instance Just as the other cloud infrastructures, the Ms SQL Server 2012 R2 cloud instance is important to the organization. This server since the organization has settled on the use of hybrid cloud system is important as it holds various key information relating to Webbs customers. The organization should therefore encrypt the whole system in order to secure it (Jamsa, 2013). The data within the server should be encrypted whenever possible through ensuring a proper key management implementation. Their Cloud network infrastructure The cloud network infrastructure is one of the most vulnerable infrastructure that can easily be accessed by malicious actors. This system of the cloud system should be well managed and secured. The organization should create a logging system that will always indicate and notify the responsible personnel (Hurwitz, 2009). The management should employ as mentioned a two factor user authentication while dealing with the network infrastructure. This will help increase the security in to the cloud network infrastructure. The access tokens should not be hardcoded publically with user privileges highly restricted. The logging system to the network infrastructure should be well monitored, this will help the organization to easily identify breaches and taken appropriate actions (Hurwitz, 2009). The logged in data should be well aggregated as well as correlated with the security information and event management in order to increase cloud network infrastructure. Their Cloud backup and restore infrastructure The cloud backup system and restore infrastructure is another important part of the cloud computing system that should be well organized. Just the Webbs would like to maintain other system (Hurwitz, 2009). Updates, backups and restoration infrastructure should also be as well taken into deeper consideration. The backup and restoration infrastructure is a true part of the cloud system and it is therefore recommended for the management to apply security measures (Antonopoulos Gillam, 2017). A back up follow strategies should be fully followed and implementation and the workload moved to the backup system should be integrated, deployed and properly tested. The backup system should also have a multi-factor authentication in order to ensure that only authorized individuals have access to the backup and restore system. Conclusion Cloud computing has various benefits to various organizations such Webbs which is currently planning adopt cloud computing. This kindly of set is cost effective to organization and will see the operation cost of Webbs reduced by a given margin. Even though cloud computing is cost effective and may lead to profit maximization. The cloud system is also vulnerable to breaches and can see an organizations privacy being accessed by a third party who might even be the management of rivalry firm. Webbs board members should therefore take into consideration various security measures before implementing cloud system. As recommended above, cloud computing system requires keen checking of security breaches and the organization should take cloud system audits after a given time frame. References Antonopoulos, N., Gillam, L. (2017). Cloud computing: Principles, systems and applications. Cham, Switzerland: Springer Buyya, R., Broberg, J., Gos?cin?ski, A. (2011). Cloud computing: Principles and paradigms. Hoboken, N.J: Wiley. Encyclopedia on cloud computing. (2014). Place of publication not identified: John Wiley. Furht, B., Escalante, A. (2010). Handbook of cloud computing. New York: Springer. Hurwitz, J. (2009). Cloud computing for dummies. Hoboken, NJ: Wiley Pub. Ivanov, I., Sinderen, M. J., Shishkov, B. (2012). Cloud computing and services science. New York: Springer. Jamsa, K. (2013). Cloud computing: SaaS, PaaS, IaaS, virtualization, business models, mobile, security and more. Burlington, MA: Jones Bartlett Learning. Ruparelia, N. (2016). Cloud computing. Vaquero, L. M., Caceres, J., Hierro, J. J. (2012). Open source cloud computing systems: Practices and paradigms. Hershey, Pa: Information Science Reference. Winkler, V. J. R. (2011). Securing the Cloud: Cloud Computer Security Techniques and Tactics. Burlington: Elsevier Science.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.