ISSC363 Cloud Security and Their Associated Risks Discussion Response

in /by

ISSC363 Cloud Security and Their Associated Risks Discussion Response

Need to respond to two student discussions with at least 150 words minimum for each response. Below in the bold are the questions the students are responding to.

Please Read the following articles on Cloud Security and their Associated Risks:

Christodorescu, M., Sailer, R., Schales, D. L., Sgandurra, D., & Zamboni, D. (2009, November). Cloud security is not (just) virtualization security: a short paper. In Proceedings of the 2009 ACM workshop on Cloud computing security(pp. 97-102). ACM.

Fogarty, K. (2012, August 10). The biggest cloud computing security risk is impossible to eliminate. Retrieved from http://www.networkcomputing.com/security/the-bigge…

Kinsella, J. (2012, September 26). 5 (more) key cloud security issues. Retrieved from http://www.csoonline.com/article/717307/5-more-key…

Then, discuss with your classmates why Cloud Security is different from that of traditional network architectures and what you think the future holds for Cloud Security and it’s adoption rate with company’s. What are some technologies and solutions that can be used to reduce risk for the “Cloud” or “Cloud Data” .

Student one:

Hi Everyone,

Cloud security does differ from traditional network architectures and here is why. Cloud computing can be said to be the next generation of storage of information, from your home office or work station. Cloud storage system allows you to access whatever information you store on your account from anywhere you have network access. This feature makes the cloud storage a very valuable thing because you can basically put personal files on the cloud network and have the ease of be able to pull them right up. Cloud storage will allow pretty much anything you can store on your main computer on to the cloud network, so your home movies can be as simple as logging in to your account and clicking their icon. As far as the security for cloud storage it would seem to be very behind in that factor, or it is just the victim of more and more attacks and because it is still very new they might need to fix some back doors they might have left in the programming. This is common for a new and big feature specially the fact that people are so willing to put so much valuable information on to their cloud storage which makes it more of a target for people to get in and get all the information they can. We all know by this time in the class it really does not matter what you do for protection on something that is on a network if someone really wants in to it sooner or later they will gain access to the network and take whatever they can all we can do is be ready for the attack.

Christodorescu, M., Sailer, R., Schales, D. L., Sgandurra, D., & Zamboni, D. (2009, November). Cloud security is not (just) virtualization security: a short paper. In Proceedings of the 2009 ACM workshop on Cloud computing security(pp. 97-102). ACM.

Fogarty, K. (2012, August 10). The biggest cloud computing security risk is impossible to eliminate. Retrieved from http://www.networkcomputing.com/security/the-biggest-cloud-computing-security-ris/240005337

Kinsella, J. (2012, September 26). 5 (more) key cloud security issues. Retrieved from http://www.csoonline.com/article/717307/5-more-key-cloud-security-issues

-Micheal B

Student two:

More organizations and businesses are turning towards cloud computing as technology advancement and IT security progresses. Cloud computing makes it easier for businesses and organizations of all sizes to enjoy the benefits of storage, servers, databases, networking, intelligence, analytics, and software products over the Internet with flexible resources, innovation, and economies of scale (Microsoft Azure, 2019). A good reason that more businesses are moving towards cloud computing is due to the reduce operating costs since you pay only for the services you use and it can be scalable as the business grows. Another excellent reason to utilize these services is that vendors such as Amazon Web Services (AWS), Microsoft Azure, and Oracle offer their specialization within the IT industry to include the security of it.

Cloud security typically offers a third-party data center, quickly scalable, efficient resource utilization, low upfront infrastructure investment, less visibility and control over your own data environment and is reliant on the service provider for security controls. The cloud environment changes the way how a business’s access and store their data. These businesses would have to use application programming interfaces (APIs), which allows the devices and servers to communicate with the cloud servers. Since, there is a reduce visibility and control over the data environment, it is critical to understand the vendor’s service IT security controls and plan. Traditional IT security on the other hand has in-house data centers, slow scaling, higher upfront costs, and provides greater control and visibility over your own data environment. According to Kinsella (2012), internal clouds are not inherently secure, companies lack security visibility and risk awareness, sensitive information needs safer storage, applications aren’t secure, and authentication and authorization must be more robust. I do believe that vendors such as Amazon, Microsoft, Oracle, and Google have invested heavily over the last several years in the IT infrastructure and cloud computing services they provide. A solution to help reduces cloud computing for businesses is to ensure their employees are properly trained and educated with the cloud service platform. Ensure that there is some type of data backup plan established in order to minimize business operations. Establish a strong password requirement such as upper/lower case, special characters, numbers, and a 60- or 90-days password change. Selecting a vendor that offers quality encryption and uses end-to-end encryption when transmitting data. For in-house IT infrastructure, ensuring all the software and hardware has the latest security patches and updates to mitigate any potential vulnerabilities. Conducting routine penetration testing is critical of the IT infrastructure for vulnerabilities and risks. The business should adopt a zero trust security model where it requires every user, system or device outside or inside to be verified and validated before connecting to their system (Harpham, 2018). Providing rights and privileges in line with individuals job function and requirements and auditing this control routinely.

Harpham, B. (2018, May 22). 7 risk mitigation strategies for the cloud. Retrieved April 4, 2019, from https://www.cio.com/article/3273707/7-risk-mitigat…

Microsoft Azure. (2019). What is cloud computing?. Retrieved April 4, 2019, from https://azure.microsoft.com/en-us/overview/what-is…

-Frank

"You need a similar assignment done from scratch? Our qualified writers will help you with a guaranteed AI-free & plagiarism-free A+ quality paper, Confidentiality, Timely delivery & Livechat/phone Support.


Discount Code: CIPD30



Click ORDER NOW..

order custom paper