Cloud Security Risks for Webb's Store
VerifiedAdded on 2020/03/23
|12
|2121
|119
AI Summary
This assignment analyzes the potential security risks facing Webb's Store when migrating its processes to the cloud. It examines various parameters of cloud computing, including data storage, access control, and backup/restore procedures, highlighting vulnerabilities within each area. The document emphasizes the importance of implementing robust security protocols to mitigate these risks and recommends specific solutions for a successful cloud transition.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD COMPUTING
Cloud computing
Name of the student
Name of the University
Author Note
Cloud computing
Name of the student
Name of the University
Author Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CLOUD COMPUTING
Executive summary
This report discusses about the various implementation of cloud technologies to apply it on an
existing database. The approach to be used is the Infrastructure as a device (IaaS). The selected
organization is the Webb’s Store. The report includes an analysis of the security needs in
database migration. In addition, the risks related to the database, infrastructure and the
communication among the cloud infrastructure with the Webb’s Stores are also discussed in this
report.
Executive summary
This report discusses about the various implementation of cloud technologies to apply it on an
existing database. The approach to be used is the Infrastructure as a device (IaaS). The selected
organization is the Webb’s Store. The report includes an analysis of the security needs in
database migration. In addition, the risks related to the database, infrastructure and the
communication among the cloud infrastructure with the Webb’s Stores are also discussed in this
report.
2CLOUD COMPUTING
Table of Contents
Introduction:....................................................................................................................................4
Discussion:.......................................................................................................................................4
Database migration:.....................................................................................................................4
Types of security:....................................................................................................................4
Benefits and issues:..................................................................................................................5
Risks in database migration:........................................................................................................5
Risks in database:....................................................................................................................5
Risks in IaaS infrastructure:.....................................................................................................6
Risks in communication:.........................................................................................................6
Data backup:................................................................................................................................7
Risks in backup, storage and retrieval:....................................................................................7
Applications of cloud backup:.................................................................................................8
Access protection:........................................................................................................................8
IaaS infrastructure:...................................................................................................................8
Ms SQL Server 2012 R2 cloud instance:................................................................................8
Cloud infrastructure:................................................................................................................9
Cloud backup and restore:.......................................................................................................9
Conclusion:......................................................................................................................................9
References:....................................................................................................................................10
Table of Contents
Introduction:....................................................................................................................................4
Discussion:.......................................................................................................................................4
Database migration:.....................................................................................................................4
Types of security:....................................................................................................................4
Benefits and issues:..................................................................................................................5
Risks in database migration:........................................................................................................5
Risks in database:....................................................................................................................5
Risks in IaaS infrastructure:.....................................................................................................6
Risks in communication:.........................................................................................................6
Data backup:................................................................................................................................7
Risks in backup, storage and retrieval:....................................................................................7
Applications of cloud backup:.................................................................................................8
Access protection:........................................................................................................................8
IaaS infrastructure:...................................................................................................................8
Ms SQL Server 2012 R2 cloud instance:................................................................................8
Cloud infrastructure:................................................................................................................9
Cloud backup and restore:.......................................................................................................9
Conclusion:......................................................................................................................................9
References:....................................................................................................................................10
3CLOUD COMPUTING
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4CLOUD COMPUTING
Introduction:
Cloud computing is a process which enables an organizations to empower their assets
without the need for maintaining a physical infrastructure. The following report includes an
analysis of the risks that are present in case of database migration using the IaaS approach. The
analysis further includes the risk present in the various aspects of database migration as well.
Discussion:
Cloud computing is a process which enables an organizations to empower their assets
without the need for maintaining a physical infrastructure.
Database migration:
This section of the report discusses about the various security aspects that can be applied
to the database in the cloud along with the benefits of such applications.
Types of security:
The first security to be applied is the protection of data leak and monitoring. The IaaS
methods help in successful monitoring and analysis and needs to be referenced by the
administrative authorities of the company.
The next security application is the presence of authorization and authentication
(Garrison, Kim & Wakefield, 2012). These methods are used to limit the level of access to
verified users only.
Exhaustive logging is the next security application to be applied that is used to monitor
the device use, files accessed and the time of access. This process is used during cases of security
breaches.
Introduction:
Cloud computing is a process which enables an organizations to empower their assets
without the need for maintaining a physical infrastructure. The following report includes an
analysis of the risks that are present in case of database migration using the IaaS approach. The
analysis further includes the risk present in the various aspects of database migration as well.
Discussion:
Cloud computing is a process which enables an organizations to empower their assets
without the need for maintaining a physical infrastructure.
Database migration:
This section of the report discusses about the various security aspects that can be applied
to the database in the cloud along with the benefits of such applications.
Types of security:
The first security to be applied is the protection of data leak and monitoring. The IaaS
methods help in successful monitoring and analysis and needs to be referenced by the
administrative authorities of the company.
The next security application is the presence of authorization and authentication
(Garrison, Kim & Wakefield, 2012). These methods are used to limit the level of access to
verified users only.
Exhaustive logging is the next security application to be applied that is used to monitor
the device use, files accessed and the time of access. This process is used during cases of security
breaches.
5CLOUD COMPUTING
The application of technologies present in the IaaS approach is to be applied which
facilitates the offline model of operation. This greatly enhances the security model of the system.
Furthermore, the testing of the applied features is also acquisitioned for better security
addressing.
The last security process to be applied is end-to-end encryption. This helps in encrypting
the files present in the system. In addition, the connection of the system should also be encrypted
by adopting SSL/TLS or IPSec.
Benefits and issues:
Benefits:
The benefits of applying such technologies are the enhancement in security. In addition,
the authentication procedure helps to keep the system safe from outside attackers. This not only
removes the problems associated with the systems but also helps in protecting the customer data.
Issues:
The main issue is that the administrator may forget the key to the system which may lead
to disruptive flow in operation (Jula, Sundararajan & Othman, 2014). Furthermore, as the
security is being increased, the skill sets of the attackers are also increasing which makes it
necessary to apply better security in repetitive intervals.
Risks in database migration:
The risks pertaining to the migration of the database is addressed in this section.
Risks in database:
The main risks in database are the problem in license for some software as well as the
reduction in transparency. As the cloud implementation may cause some software to not work
The application of technologies present in the IaaS approach is to be applied which
facilitates the offline model of operation. This greatly enhances the security model of the system.
Furthermore, the testing of the applied features is also acquisitioned for better security
addressing.
The last security process to be applied is end-to-end encryption. This helps in encrypting
the files present in the system. In addition, the connection of the system should also be encrypted
by adopting SSL/TLS or IPSec.
Benefits and issues:
Benefits:
The benefits of applying such technologies are the enhancement in security. In addition,
the authentication procedure helps to keep the system safe from outside attackers. This not only
removes the problems associated with the systems but also helps in protecting the customer data.
Issues:
The main issue is that the administrator may forget the key to the system which may lead
to disruptive flow in operation (Jula, Sundararajan & Othman, 2014). Furthermore, as the
security is being increased, the skill sets of the attackers are also increasing which makes it
necessary to apply better security in repetitive intervals.
Risks in database migration:
The risks pertaining to the migration of the database is addressed in this section.
Risks in database:
The main risks in database are the problem in license for some software as well as the
reduction in transparency. As the cloud implementation may cause some software to not work
6CLOUD COMPUTING
properly due to their license of use. In addition, as the database is migrated to the cloud, the
transparency is reduced and the organization is to contact the vendor for each application to be
used.
Risks in IaaS infrastructure:
Due to the migration procedures, there are various risks in infrastructures like
misconfiguration, shadow-IT and vulnerabilities
Misconfiguration is the first risk that is evident in most of the systems and the
administrative authorities must search for any misconfiguration in the system (Jadeja & Modi,
2012). This includes the deployment of the IaaS APIs to compare the designs of the system with
pre-designed parameters.
Vulnerability is another threat that is to be addressed by not only the vendors but the
clients as well. This includes automated scanning procedures and analysis to detect changes in
the security protocols.
Shadow-IT is another concept which includes the presence of orphan storage and ghost
servers. Orphan storages denote the presence of servers that are not used for a long time. Ghost
servers are servers which are not useful anymore but are operable. These can lead to various
threats as outsiders can generally hack into theses servers to get previous data.
Risks in communication:
The main risks in communication among the Webb’s Store and the cloud database are the
data availability and concerns regarding privacy (Kavis, 2014). As the information is stored by
the vendors who provide cloud solutions, there is always a risk concerned with the data that is
being provided by a client to the vendor.
properly due to their license of use. In addition, as the database is migrated to the cloud, the
transparency is reduced and the organization is to contact the vendor for each application to be
used.
Risks in IaaS infrastructure:
Due to the migration procedures, there are various risks in infrastructures like
misconfiguration, shadow-IT and vulnerabilities
Misconfiguration is the first risk that is evident in most of the systems and the
administrative authorities must search for any misconfiguration in the system (Jadeja & Modi,
2012). This includes the deployment of the IaaS APIs to compare the designs of the system with
pre-designed parameters.
Vulnerability is another threat that is to be addressed by not only the vendors but the
clients as well. This includes automated scanning procedures and analysis to detect changes in
the security protocols.
Shadow-IT is another concept which includes the presence of orphan storage and ghost
servers. Orphan storages denote the presence of servers that are not used for a long time. Ghost
servers are servers which are not useful anymore but are operable. These can lead to various
threats as outsiders can generally hack into theses servers to get previous data.
Risks in communication:
The main risks in communication among the Webb’s Store and the cloud database are the
data availability and concerns regarding privacy (Kavis, 2014). As the information is stored by
the vendors who provide cloud solutions, there is always a risk concerned with the data that is
being provided by a client to the vendor.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7CLOUD COMPUTING
In addition, the company needs to communicate with the vendors for changes to be
implemented. In case any threat is detected, the company needs to communicate with the vendor
to operate the system in offline mode (Hashizume et al., 2013). This will be a great threat as
absence of network access will put the company at risk.
Data backup:
This section of the report discusses about the various risks that are to be considered
during the backing up of data.
Risks in backup, storage and retrieval:
Backup:
During the backing up of data, the vendors are required to implement stronger security
protocols to their solutions. In case of different adoption of technologies, the company might
face risks in case of business if weak security protocols are applied.
Another risk in backing up of data is that the vendors apply different methods of storage
where the newer data might replace the older ones. The companies thus need to discuss with
their vendors about the type of methods applied.
Storage:
The risk in data storage is the presence of LAN connection to facilitate transfer of data.
As the data to be transferred is very huge, storage is not possible quickly (Sanaei et al., 2014). In
cases of disasters, the data to be transferred might not reach the cloud immediately.
Retrieval:
As data to be retrieved is much large in size, the retrieval process may range form days to
weeks. This is the first risks as it affects the business operation. Another risk is the disappearance
In addition, the company needs to communicate with the vendors for changes to be
implemented. In case any threat is detected, the company needs to communicate with the vendor
to operate the system in offline mode (Hashizume et al., 2013). This will be a great threat as
absence of network access will put the company at risk.
Data backup:
This section of the report discusses about the various risks that are to be considered
during the backing up of data.
Risks in backup, storage and retrieval:
Backup:
During the backing up of data, the vendors are required to implement stronger security
protocols to their solutions. In case of different adoption of technologies, the company might
face risks in case of business if weak security protocols are applied.
Another risk in backing up of data is that the vendors apply different methods of storage
where the newer data might replace the older ones. The companies thus need to discuss with
their vendors about the type of methods applied.
Storage:
The risk in data storage is the presence of LAN connection to facilitate transfer of data.
As the data to be transferred is very huge, storage is not possible quickly (Sanaei et al., 2014). In
cases of disasters, the data to be transferred might not reach the cloud immediately.
Retrieval:
As data to be retrieved is much large in size, the retrieval process may range form days to
weeks. This is the first risks as it affects the business operation. Another risk is the disappearance
8CLOUD COMPUTING
of the vendors responsible for the cloud solutions. In cases like this, the company may lose all of
their valuable data.
Applications of cloud backup:
Due to the application of the cloud solutions, the most advantage for the company is the
reduced cost of infrastructure. The cost is reduced which makes up for better business profits.
This also leads to faster deployment of the business (Mauch, Kunze & Hillenbrand, 2013).
Furthermore, business expansion is also achieved efficiently as the cost for more infrastructures
is reduced.
In addition, the cloud solution of migration of the database is much enhances with respect
to the traditional database management systems.
Access protection:
This section of the report discusses about the various access protection to be referenced
for the system of Webb’s Store.
IaaS infrastructure:
Access to the infrastructure is usually provided by physical or internet access. In case of
physical access, better authorization is required to tighten security (Kumar & Goudar, 2012).
Internet security is done by getting the solutions of cloud security like the Cloud Sigma.
Ms SQL Server 2012 R2 cloud instance:
Access to the server is to be initiated by adopting secure access protocols like the
TLS/SSL. In addition, the VM instances are to apply multi-factor authentication to provide
access.
of the vendors responsible for the cloud solutions. In cases like this, the company may lose all of
their valuable data.
Applications of cloud backup:
Due to the application of the cloud solutions, the most advantage for the company is the
reduced cost of infrastructure. The cost is reduced which makes up for better business profits.
This also leads to faster deployment of the business (Mauch, Kunze & Hillenbrand, 2013).
Furthermore, business expansion is also achieved efficiently as the cost for more infrastructures
is reduced.
In addition, the cloud solution of migration of the database is much enhances with respect
to the traditional database management systems.
Access protection:
This section of the report discusses about the various access protection to be referenced
for the system of Webb’s Store.
IaaS infrastructure:
Access to the infrastructure is usually provided by physical or internet access. In case of
physical access, better authorization is required to tighten security (Kumar & Goudar, 2012).
Internet security is done by getting the solutions of cloud security like the Cloud Sigma.
Ms SQL Server 2012 R2 cloud instance:
Access to the server is to be initiated by adopting secure access protocols like the
TLS/SSL. In addition, the VM instances are to apply multi-factor authentication to provide
access.
9CLOUD COMPUTING
Cloud infrastructure:
The main access protection that can be applied is the reduction in the use of normal
browsers for access. As they are very prone to the DDOS injection attacks, the need for antivirus
programs are to be applied for better security.
Cloud backup and restore:
During the backing up of data and restore, the vendors are required to implement stronger
security protocols to their solutions. In case of different adoption of technologies, the company
might face risks in case of business if weak security protocols are applied (Li et al., 2012). The
company is recommended to discuss the application of the protocols needed for security related
functions.
Conclusion:
Thus the conclusion that can be drawn from this analysis is that the cloud instance of the
processes is used to consider the removal of the physical existence of the infrastructures of the
company to achieve cloud infrastructure. After considering the various risks presents in all the
parameters of the cloud parameters, Webb’s Store is recommended to consider such risks to
successfully apply the solutions to address them.
Cloud infrastructure:
The main access protection that can be applied is the reduction in the use of normal
browsers for access. As they are very prone to the DDOS injection attacks, the need for antivirus
programs are to be applied for better security.
Cloud backup and restore:
During the backing up of data and restore, the vendors are required to implement stronger
security protocols to their solutions. In case of different adoption of technologies, the company
might face risks in case of business if weak security protocols are applied (Li et al., 2012). The
company is recommended to discuss the application of the protocols needed for security related
functions.
Conclusion:
Thus the conclusion that can be drawn from this analysis is that the cloud instance of the
processes is used to consider the removal of the physical existence of the infrastructures of the
company to achieve cloud infrastructure. After considering the various risks presents in all the
parameters of the cloud parameters, Webb’s Store is recommended to consider such risks to
successfully apply the solutions to address them.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10CLOUD COMPUTING
References:
Garrison, G., Kim, S., & Wakefield, R. L. (2012). Success factors for deploying cloud
computing. Communications of the ACM, 55(9), 62-68.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1),
5.
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges.
In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International
Conference on (pp. 877-880). IEEE.
Jula, A., Sundararajan, E., & Othman, Z. (2014). Cloud computing service composition: A
systematic literature review. Expert Systems with Applications, 41(8), 3809-3824.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models
(SaaS, PaaS, and IaaS). John Wiley & Sons.
Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud
computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.
Kumar, S., & Goudar, R. H. (2012). Cloud Computing-Research Issues, Challenges,
Architecture, Platforms and Applications: A Survey. International Journal of Future
Computer and Communication, 1(4), 356.
Li, J., Qiu, M., Ming, Z., Quan, G., Qin, X., & Gu, Z. (2012). Online optimization for scheduling
preemptable tasks on IaaS cloud systems. Journal of Parallel and Distributed
Computing, 72(5), 666-677.
Mauch, V., Kunze, M., & Hillenbrand, M. (2013). High performance cloud computing. Future
Generation Computer Systems, 29(6), 1408-1416.
References:
Garrison, G., Kim, S., & Wakefield, R. L. (2012). Success factors for deploying cloud
computing. Communications of the ACM, 55(9), 62-68.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1),
5.
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges.
In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International
Conference on (pp. 877-880). IEEE.
Jula, A., Sundararajan, E., & Othman, Z. (2014). Cloud computing service composition: A
systematic literature review. Expert Systems with Applications, 41(8), 3809-3824.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models
(SaaS, PaaS, and IaaS). John Wiley & Sons.
Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud
computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.
Kumar, S., & Goudar, R. H. (2012). Cloud Computing-Research Issues, Challenges,
Architecture, Platforms and Applications: A Survey. International Journal of Future
Computer and Communication, 1(4), 356.
Li, J., Qiu, M., Ming, Z., Quan, G., Qin, X., & Gu, Z. (2012). Online optimization for scheduling
preemptable tasks on IaaS cloud systems. Journal of Parallel and Distributed
Computing, 72(5), 666-677.
Mauch, V., Kunze, M., & Hillenbrand, M. (2013). High performance cloud computing. Future
Generation Computer Systems, 29(6), 1408-1416.
11CLOUD COMPUTING
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.
1 out of 12
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.