Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cloud Security Risks and Recommendations for Effective Migration

Verified

Added on 2019/11/29

AI Summary

The assignment discusses the risks associated with cloud migration and the importance of considering these risks before migrating databases to the cloud. It highlights the need for strong security measures, including encryption and authentication features, to prevent information leaks and backdoor intrusions in virtual machines (VMs). Additionally, it emphasizes the importance of using antivirus tools to remove malware from systems. The report concludes that the migration process should be carefully planned and executed to mitigate potential risks.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
Cloud computing
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1CLOUD COMPUTING
Executive Summary
The following report discusses about the cloud implementation of the existing database using the
Infrastructure as a device (IaaS) approach. The selected organization is the Webb’s Stores. The
following report includes an analysis of the various IaaS implementation of the cloud approach.
The report includes the need for security in the database migration along with the reasons to
implement it. The report further includes the discussion about the risks associated with the IaaS
infrastructure, risks in database and the risks in the communication link between the Webb’s
Stores and the cloud features. The report also includes the risks present in the backing up of the
data in the cloud. Lastly, the report includes various recommendations, which are to be adopted
to strengthen the security features of the various parameters including the IaaS infrastructure,
SQL server, cloud infrastructure and the cloud backing up processes.

2CLOUD COMPUTING
Table of Contents
Introduction:....................................................................................................................................4
Discussion:.......................................................................................................................................4
Database migration:.....................................................................................................................4
Types of security:....................................................................................................................4
Benefits and issues of implementing cloud features:..............................................................5
Risks in migration of the database:..............................................................................................6
Risks in database:....................................................................................................................6
Risks in IaaS infrastructure:.....................................................................................................6
Risks in communication between the organization and database:...........................................7
Data backup:................................................................................................................................8
Risks in data backup, storage and retrieval:............................................................................8
Applications of cloud backup in the organization:................................................................10
Recommendations for access protection:..................................................................................11
IaaS infrastructure:.................................................................................................................11
Ms SQL Server 2012 R2 cloud instance:..............................................................................11
Cloud infrastructure:..............................................................................................................11
Cloud backup and restore:.....................................................................................................12
Conclusion:....................................................................................................................................12
References:....................................................................................................................................13

3CLOUD COMPUTING

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4CLOUD COMPUTING
Introduction:
Cloud computing is a procedure, which is utilized to empower the organizations,
receiving its administrations, the capacity to devour a registered asset like the virtual machine
(VM), application or capacity. The report conducts an analysis of the risks involved with the
migration of the existing database to the virtual servers using IaaS services. The analysis also
includes the risks and security to be applied for the concerned process of migration.
Discussion:
Cloud computing is a procedure, which is utilized to empower the organizations,
receiving its administrations, the capacity to devour a registered asset like the virtual machine
(VM), application or capacity.
Database migration:
The migration of the database is being implemented by the organization to implement the
activities of cloud computing. This section of the report discusses about the types of security to
be applied to the cloud hosted database and the benefits that are to be achieved by such
processes.
Types of security:
The first type of security process to be applied to the cloud-hosted database is the data
leak protection and monitoring of use. IaaS services are useful because it provides the ability to
monitor and track the analytics of usage. This is required for the administrative authorities to
know the users who are accessing the cloud, their IP address and locations.

5CLOUD COMPUTING
The next step that is referenced by the IaaS approaches is the authentication and
authorization. These methods do not grant access to un-identified users (Garrison, Kim &
Wakefield, 2012). The two-factor authentication or the multi factor method is one way of
authentication to the service. In addition, the presence of tiering is also an effective way to give
authorization. This process limits the access to the information system that is limited to the level
of tiering.
In addition, the organizations with IaaS, both in the private and public cloud, needs
exhaustive logging and revealing set up. With a specific end goal to monitor where the data is,
who has access to it, the responsible machines for it, and storage computers in charge of it need
logging and detailing arrangements as they will turn out to be more vital in case of a security
break.
Moreover, the presence of the various technologies in the place is to be safely identified
and updated to apply security benefits. The IaaS also allows the use of technologies that helps to
update the security protocols in an offline model of the process (Hashizume et al., 2013). This
system allows the implementation of better security rules and helps in testing the system
security.
Lastly, IaaS as an administration process needs to exploit from end-to-end encryption.
Ensuring the whole disk encryption including all the files present in the system guarantees
encryption. In addition, the need for encrypting the connections to the system is also to be
encrypted. This is possible over SSL/TLS or IPSec.
Benefits and issues of implementing cloud features:
Benefits:

6CLOUD COMPUTING
The main benefits of the security procedures are the presence of enhanced security. This
helps in providing a peace of mind to the administrator of the system as well as the organization
head. These authentications and authorization processes help in the safety of the system and keep
the system secure so that the business and their clients or customers are not affected.
Issues:
The main risks to the system are the need for access to the system. It may happen
sometimes that the administrator may forget the key needed for access and this may lead to
disruption in the operation flow (Jadeja & Modi, 2012). In addition, thought the security features
are being enhanced day by day, the skills of the attackers are also increasing at the same level.
This creates a need for better security check in a frequent interval.
Risks in migration of the database:
This section of the report discusses about the various risks that applies to the database,
the IaaS infrastructure and the network between the organization and the database.
Risks in database:
This section of the report discusses about the various risks eminent during the cloud
migration processes. In case of cloud migration, various application used by the system may
have licensing problems due to the use of cloud technologies (Garrison, Kim & Wakefield,
2012). In addition, the transparency to the system is reduced as the vendor providing cloud
structures are in charge of the administration process and any changes are to be referenced to
these vendors as well.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7CLOUD COMPUTING
Risks in IaaS infrastructure:
Various risks are evident in the IaaS infrastructure due to the presence of discrepancies to
the system. They include the misconfiguration, vulnerabilities and shadow-IT.
Misconfiguration is the first risks that come in the IaaS infrastructure. The various
options of detecting misconfiguration are to be followed to remove the presence of any problems
in the system. The processes included in this section are the discovery of misconfiguration,
which relies on the IaaS APIs to scan the whole database (Hashizume et al., 2013). In addition,
fixing of these misconfiguration by the application of codes or APIs to compares it with pre-
placed templates which is in compliance to the security standards is also include in this process.
Lastly, the monitoring processes are also included, which test the presence of any detected errors
in the newly made system.
Vulnerability in the system is also to be addressed by the clients and not the vendors. The
vulnerability management includes the application of specific processes like automated scanning
and more analysis to reference the various changes in the workload security.
Shadow-IT is another threat, which involves the presence of many features in the system
that is left unused. This includes the ghost servers, orphan storage and dormant storage. The
ghost servers are unused servers that are still operable and present in the system. Orphan storage
is the presence of storage server in the system that is not used for a long time (Garrison, Kim &
Wakefield, 2012). Dormant resources are the use of a new server in presence of the old server.
All these problems pose a risk as it can be used by outsiders to get sensitive information from the
old servers.

8CLOUD COMPUTING
Risks in communication between the organization and database:
The various risks involved in the communication processes are the privacy concerns and
the availability of data. Due to the provisions of the cloud solutions by third party vendors, the
information that is stored by the organization regarding their aspects of business parameters is
not very confidential as the vendors can look into them, which raise security, or privacy related
concerns.
Another risk is the presence of internet access to the system. In case of facing any threats
to the system, the organization needs to close the system to fight such procedure (Hashizume et
al., 2013). This process requires the presence of internet for communication. In cases of absence
of internet, the solution will not be addressed properly which can lead to grave impacts in the
business.
Data backup:
This section discusses about the various risks in the backing up of data as well as the
processes to be done for applications of such changes.
Risks in data backup, storage and retrieval:
This section of the report discusses about the various risks associated with the backing up
of data, storage of data and the retrieval of data using cloud technologies.
Backing up of data:
Data backup is the most required process for businesses implementing cloud features.
However, the presence of risks in these processes can lead to problems in operations. The
associated risks to the system include the unauthorized access, management of access and data
loss.

9CLOUD COMPUTING
In cases when the cloud solutions are provided from the vendors, the reliance of security
can be weak depending on their adopted features (Kavis, 2014). If the adopted security measures
are weak, then breaches can be possible which can lead in the halting of the business prospects.
The need for encryption in the data that is being backed up is required to mitigate such risks.
The next risk is the requirement for management features in the system. The need for
encryption of the backed up data is required along with the storage of the keys for access. These
keys are to be stored using offline entries so that access is guaranteed always.
Lastly, the data loss is another risk that involves the replication of the data in backup
process. During such processes, the newer data replaces the older data present in the cloud.
However, during addressing requirements for the older data files, access can be impossible
sometimes depending on the cloud feature. Thus, it is necessary to contact the vendors about
their process of backup.
Storage of data:
This section of the report discusses about the various risks involved in the storage of data.
This includes the large backup windows, security and outage.
Backup of the data is done to store the information for safety measures. During the
backup process, the information is to be transferred to the cloud. This information usually ranges
to a very high size and the transfer using the normal LAN cables are a hindrance to the storage of
the data as the system will take a huge amount of time.
In cases when the cloud solutions are provided from the vendors, the reliance of security
can be weak depending on their adopted features. If the adopted security measures are weak,
then breaches can be possible which can lead in the halting of the business prospects (Kavis,

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

10CLOUD COMPUTING
2014). The need for encryption in the data that is being backed up is required to mitigate such
risks.
Another risk is the presence of internet access to the system. In case of facing any threats
to the system, the organization needs to close the system to fight such procedure. This process
requires the presence of internet for communication. In cases of absence of internet during
outage, the solution will not be addressed properly which can lead to grave impacts in the
business.
Data retrieval:
This section discusses about the various risks associated with the retrieval of data. This
includes the restore window and disappearances of the vendor.
The restore window is a much-discussed risk, which affects the retrieval of the data
(Jadeja & Modi, 2012). In cases of huge data retrieval, the time required can range from days to
months as this is usually done over the LAN cables.
The next risk is the disappearance of the vendor. In cases like these, the information that
is required during retrieval can be lost leading to grave effects on the system.
Applications of cloud backup in the organization:
Many advantages can be utilized by this migration of the existing database. The
organizational benefit is the reduction in the expenditure needed for effective processing and
maintenance. Due to the existence of virtual systems, infrastructure requirements are also
removed (Suo et al., 2013). This helps in faster deployment of their products, which also
increases customer satisfaction.

11CLOUD COMPUTING
In addition, in case of business expansion, the need for infrastructure expansion is
reduced as the system allows remote access from anywhere on the world. This also reduces the
storage requirements for maintaining such equipments.
Lastly, the backing up of data is much more effective than the traditional ways of
database management. This also helps in addressing disaster mitigation process of the system.
Recommendations for access protection:
This section of the report focuses on the provisions of security access to Webb’s Store
systems.
IaaS infrastructure:
The access to the IaaS infrastructure is done by physical access, internet access, web
console and APIs. The physical access is provided by the cloud vendor. Their standards and
protocols are complied for security and the organization is recommended to analyze these
policies (Jadeja & Modi, 2012). The security in internet access is done by accepting solutions of
other vendors like the Cloud Sigma. They make use of firewall techniques that could be setup by
the organizations itself. In case of console usage and APIs, the organization also needs to apply
tighter security features for access.
Ms SQL Server 2012 R2 cloud instance:
The access to the cloud instance can be provided by establishing a secure session using a
secure access protocol such as SSHv2 or TLS/SSL. The access to VM instances will be done by
using multi factor authentication with one of the authentication factors like a public key
certificate. The enabling of privileged access to server instances from IaaS cloud consumer’s
corporate network is to be recommended for the access protection.

12CLOUD COMPUTING
Cloud infrastructure:
The use of browsers to access the cloud must be minimized, as they are prone to injection
attacks. The presence of security tools is needed in the VMs to enable information leak and back
door intrusion (Suo et al., 2013). These antivirus tools must also be used to remove malware
form the system.
Cloud backup and restore:
In cases when the cloud solutions are provided from the vendors, the reliance of security
can be weak depending on their adopted features (Suo et al., 2013). If the adopted security
measures are weak, then breaches can be possible which can lead in the halting of the business
prospects. The need for encryption in the data that is being backed up is required to mitigate such
risks and the vendor must apply strong authentication features.
Conclusion:
Thus, it is concluded from the report that the cloud process is mainly concerned with the
removal of physical levels of the infrastructure so that their existence is based on the cloud. After
careful analysis of the various risks associated in all aspects of cloud features, it is recommended
that the migration of the database by the Webb’s Store to be effectively done by considering the
risks discussed.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

13CLOUD COMPUTING
References:
Garrison, G., Kim, S., & Wakefield, R. L. (2012). Success factors for deploying cloud
computing. Communications of the ACM, 55(9), 62-68.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1),
5.
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges.
In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International
Conference on (pp. 877-880). IEEE.
Jula, A., Sundararajan, E., & Othman, Z. (2014). Cloud computing service composition: A
systematic literature review. Expert Systems with Applications, 41(8), 3809-3824.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models
(SaaS, PaaS, and IaaS). John Wiley & Sons.
Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud
computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.
Kumar, S., & Goudar, R. H. (2012). Cloud Computing-Research Issues, Challenges,
Architecture, Platforms and Applications: A Survey. International Journal of Future
Computer and Communication, 1(4), 356.
Li, J., Qiu, M., Ming, Z., Quan, G., Qin, X., & Gu, Z. (2012). Online optimization for scheduling
preemptable tasks on IaaS cloud systems. Journal of Parallel and Distributed
Computing, 72(5), 666-677.
Mauch, V., Kunze, M., & Hillenbrand, M. (2013). High performance cloud computing. Future
Generation Computer Systems, 29(6), 1408-1416.

14CLOUD COMPUTING
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.
Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud
computing. In Wireless Communications and Mobile Computing Conference (IWCMC),
2013 9th International (pp. 655-659). IEEE.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and
privacy for storage and computation in cloud computing. Information Sciences, 258, 371-
386.
Xu, X. (2012). From cloud computing to cloud manufacturing. Robotics and computer-
integrated manufacturing, 28(1), 75-86.
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation
computer systems, 28(3), 583-592.

1 out of 15

+13062052269

info@desklib.com

Cloud Security Risks and Recommendations for Effective Migration

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Cloud Security and Data Control

Cloud Security Risks for Webb's Store

Cloud Computing for Webb's Stores

IaaS Security Threats and Mitigation

Cloud Computing for Small Businesses

Cloud Computing Applications and Migration