Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cloud Access Protection Strategies

Verified

Added on 2019/11/08

AI Summary

The assignment content discusses the effects of cloud computing on disaster recovery (DR) plans. It highlights how a cloud-based DR plan would utilize virtualization tools to combine server resources, reducing the need for physical servers and resulting in faster recovery times. Additionally, it emphasizes the importance of securing cloud resources through authentication, authorization, and accountability (AAA), as well as implementing firewalls, intrusion detection systems, and encryption to protect data.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
Assessment 1
Security Management and Migration
[Student Name, ID]
[Student Email]
[Professor’s Name Here]
[Date Here]
[Name] [Student No.]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

CLOUD COMPUTING
Executive Summary
Virtualization technologies are defiantly the next big thing in the world of technology as they
present new and refined platforms for conducting different operations in the digital
environment. As an example of these technologies, cloud computing is at the forefront of
delivering services and resources to users based on their immediate needs. This outcome
makes the technology a key component of IT as it allows users to maximise on resources
while increasing the benefits and conveniences of operations. Now, similar objectives are
held by Webb’s Stores, who in their existing IT infrastructure are presented with many
challenges particularly in the management of their data. Therefore, this report outlines the
steps and procedures that can be used to deploy the cloud infrastructure in accordance with
the organization’s requirements. Moreover, the report also offers decisive recommendations
on the tools, procedures and measures to implement in order to safeguard the data used.
[Name] [Student No.] 2

CLOUD COMPUTING
Table of Contents
Contents Page
Task 1: IaaS security..........................................................................3
a. IaaS security...................................................................................3
b. Benefits and issues of the security features...................................3
Task 2: Risks of cloud migration.......................................................4
a. Database risks.............................................................................4
b. IaaS infrastructure.......................................................................5
c. Communication between IaaS (CSP) and Webb’s Stores..........5
Task 3: Backup and archival of records...........................................6
a. Risks of cloud backups...............................................................6
i. Backing up data.........................................................................6
ii. Storage of data in the cloud.....................................................6
iii. Retrieval of data......................................................................7
b. How DR plan is affected by the cloud resource........................7
Task 4: Cloud access protection........................................................8
a. IaaS infrastructure.......................................................................8
b. Ms SQL cloud server instance....................................................8
c. Cloud network structure..............................................................9
d. Cloud back-up and restoration structure.....................................9
References..........................................................................................10
[Name] [Student No.] 3

CLOUD COMPUTING
Task 1: IaaS security
a. IaaS security
Most modern IaaS infrastructure will offer adequate security features, however, the leasing
organization (like Webb) should enforce them in their own resources rather than expect the
service providers to do so. Nevertheless, there are key types of security measures to
implement:
Data encryption – it’s outlined as the main and most important methods of protecting data
as it meticulously manages security systems including the access keys as they are
thoroughly encrypted.
Network encryption – most cloud service providers (CSP) will empathize on the
encryption of the communication channel to deter interception threats that prey on the
vulnerabilities of data transportation.
Access control – to create accountability, Webb’s Stores, must know the people accessing
their critical database hosted in the IaaS resources. This accountability is enforced using
access control measures that manage user’s activities.
Finally, a security access brokers – known as CASBs, these are tools that help
administrators to identify and locate risks within the database thus providing a high-end
level encryption (Walker, 2015).
b. Benefits and issues of the security features
Benefits:
 First, protection against attacks more so, denial of service attacks that intercept
cloud services.
 Security of the data – the features would protect the critical database and its data.
[Name] [Student No.] 4

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

CLOUD COMPUTING
 Flexibility – with good security the users do not worry about server crashes or
excessive down time due to traffic congestion.
 Regulatory compliance – these features would ensure Webb’s Stores meet the
regulatory requirements for financial and personal data (Walker, 2015).
Issues:
 Data privacy – most of these procedures would require the users to surrender their
personal data which could infringe on their personal and privacy rights.
 Ambiguity in security roles – challenges may arise between the CSP and the store
because of the considerations of access control and data ownership.
 Conflict of security features – some security measures may identify others as
intrusion thus may regularly disable or slow the entire IaaS infrastructure (Mehtra,
2014).
Task 2: Risks of cloud migration
a. Database risks
Security – although most CSPs will have better security features than in-house facilities,
migrating an entire database to a foreign infrastructure raises the concerns of its security.
Furthermore, the database will operate in a different environment where the physical
accountability is non-existence on behalf of the owner (leasing party, Webb’s Stores).
Migration – moving an entire database resource to the cloud is a daunting task that
requires project-like considerations. Therefore, it requires implementation procedures that
might fail.
Advanced change – the database will have many changes that may affect its
functionalities more so, to the end users (Healy, 2015).
[Name] [Student No.] 5

CLOUD COMPUTING
b. IaaS infrastructure
Security problems – IaaS offers excessive control to the user who may fail to implement
the necessary security features thus expose the entire structure to attacks. For one, access
may be given to unknown and unverifiable parties.
Control – having excessive control does not necessarily guarantee complete control and
thus the subscriber may lose control over the resources hosted in the cloud infrastructure.
Downtime – when all is said and done, the IaaS platform will require IT resources to
operate more so the internet which may fail or have downtime periods. Therefore, it will
subject the infrastructure to delays and downtime periods (Healy, 2015).
c. Communication between IaaS (CSP) and Webb’s Stores
Data security – any communication conducted between the IaaS resource and the store
may be intercepted through various attack methods such as malware intrusions.
Therefore, the subscriber must be aware of this risk and apply the necessary solutions.
Data privacy – having hosted the data online, the communication between the two parties
will mostly involve the access of confidential information stored in the cloud resource.
Moreover, the subscriber will regularly update this resource with confidential information
which is a serious risk.
Record retention – the communications are subject to retention requirements which can
also be used to compromise the infrastructure if they fell into the wrong hands as they
may contain sensitive data including access procedures (Romes, 2013).
[Name] [Student No.] 6

CLOUD COMPUTING
Task 3: Backup and archival of records
a. Risks of cloud backups
i. Backing up data
Large backup window – on-premise backups take shorter windows as the process is
conducted using LAN speeds. In fact, the only limitation is on the tape’s throughput,
however, cloud backups are limited by the internet resources i.e. speeds, bandwidth, and
throughput. Therefore, congestions and delays will put the backup procedures at risk
particularly when faced by a time sensitive scenario.
Small restoration window – consequently, when faced with a disaster, the subscribing
organization will require all its data at once, an outcome that will be delayed by the
access factors i.e. speeds, throughput and bandwidth.
Loss of data – with the onsite resource (tapes) the user can backup data based on a certain
framework e.g. weekly, monthly and yearly. This outcome can help retrieve certain
archives based on the user’s needs, however, with cloud resources, backups overwrite the
previous versions. Therefore, older versions of data cannot be accessed if needed (Manes,
2012).
ii. Storage of data in the cloud
Access risk – with on-site resources, storage is closely monitored which ensure the right
personnel accesses it. However, with cloud storage, the subscribers depends on the CSP
to ensure the data is secure and that the storage is only accessed by them.
Storage management –consider the number of subscribers supported by a single CSP.
Now, due to the number of subscribers, the CSP may fail to isolate the data properly thus
leak information from one subscriber to another. Moreover, misconfiguration is a notable
risk that may expose the storage facilities to the public at large.
[Name] [Student No.] 7

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

CLOUD COMPUTING
System outage – unlike in-house resources, a subscriber storage resource is usually
subject to downtimes and outages just like any other online resource. Therefore, despite
the advantages offered by cloud storage, there is always the possibility of losing access to
the data. This outcome can be caused by many factors including the existence of system
breaking bugs (Healy, 2015).
iii. Retrieval of data
Retrieval time – the critical concern as the retrieval process may be time sensitive thus
delay the application of the said data. While using the cloud resource, the subscriber’s
retrieval process is subject to the factors of accessing online resources which are quite
extensive.
Cybercrime – several serious attacks have occurred in the recent past which outline the
risk of using cloud infrastructures. Now, while retrieving data from a compromised cloud
facility, the process can be tracked back to the subscriber to infect the in-house facilities.
Therefore, a subscriber can deliberately grant access to intruders while having the false
assumption that they are retrieving their original data (Sovetkin, 2017).
b. How DR plan is affected by the cloud resource
In general, the DR plan considered by Webb’s Stores will change into a cloud DR having
a virtualization approach. In this approach, the entire server which includes the operating
systems, Softwares and system patches will be combined to form a single virtualised
structure. Therefore, in case of a disaster, the entire copy including the data lost will be
required in a matter of minutes if the single virtual structure is physically acquired from
the CSP. This outcome will drastically affect the company’s DR plan as it will use fewer
resources while meeting the same objectives.
Moreover, the virtualization tools and resources will be independent of the hardware
resources. Therefore, the software resources such as OS, applications and patches will be
[Name] [Student No.] 8

CLOUD COMPUTING
transferred from one data centre to another without reloading each and every operational
component. Again, this outcome will reduce the overall recovery time used to restore
resources in case of disasters. In all, with cloud resources, Webb’s backup and restoration
strategy will become more cost effective while having a better recovery time. These
outcomes will be facilitated by the benefits outlined above and also by the ability to tune
the performance of the cloud resources based on the immediate needs (tech, 2017).
Task 4: Cloud access protection
a. IaaS infrastructure
AAA strategy – IaaS offers excessive control to the user which means there are a lot of
resources disposed to the subscriber. The AAA strategy would require the authentication,
authorization and accountability of resources. This can be done using verifiable all-
inclusive tools available in the market including some that are provided by CSPs.
Resource management – the organization should monitor all the resources exchanged
between them and the CSP in order to verify the security of the IaaS structure. In essence,
the resource should not alter in operation (Mehtra, 2014).
b. Ms SQL cloud server instance
SQL authentication – when the logical server is created for the SQL instance, specific
access resources are given including username and passwords. Now, these resources
should me made using the best security procedures, for instance, they should be unique
having strong and undetectable characters.
Firewall – this security feature will manage the access given to the cloud instance. This
process will be conducted using the access information presented by the users more so,
the IP addresses (Microsoft, 2017).
[Name] [Student No.] 9

CLOUD COMPUTING
c. Cloud network structure
Network management – intrusion detection systems should be used to monitor the
services offered by the cloud infrastructure. These systems would alert the administration
of any access problems/threats thus help mitigate them before they cause any substantial
damage.
Firewalls – similar to the cloud instance, the network structure should only be accessed
by verifiable members. This consideration would be made using the firewalls which
would also manage the data streams based on a verifiable checklist (Microsoft, 2017).
d. Cloud back-up and restoration structure
CASB – backup and restoration procedures will involve two different systems and in this
case, two different parties will be used. Now, the CASB as outlined before will offer end
to end access protection based on the user's considerations. Furthermore, this platform
will offer endpoint protection using proxies and verifiable APIs.
Encryption – also known as tokenization, encryption would ensure that the backup
procedures are conducted safely despite that nature of the channels used. Cloud resources
will operate within the online platform where security is never guaranteed. Therefore, by
tokenizing the backup and restoration data, the integrity and authenticity of the resources
are maintained more so after the occurrence of a disaster (Symantec, 2017).
[Name] [Student No.] 10

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

CLOUD COMPUTING
References
Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Retrieved 09 September, 2017,
from: http://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud.
Manes, C. (2012). What are the risks of backing up your business data in the cloud? Disaster
recover journal , Retrieved 09 September, 2017, from:
https://www.drj.com/articles/online-exclusive/what-are-the-risks-of-backing-up-your-
business-data-in-the-cloud.html.
Mehtra, H. (2014). Issues and Standards in Cloud Security. Retrieved 09 September, 2017,
from: https://www.cse.wustl.edu/~jain/cse571-14/ftp/cloud_security/index.html.
Microsoft. (2017). Azure SQL Database access control. Microsoft Azure, Retrieved 09
September, 2017, from: https://docs.microsoft.com/en-us/azure/sql-database/sql-
database-control-access.
Romes, R. (2013). The Benefits and Risks of Cloud Computing. Cla connect, Retrieved 09
September, 2017, from: http://www.claconnect.com/resources/articles/the-benefits-
and-risks-of-cloud-computing.
Sovetkin, M. (2017). IaaS Security: Threats and Protection Methodologies. eSecurity planet,
Retrieved 09 September, 2017, from: http://www.esecurityplanet.com/network-
security/iaas-security-threats-and-protection-methodologies.html.
Symantec. (2017). Symantec Cloud Data Protection & Security. Symantec, Retrieved 09
September, 2017, from: https://www.symantec.com/products/cloud-data-protection-
security.
tech, O. (2017). Benefits of Disaster Recovery in Cloud Computing. Retrieved 09 September,
2017, from: http://www.onlinetech.com/resources/references/benefits-of-disaster-
recovery-in-cloud-computing.
Walker, S. (2015). 5 Benefits of a Cloud Computing Security Solution. TBCONSULTING,
Retrieved 09, September, 2017, from: https://www.tbconsulting.com/blog/5-benefits-
of-a-cloud-computing-security-solution/.
[Name] [Student No.] 11

1 out of 11

+13062052269

info@desklib.com

Cloud Access Protection Strategies

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Cloud Computing Risks and Benefits

IaaS Security Threats and Mitigation

Cloud Computing Security Risks and Benefits

Cloud Security Risks and Mitigation

Mobile Cloud Computing: A Survey

Cloud Security Risks for Webb's Store