Cloud Computing: Security and Challenges
VerifiedAdded on  2020/03/23
|21
|5398
|51
AI Summary
This assignment delves into the crucial topic of cloud computing security. It examines various aspects, such as security frameworks, threats, vulnerabilities, data protection strategies, and legal considerations. The provided references encompass diverse perspectives on cloud security, ranging from architectural overviews to specific challenges and solutions. Understanding these complexities is essential for ensuring secure and reliable deployments in the cloud environment.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
IT Risk Assessment
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Executive Summary
In the today’s world, all the businesses are integrated with the internet. It has become an essential
part of the daily operations of the company. Cloud services are one of the latest technologies
which are used by the companies. The cloud service refers to uploading encrypted data on the
internet. Through such development, the IT helps the company to offers services to its customers
24/7. Aztek Solution is an Australia based company which offers services in the financial sector.
The company’s executive and the IT department propose some changes in the business.
The migrated data and information is one of the most beneficial services of cloud computing.
Through this solution, the business can achieve too many changes in the company and also it
helps the business in assisting customers in effective manner. However, there are different types
of the threats which are associated with the proposal which need to be address carefully.
Furthermore, to overcome such type of threats the company can adopt different security
methodology.
In the today’s world, all the businesses are integrated with the internet. It has become an essential
part of the daily operations of the company. Cloud services are one of the latest technologies
which are used by the companies. The cloud service refers to uploading encrypted data on the
internet. Through such development, the IT helps the company to offers services to its customers
24/7. Aztek Solution is an Australia based company which offers services in the financial sector.
The company’s executive and the IT department propose some changes in the business.
The migrated data and information is one of the most beneficial services of cloud computing.
Through this solution, the business can achieve too many changes in the company and also it
helps the business in assisting customers in effective manner. However, there are different types
of the threats which are associated with the proposal which need to be address carefully.
Furthermore, to overcome such type of threats the company can adopt different security
methodology.
Table of Contents
INTRODUCTION...........................................................................................................................4
MERITS OF THE EXTERNAL CLOUD SOLUTION..................................................................4
CLOUD COMPUTING IN FINANCIAL SECTOR AND OTHER REGULATIONS..................6
EXTERNAL SYSTEM’S IMPACT ON PRESENT’s SECURITY POSTURE SYSTEM............9
RISK OF USING THE EXTERNAL CLOUD SERVICES.........................................................11
DATA SECURITY THREATS FOR USING THE EXTERNAL CLOUD COMPUTING........15
CONCLUSION..............................................................................................................................16
REFERENCES..............................................................................................................................18
INTRODUCTION...........................................................................................................................4
MERITS OF THE EXTERNAL CLOUD SOLUTION..................................................................4
CLOUD COMPUTING IN FINANCIAL SECTOR AND OTHER REGULATIONS..................6
EXTERNAL SYSTEM’S IMPACT ON PRESENT’s SECURITY POSTURE SYSTEM............9
RISK OF USING THE EXTERNAL CLOUD SERVICES.........................................................11
DATA SECURITY THREATS FOR USING THE EXTERNAL CLOUD COMPUTING........15
CONCLUSION..............................................................................................................................16
REFERENCES..............................................................................................................................18
INTRODUCTION
Information Technology services have become integrated part of the business. By adopting the
Information Technology (IT) infrastructure, the business can lead to many required changes in
the business and it helps to capture more business opportunities in the market. The IT
infrastructure assists the company to improve its customer’s services and the operational
activities. Cloud service is one of the advanced technology which are used by the business
organization in the present time (Almorsy, Grundy, and Müller, 2016). The present report is
based on Aztek, which is an Australia based finance company. It offers different type of the
financial services to its customers. Companies’ executives and IT management proposed changes
in the IT environment of firms. The present reports highlight different aspects of cloud
computing and related security threats. The report also provides information related to the
security methodology which can be adopted by the company to provide high security to cloud
system.
MERITS OF THE EXTERNAL CLOUD SOLUTION
Aztek is the finance company which is offering different types of the financial service to its
customers. The company and its IT management have proposed to change the information
technology infrastructure in order to provide better security to the business. So, the company
proposed to collaborate with external cloud data host service (Bruneo, 2014). The external cloud
services help the company to prevent its data and the information from the threat. It assists to
company in providing better security and achieves cost-optimization. In the finance sector, the
main role of the IT is to assist the customers through the internet services. Internet has become
an integrated part of the business. So with adoption of the IT facilities, company can easily
Information Technology services have become integrated part of the business. By adopting the
Information Technology (IT) infrastructure, the business can lead to many required changes in
the business and it helps to capture more business opportunities in the market. The IT
infrastructure assists the company to improve its customer’s services and the operational
activities. Cloud service is one of the advanced technology which are used by the business
organization in the present time (Almorsy, Grundy, and Müller, 2016). The present report is
based on Aztek, which is an Australia based finance company. It offers different type of the
financial services to its customers. Companies’ executives and IT management proposed changes
in the IT environment of firms. The present reports highlight different aspects of cloud
computing and related security threats. The report also provides information related to the
security methodology which can be adopted by the company to provide high security to cloud
system.
MERITS OF THE EXTERNAL CLOUD SOLUTION
Aztek is the finance company which is offering different types of the financial service to its
customers. The company and its IT management have proposed to change the information
technology infrastructure in order to provide better security to the business. So, the company
proposed to collaborate with external cloud data host service (Bruneo, 2014). The external cloud
services help the company to prevent its data and the information from the threat. It assists to
company in providing better security and achieves cost-optimization. In the finance sector, the
main role of the IT is to assist the customers through the internet services. Internet has become
an integrated part of the business. So with adoption of the IT facilities, company can easily
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
provide excellent customers services (Almorsy, Grundy, and Müller, 2016). The cloud service
helps the company in increasing the capacity of storage and accessing the services or files from
anywhere. Following are the further merits of the external cloud solution for the company.
High Storage Capacity
The external cloud services lead to high number of storage capacity. In the internal management,
cloud provide a limited storage and backup facility ( Dinh, Lee, Niyato and Wang, 2013). So, the
company easily store different types of the data. Along with this, an external cloud service is also
providing high flexibility to the company. Employees of the company can easily access the data
from anywhere- any time. It helps to gather information without any geographical limitation. So,
the customers’ services become more feasible through the external cloud services. For example,
if one cloud is not working properly then users can assess the data from another cloud.
Effective Use of Resources
Another merit of the external cloud services is that it assist the organization in achieving cost and
the energy efficient services. The cloud service is based on the less energy consumption as
compared to the internal cloud service and the maintenance cost is also very low (Garg, Versteeg
and Buyya, and 2013). Through the external cloud services, less operational cost is incurred and
the employees of the company need to spend less time for maintaining different cloud services
such as maintenance of data and information. The cloud is managed by the vendor company in
the remote area. So, employees can use their time in other useful activities.
Reliability of Information
helps the company in increasing the capacity of storage and accessing the services or files from
anywhere. Following are the further merits of the external cloud solution for the company.
High Storage Capacity
The external cloud services lead to high number of storage capacity. In the internal management,
cloud provide a limited storage and backup facility ( Dinh, Lee, Niyato and Wang, 2013). So, the
company easily store different types of the data. Along with this, an external cloud service is also
providing high flexibility to the company. Employees of the company can easily access the data
from anywhere- any time. It helps to gather information without any geographical limitation. So,
the customers’ services become more feasible through the external cloud services. For example,
if one cloud is not working properly then users can assess the data from another cloud.
Effective Use of Resources
Another merit of the external cloud services is that it assist the organization in achieving cost and
the energy efficient services. The cloud service is based on the less energy consumption as
compared to the internal cloud service and the maintenance cost is also very low (Garg, Versteeg
and Buyya, and 2013). Through the external cloud services, less operational cost is incurred and
the employees of the company need to spend less time for maintaining different cloud services
such as maintenance of data and information. The cloud is managed by the vendor company in
the remote area. So, employees can use their time in other useful activities.
Reliability of Information
One more merits of the external cloud service are that it helps the company to offers its services
24/7 hours to all the customers. In the external cloud services, the company can easily assess
their data and the information without any time limit and organization can benefit from a
massive pool of redundant IT resources. However, the security of the cloud system is very
complex. So, it is very difficult for the outsiders to access information from the cloud without
permission (Jadeja, and Modi, 2012). If any server fails then the company can easily transfer all
of their data to another server. So, the reliability of data increased within organization.
CLOUD COMPUTING IN FINANCIAL SECTOR AND OTHER REGULATIONS
Aztek Corporation belongs to the financial sector. The company offers different types of the
financial services to their customers. The main aim of the cloud services in the financial sector is
use of the resources, data and the information effectively. Along with this, it also helps to
company to provide better services to customers through the internet (Khajeh-Hosseini,
Greenwood and Sommerville, 2010). The internet helps business to offers services to customers
without any time limit and the also it brings more flexibility within business. The external cloud
service provides high level of security to data and information related to the customers. In
Australia, the cloud service has become an integrated part of the business. There are many types
of laws and regulations which are imposed on the company in order to offer service through
cloud computing. Through such laws, the company cannot share the data and the personal
information of customers to anyone (Garg, Versteeg and Buyya, and 2013). Following are the
government and industrial practices of the company for the cloud system.
The Privacy Act
24/7 hours to all the customers. In the external cloud services, the company can easily assess
their data and the information without any time limit and organization can benefit from a
massive pool of redundant IT resources. However, the security of the cloud system is very
complex. So, it is very difficult for the outsiders to access information from the cloud without
permission (Jadeja, and Modi, 2012). If any server fails then the company can easily transfer all
of their data to another server. So, the reliability of data increased within organization.
CLOUD COMPUTING IN FINANCIAL SECTOR AND OTHER REGULATIONS
Aztek Corporation belongs to the financial sector. The company offers different types of the
financial services to their customers. The main aim of the cloud services in the financial sector is
use of the resources, data and the information effectively. Along with this, it also helps to
company to provide better services to customers through the internet (Khajeh-Hosseini,
Greenwood and Sommerville, 2010). The internet helps business to offers services to customers
without any time limit and the also it brings more flexibility within business. The external cloud
service provides high level of security to data and information related to the customers. In
Australia, the cloud service has become an integrated part of the business. There are many types
of laws and regulations which are imposed on the company in order to offer service through
cloud computing. Through such laws, the company cannot share the data and the personal
information of customers to anyone (Garg, Versteeg and Buyya, and 2013). Following are the
government and industrial practices of the company for the cloud system.
The Privacy Act
The Australian Privacy Act is developed to define how to handle the personal information of the
individuals. This act is set of policies and procedures which guide the company regarding
offering privacy to the individuals. As per the guideline of this act, the companies need to
provide full security for the customer’s information and the business cannot share such
information to any third party without permission of the customers (Krutz, and Vines, 2010). In
Aztek, there are different types of the information which are gathered from the customers such as
their personal detail, email and their earning etc. If such type of the sensitive information is
shared to someone else, then it creates problems for the customers. So, the company needs to
provide full security to the data and the information related to the customers. Along with this, the
database should also include information about the religion, politics or philosophical beliefs
affiliations, and health information, including genetic information (Manvi and Shyam, 2014).
All these information are updated on the cloud system if the company is using it. So according
to the Government regulation, the company need to provide privacy to such information
otherwise, they have to face the lawsuit.
Privacy Law while collecting data
During the collection of the information the companies need to provide disclosure. It provides
all information about the Privacy policy and the use. It also provides different situations in which
the company can use the personal information of the customers and the ways in which it can be
handed over to the third party (Ren, WangandWang, 2012). Through this, the customers also
become aware about their security and provide only basic information. During collection of the
information, the company also needs to provide information about how they monitor their
information and the personal records.
individuals. This act is set of policies and procedures which guide the company regarding
offering privacy to the individuals. As per the guideline of this act, the companies need to
provide full security for the customer’s information and the business cannot share such
information to any third party without permission of the customers (Krutz, and Vines, 2010). In
Aztek, there are different types of the information which are gathered from the customers such as
their personal detail, email and their earning etc. If such type of the sensitive information is
shared to someone else, then it creates problems for the customers. So, the company needs to
provide full security to the data and the information related to the customers. Along with this, the
database should also include information about the religion, politics or philosophical beliefs
affiliations, and health information, including genetic information (Manvi and Shyam, 2014).
All these information are updated on the cloud system if the company is using it. So according
to the Government regulation, the company need to provide privacy to such information
otherwise, they have to face the lawsuit.
Privacy Law while collecting data
During the collection of the information the companies need to provide disclosure. It provides
all information about the Privacy policy and the use. It also provides different situations in which
the company can use the personal information of the customers and the ways in which it can be
handed over to the third party (Ren, WangandWang, 2012). Through this, the customers also
become aware about their security and provide only basic information. During collection of the
information, the company also needs to provide information about how they monitor their
information and the personal records.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Law while Updating Data on the Cloud
The external cloud services are monitored by the third party in the remote area. So, the company
needs to make sure that personal and sensitive data of the customers is updated with high
security and no data is leaked during this process (Sanaei, Abolfazli, GaniandBuyya, 2014). In
addition, the company can collect the data only for maintaining its general operation within
industry. Along with this, while using the customer’s information the company should ask the
buyer. So, the customers should also become aware about entity’s activities.
Data and Personal Information Security
In the cloud system, the main concern for the company is to maintain the security of the data and
relevant information (Sanaei, Abolfazli, GaniandBuyya, 2014). The external cloud hosting
services are controlled by a third party in the remote area. According to the Privacy Act, the
companies need to make sure that the data is protected from the hackers. For providing better
security to the customers, the company needs to make sure that the data and the information
which is irreverent should be destroyed or permanently removed (Sultan, 2014). Through this,
the company can safely store data on the cloud and can maintain the security of data.
Breach of Information
Breach of information refers to the information which is leaked to the third party. This
information is confidential in nature and is important for the organization. In the database of a
company, there is lot of data stored and if any type of information is leaked then the company
can face privacy breach complaints from the customers or government. Aztek is financial
company, so the company needs to take care about the financial information related to the
customers and also they need to make sure that such information is used by company only for
The external cloud services are monitored by the third party in the remote area. So, the company
needs to make sure that personal and sensitive data of the customers is updated with high
security and no data is leaked during this process (Sanaei, Abolfazli, GaniandBuyya, 2014). In
addition, the company can collect the data only for maintaining its general operation within
industry. Along with this, while using the customer’s information the company should ask the
buyer. So, the customers should also become aware about entity’s activities.
Data and Personal Information Security
In the cloud system, the main concern for the company is to maintain the security of the data and
relevant information (Sanaei, Abolfazli, GaniandBuyya, 2014). The external cloud hosting
services are controlled by a third party in the remote area. According to the Privacy Act, the
companies need to make sure that the data is protected from the hackers. For providing better
security to the customers, the company needs to make sure that the data and the information
which is irreverent should be destroyed or permanently removed (Sultan, 2014). Through this,
the company can safely store data on the cloud and can maintain the security of data.
Breach of Information
Breach of information refers to the information which is leaked to the third party. This
information is confidential in nature and is important for the organization. In the database of a
company, there is lot of data stored and if any type of information is leaked then the company
can face privacy breach complaints from the customers or government. Aztek is financial
company, so the company needs to take care about the financial information related to the
customers and also they need to make sure that such information is used by company only for
function of regular operations (Taylor, Haggerty, Gresty and Lamb, 2011). Such security breach
can also damage the reputation of the company and damaged incurred would be payable by the
company. So, the company needs to maintain high level of security within company’s
legislations.
EXTERNAL SYSTEM’S IMPACT ON PRESENT SECURITY POSTURE SYSTEM
The Security Posture refers to the company’s network, information and the systems based on the
IA resources (e.g., people, hardware, software, policies) and the capabilities in place to manage
the defiance of the enterprise against internal and external security attacks. Aztek Company is
trying to improve the IT threats from its current business operations. So, the company wants to
hire the external cloud service provider so they can easily maintain the data and information
throughout its business (Ward and Sipior, 2010). Currently, the company has its own database
center to collect the data. By adopting the external cloud services, the company can also face
changes in its internal security system. Business’s structure polices and employees all are
affected by such changes. Given below is the external impact on the present security posture.
Company’s Capabilities
With the help of external cloud services, the company’s capabilities increase from the current
situations. The employees do not need to maintain the current operations and they can utilize
their time in other organization’s operations. The external cloud is controlled by a third party so
they can effectively manage work (Zissis and Lekkas, 2012). Along with it, storage is also
unlimited, the company can store data at any server and also they can access the data from
anywhere. The business firm can also assist the customers in effective manner and provide
storage capabilities according to the buyer’s requirements. However, the external cloud can also
can also damage the reputation of the company and damaged incurred would be payable by the
company. So, the company needs to maintain high level of security within company’s
legislations.
EXTERNAL SYSTEM’S IMPACT ON PRESENT SECURITY POSTURE SYSTEM
The Security Posture refers to the company’s network, information and the systems based on the
IA resources (e.g., people, hardware, software, policies) and the capabilities in place to manage
the defiance of the enterprise against internal and external security attacks. Aztek Company is
trying to improve the IT threats from its current business operations. So, the company wants to
hire the external cloud service provider so they can easily maintain the data and information
throughout its business (Ward and Sipior, 2010). Currently, the company has its own database
center to collect the data. By adopting the external cloud services, the company can also face
changes in its internal security system. Business’s structure polices and employees all are
affected by such changes. Given below is the external impact on the present security posture.
Company’s Capabilities
With the help of external cloud services, the company’s capabilities increase from the current
situations. The employees do not need to maintain the current operations and they can utilize
their time in other organization’s operations. The external cloud is controlled by a third party so
they can effectively manage work (Zissis and Lekkas, 2012). Along with it, storage is also
unlimited, the company can store data at any server and also they can access the data from
anywhere. The business firm can also assist the customers in effective manner and provide
storage capabilities according to the buyer’s requirements. However, the external cloud can also
create security concerns for the business. The employees of the company need to follow the
security protocol and learn to encrypt the messages so they can maintain the content of message
while updating data on cloud or data recovery.
Impact of Employees
The employees of the company are important assets. By adopting the external security services,
the company has to provide training to employees. The workers of the company need to learn
how to encrypt data. For Aztek, it is essential to develop effective interactions between the cloud
system and employees (Sarwar, and Khan, 2013). Along with this, all type of the security issues
and the guidelines should be provided to the employees so they can learn about the system
easily. Another impact of the external services on workers is that if they are not aware about the
system, it may leads to many types of problems.
Impact on the Policies and Procedures
Aztek is using its own database. The business needs to make sure that all the services are offered
to the customers effectively. The external cloud services need to be integrated with the policies
and laws of company so they can easily handle every type of security issue and its protocol
(Rebollo, Mellado. and Fernández-Medina, 2012). In order to make the external cloud services
an important part of the company’s database, business also need to change the policies and
procedures through which they can provide better services to customers in effective manner.
Impact on the Hardware and Software System
Aztek need to update its hardware and software according to the cloud system. The external
cloud system is automatically updated so the company also needs to update their own security
security protocol and learn to encrypt the messages so they can maintain the content of message
while updating data on cloud or data recovery.
Impact of Employees
The employees of the company are important assets. By adopting the external security services,
the company has to provide training to employees. The workers of the company need to learn
how to encrypt data. For Aztek, it is essential to develop effective interactions between the cloud
system and employees (Sarwar, and Khan, 2013). Along with this, all type of the security issues
and the guidelines should be provided to the employees so they can learn about the system
easily. Another impact of the external services on workers is that if they are not aware about the
system, it may leads to many types of problems.
Impact on the Policies and Procedures
Aztek is using its own database. The business needs to make sure that all the services are offered
to the customers effectively. The external cloud services need to be integrated with the policies
and laws of company so they can easily handle every type of security issue and its protocol
(Rebollo, Mellado. and Fernández-Medina, 2012). In order to make the external cloud services
an important part of the company’s database, business also need to change the policies and
procedures through which they can provide better services to customers in effective manner.
Impact on the Hardware and Software System
Aztek need to update its hardware and software according to the cloud system. The external
cloud system is automatically updated so the company also needs to update their own security
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
system in order to offer better security services. When Aztek use its own security system, they
can easily control other system and related sensitive information (Luna, Ghani, Vateva and Suri,
2012). It controls the system so the company needs to make leverage between the software and
the new proposed system. With this strategy, the company can control the data if any disaster
appears. It helps firm to store and the backup data if any type of problems appears.
RISK OF USING THE EXTERNAL CLOUD SERVICES
Aztek Company has realized that by using external cloud services the organization can bring
many types of the business opportunities. In the financial sector, with cloud computing the
company can also assist its customers in an effective manner and with the help of cloud service
the company can also collect data for long term purpose (Chen and Zhao, 2012). On the other
hand, in the external host services the business has no control. However, the company has to face
many types of the risks which are associated with the storing data to a third service provider. The
cloud computing is handled by the third party in the remote environment. If once data is leaked
the companies do not have control the data and security network. So, for better security services,
IT management of the company has to clearly identify control over data and control should be
gained on other risks which are associated with the external cloud computing information (Luna,
Ghani, Vateva and Suri, 2012).
Security Issues
The main issue which is associated with the external cloud computing is security issue of data
and information. The security of the company can be assessed by the outsiders in cloud
computing. The data of the cloud environment can be easily accessed by other users if they find
the password (Almorsy, Grundy and Müller, 2016). By gaining password, the malicious users
can easily control other system and related sensitive information (Luna, Ghani, Vateva and Suri,
2012). It controls the system so the company needs to make leverage between the software and
the new proposed system. With this strategy, the company can control the data if any disaster
appears. It helps firm to store and the backup data if any type of problems appears.
RISK OF USING THE EXTERNAL CLOUD SERVICES
Aztek Company has realized that by using external cloud services the organization can bring
many types of the business opportunities. In the financial sector, with cloud computing the
company can also assist its customers in an effective manner and with the help of cloud service
the company can also collect data for long term purpose (Chen and Zhao, 2012). On the other
hand, in the external host services the business has no control. However, the company has to face
many types of the risks which are associated with the storing data to a third service provider. The
cloud computing is handled by the third party in the remote environment. If once data is leaked
the companies do not have control the data and security network. So, for better security services,
IT management of the company has to clearly identify control over data and control should be
gained on other risks which are associated with the external cloud computing information (Luna,
Ghani, Vateva and Suri, 2012).
Security Issues
The main issue which is associated with the external cloud computing is security issue of data
and information. The security of the company can be assessed by the outsiders in cloud
computing. The data of the cloud environment can be easily accessed by other users if they find
the password (Almorsy, Grundy and Müller, 2016). By gaining password, the malicious users
can easily gain access to the private information of the organization. Therefore, the company
needs to make sure that it uses mixed complex structure password which is difficult to crack by
unauthorized party. Business owners need to evaluate each option in effective manner before
selecting any security protocol for the organization.
Unauthorized Access of Data
In cloud computing, the unauthorized users can easily access data if the users are not limited n
number. The data and all other essential information of the company can be hacked by the
company if the users data is not encrypted (Bruneo, 2014). The business content can be hacked
by the hackers while uploading and the restoring data. The business need to use the encrypted
data format in order to avoid the malicious users and the also the management need to limit the
access to the database of the organization.
Backup Window
While uploading and restoring data, the company needs to use strong internet connection as these
processes are dependent on the connection speed. By using the LAN method, the data can be
easily uploaded and the restored on the database (Dinh, Lee, Niyato and Wang, 2013). So, the
companies need to make sure to use the strong internet so data can be uploaded without any
problems. If Aztek do not have the strong internet connection, then hackers can easily hack the
information from the database and use it for their own purpose.
Limited Control and Flexibility
The cloud services provide only limited control and flexibility to the users. The external cloud
services are monitored by the third party i.e. service vendor, who develop software according to
needs to make sure that it uses mixed complex structure password which is difficult to crack by
unauthorized party. Business owners need to evaluate each option in effective manner before
selecting any security protocol for the organization.
Unauthorized Access of Data
In cloud computing, the unauthorized users can easily access data if the users are not limited n
number. The data and all other essential information of the company can be hacked by the
company if the users data is not encrypted (Bruneo, 2014). The business content can be hacked
by the hackers while uploading and the restoring data. The business need to use the encrypted
data format in order to avoid the malicious users and the also the management need to limit the
access to the database of the organization.
Backup Window
While uploading and restoring data, the company needs to use strong internet connection as these
processes are dependent on the connection speed. By using the LAN method, the data can be
easily uploaded and the restored on the database (Dinh, Lee, Niyato and Wang, 2013). So, the
companies need to make sure to use the strong internet so data can be uploaded without any
problems. If Aztek do not have the strong internet connection, then hackers can easily hack the
information from the database and use it for their own purpose.
Limited Control and Flexibility
The cloud services provide only limited control and flexibility to the users. The external cloud
services are monitored by the third party i.e. service vendor, who develop software according to
the preferences of the customers. Along with this, it can also be controlled by a third party in the
remote area (Garg, Versteeg and Buyya, and 2013). So, the company does not have any control
over the database. If the company’s information is leaked then the business cannot control it. So,
Azetek need to make sure to monitor each users’ devices and the also limit the number of users
in network security.
Increased Vulnerability
The cloud computing is directly linked with internet and on the internet not all data and
information is secured. The cloud is riskier because it can be easily accessed by malicious users
and hackers (Jadeja, and Modi, 2012). The cloud services are fully interdependent on the internet
and all the information and the data is handled through internet only. So Aztek need to make sure
that LAN should be fully secured and the speed of internet is also according the data storage.
Permanent Data Loss
The Aztek can also face issues if the data is not uploaded in an effective manner. The business
should make sure that all the data should be uploaded within the time the data otherwise the data
loss will be permanent. The malicious users can hack data, delete or make modification in the
database. Such type of activities can lead to threat to the company and customers (Khajeh-
Hosseini, Greenwood and Sommerville, 2010). Due to this, the company can also lose their
sensitive data and information from the database. It leads to damage to the company which may
occur in the financial terms.
Data Breaches
remote area (Garg, Versteeg and Buyya, and 2013). So, the company does not have any control
over the database. If the company’s information is leaked then the business cannot control it. So,
Azetek need to make sure to monitor each users’ devices and the also limit the number of users
in network security.
Increased Vulnerability
The cloud computing is directly linked with internet and on the internet not all data and
information is secured. The cloud is riskier because it can be easily accessed by malicious users
and hackers (Jadeja, and Modi, 2012). The cloud services are fully interdependent on the internet
and all the information and the data is handled through internet only. So Aztek need to make sure
that LAN should be fully secured and the speed of internet is also according the data storage.
Permanent Data Loss
The Aztek can also face issues if the data is not uploaded in an effective manner. The business
should make sure that all the data should be uploaded within the time the data otherwise the data
loss will be permanent. The malicious users can hack data, delete or make modification in the
database. Such type of activities can lead to threat to the company and customers (Khajeh-
Hosseini, Greenwood and Sommerville, 2010). Due to this, the company can also lose their
sensitive data and information from the database. It leads to damage to the company which may
occur in the financial terms.
Data Breaches
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
It refers to leak in the private information of the company’s database. In the data breach, the
company may lose its sensitive information and also due to this the company has to face sveral
lawsuit. The external cloud services should be able to handle large amount of data and any one
can store the data on the cloud easily (Luna, Ghani, Vateva and Suri, 2012). So, for the company
it can create problem as they are not able to handle the data breach.
Recommendations to Overcome Cloud System’s Threats
In order to overcome the threats available in the cloud, the company can utilize different types of
the decision (Krutz, and Vines, 2010). The Aztek want to secure its IT department by adopting
the proposed IT project. By adopting recommendations, business can optimize its operations and
also it leads to enhancement of security for the company. Following are the commendation for
the company to overcome the IT threats
Limit the Users of Security Network
The first recommendation for the company is that they need to make the security more strong,
for this the company takes several steps such as limiting the access of users. The business need to
limit the number of people who can assess the network. Along with this, Aztek needs to make
sure to monitor employee’s devices (Manvi and Shyam, 2014). Through this, the company can
provide more secure network to the company and its stakeholders. Only few employees should
have the right to access the data and cloud services in order to control the breaches in the
database security.
Use of Firewalls
company may lose its sensitive information and also due to this the company has to face sveral
lawsuit. The external cloud services should be able to handle large amount of data and any one
can store the data on the cloud easily (Luna, Ghani, Vateva and Suri, 2012). So, for the company
it can create problem as they are not able to handle the data breach.
Recommendations to Overcome Cloud System’s Threats
In order to overcome the threats available in the cloud, the company can utilize different types of
the decision (Krutz, and Vines, 2010). The Aztek want to secure its IT department by adopting
the proposed IT project. By adopting recommendations, business can optimize its operations and
also it leads to enhancement of security for the company. Following are the commendation for
the company to overcome the IT threats
Limit the Users of Security Network
The first recommendation for the company is that they need to make the security more strong,
for this the company takes several steps such as limiting the access of users. The business need to
limit the number of people who can assess the network. Along with this, Aztek needs to make
sure to monitor employee’s devices (Manvi and Shyam, 2014). Through this, the company can
provide more secure network to the company and its stakeholders. Only few employees should
have the right to access the data and cloud services in order to control the breaches in the
database security.
Use of Firewalls
The second recommendation for the company is the use of firewall system. The firewall system
is the medium which create barriers between the internal and external business environment.
Through this system, Aztek can manage its business activities and control its internal network
security environment in an effective manner (Ren, Wang andWang, 2012). The firewall system
can control and monitor all information which is sent outside the company and if it finds any
unauthorized users intruding the system then it alerts the administration. Through this, a secure
network environment can be developing.
Intrusion Detection System
This system can monitor the network and software applications. Through the detection system,
Aztek can control the network security and malicious activity. This system is based on the
certain polices and protocols and through this it can control the network system. It also has
filtering process and distinguishes malicious activity from false alarms (Sanaei, Abolfazli, Gani
and Buyya, 2014). With the help of such process it monitors on operating system and analyze
the network traffic.
Use of Vulnerability Scanner
The scanner can control the program which can control the present computer design and the
network. Through this, the company can identify the weak areas of the business and alert the IT
department (Krutz, and Vines, 2010). This scanner scans and monitors all the ongoing activities
in the system of the Aztek. Through it, they can develop better vulnerability management
methods to protect data in the business network.
is the medium which create barriers between the internal and external business environment.
Through this system, Aztek can manage its business activities and control its internal network
security environment in an effective manner (Ren, Wang andWang, 2012). The firewall system
can control and monitor all information which is sent outside the company and if it finds any
unauthorized users intruding the system then it alerts the administration. Through this, a secure
network environment can be developing.
Intrusion Detection System
This system can monitor the network and software applications. Through the detection system,
Aztek can control the network security and malicious activity. This system is based on the
certain polices and protocols and through this it can control the network system. It also has
filtering process and distinguishes malicious activity from false alarms (Sanaei, Abolfazli, Gani
and Buyya, 2014). With the help of such process it monitors on operating system and analyze
the network traffic.
Use of Vulnerability Scanner
The scanner can control the program which can control the present computer design and the
network. Through this, the company can identify the weak areas of the business and alert the IT
department (Krutz, and Vines, 2010). This scanner scans and monitors all the ongoing activities
in the system of the Aztek. Through it, they can develop better vulnerability management
methods to protect data in the business network.
DATA SECURITY THREATS FOR USING THE EXTERNAL CLOUD COMPUTING
There are different types of treats which are associated with cloud computing. In all types of
threats, the major threats which are related to the company are security concern. Aztek has a
large number of customers and offers different types of services through which they can retain
customers in the company (Sultan, 2014). The major security concern for the business is to
provide security to data and information. If such type of information leaks outside the company,
then business has to top face a lot issues such as lawsuits or damage of brand image. So, business
need to identify all potential security threats which are available in business network in order to
provide better security to company.
Snooping
All the data and the information uploaded on the cloud by the company by its server. All
the files which are uploaded on the internet can be easily used by anyone. Internet has become an
easy way to hack files and other information. All the people are aware about the internet and its
usage. So, the company needs to encrypt the data before uploading data on the cloud (Taylor,
Haggerty, Gresty and Lamb, 2011). Even if the data are encrypted, it can be easily modified or
deleted by the users. So, the company needs to make sure to continue the adoption of cloud
destination through which the hackers can control over the data.
No Control on the Data and Cloud System
There are different types of the cloud services such as Google or drop-box. It offers a wide range
of the storage facility to everyone who can control the network (Ward and Sipior, 2010). Aztek
does not have any type of control over the data which leads to serious IT threats. So, the
business does not have to control the data.
There are different types of treats which are associated with cloud computing. In all types of
threats, the major threats which are related to the company are security concern. Aztek has a
large number of customers and offers different types of services through which they can retain
customers in the company (Sultan, 2014). The major security concern for the business is to
provide security to data and information. If such type of information leaks outside the company,
then business has to top face a lot issues such as lawsuits or damage of brand image. So, business
need to identify all potential security threats which are available in business network in order to
provide better security to company.
Snooping
All the data and the information uploaded on the cloud by the company by its server. All
the files which are uploaded on the internet can be easily used by anyone. Internet has become an
easy way to hack files and other information. All the people are aware about the internet and its
usage. So, the company needs to encrypt the data before uploading data on the cloud (Taylor,
Haggerty, Gresty and Lamb, 2011). Even if the data are encrypted, it can be easily modified or
deleted by the users. So, the company needs to make sure to continue the adoption of cloud
destination through which the hackers can control over the data.
No Control on the Data and Cloud System
There are different types of the cloud services such as Google or drop-box. It offers a wide range
of the storage facility to everyone who can control the network (Ward and Sipior, 2010). Aztek
does not have any type of control over the data which leads to serious IT threats. So, the
business does not have to control the data.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Control on the VN attacks
The cloud system is based on the VN technology. In order to identify the malicious users, the
companies use the VMware, Sphere etc. which are based on coding like IDS and IPS coding
system. In addition to it, the company need to make sure that coding system should be served in
a confidential matter. Through this, the company should provide more security to the cloud
system and the data (Zissis and Lekkas, 2012). With the help of such system, the company can
provide better security. Along with it, company can also use suitable firewall system in order to
prevent the IT threats.
CONCLUSION
Migration of data and information into the external cloud computing system can lead to several
benefits to the company. Aztek Corporation can adopt such system and make the business more
advanced and the also they lead to more excellent customers services. From the above report, it
can be concluded that there are different type of merits such as reliability of the information,
effective use of the resources and high storage capacity. Through this, the business can control
the data and information in an effective manner. The company can easily access their data and
information without any time and geographical limit. By accepting the proposed proposal, the
company needs to changes in its security posture. So, the business needs to provide training to its
employees and also change its policies and procedures so that the external cloud system can be
easily integrated with current system. The external cloud service can bring a lot of opportunity
for the business but there is also some potential risk in the system. The major risks which are
associated with the network are security threats. Such threats can be overcome by adopting
standards security methodology.
The cloud system is based on the VN technology. In order to identify the malicious users, the
companies use the VMware, Sphere etc. which are based on coding like IDS and IPS coding
system. In addition to it, the company need to make sure that coding system should be served in
a confidential matter. Through this, the company should provide more security to the cloud
system and the data (Zissis and Lekkas, 2012). With the help of such system, the company can
provide better security. Along with it, company can also use suitable firewall system in order to
prevent the IT threats.
CONCLUSION
Migration of data and information into the external cloud computing system can lead to several
benefits to the company. Aztek Corporation can adopt such system and make the business more
advanced and the also they lead to more excellent customers services. From the above report, it
can be concluded that there are different type of merits such as reliability of the information,
effective use of the resources and high storage capacity. Through this, the business can control
the data and information in an effective manner. The company can easily access their data and
information without any time and geographical limit. By accepting the proposed proposal, the
company needs to changes in its security posture. So, the business needs to provide training to its
employees and also change its policies and procedures so that the external cloud system can be
easily integrated with current system. The external cloud service can bring a lot of opportunity
for the business but there is also some potential risk in the system. The major risks which are
associated with the network are security threats. Such threats can be overcome by adopting
standards security methodology.
REFERENCES
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bruneo, D. (2014). A stochastic model to investigate data center performance and QoS in IaaS
cloud computing systems. IEEE Transactions on Parallel and Distributed Systems, 25(3),
560-569.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges.
In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International
Conference on (pp. 877-880). IEEE.
Khajeh-Hosseini, A., Greenwood, D., & Sommerville, I. (2010, July). Cloud migration: A case
study of migrating an enterprise it system to iaas. In Cloud Computing (CLOUD), 2010
IEEE 3rd International Conference on (pp. 450-457). IEEE
Krutz, R. L., & Vines, R. D. (2010). Cloud security: A comprehensive guide to secure cloud
computing. Wiley Publishing.
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bruneo, D. (2014). A stochastic model to investigate data center performance and QoS in IaaS
cloud computing systems. IEEE Transactions on Parallel and Distributed Systems, 25(3),
560-569.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges.
In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International
Conference on (pp. 877-880). IEEE.
Khajeh-Hosseini, A., Greenwood, D., & Sommerville, I. (2010, July). Cloud migration: A case
study of migrating an enterprise it system to iaas. In Cloud Computing (CLOUD), 2010
IEEE 3rd International Conference on (pp. 450-457). IEEE
Krutz, R. L., & Vines, R. D. (2010). Cloud security: A comprehensive guide to secure cloud
computing. Wiley Publishing.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Luna, J., Ghani, H., Vateva, T., & Suri, N. (2012). Quantitative assessment of cloud security
level agreements: A case study. Proc. of Security and Cryptography, 64-73.
Manvi, S. S., & Shyam, G. K. (2014). Resource management for Infrastructure as a Service
(IaaS) in cloud computing: A survey. Journal of Network and Computer Applications, 41,
424-440.
Rebollo, O., Mellado, D., & Fernández-Medina, E. (2012). A Systematic Review of
Information Security Governance Frameworks in the Cloud Computing Environment. J.
UCS, 18(6), 798-815.
Ren, K., Wang, C., & Wang, Q. (2012). Security challenges for the public cloud. IEEE Internet
Computing, 16(1), 69-73.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys & Tutorials,
16(1), 369-392.
Sarwar, A., & Khan, M. N. (2013). A review of trust aspects in cloud computing security.
International Journal of Cloud Computing and Services Science, 2(2), 116.
Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud
computing systems. Network Security, 2011(3), 4-10.
Ward, B. T., & Sipior, J. C. (2010). The Internet jurisdiction risk of cloud computing.
Information systems management, 27(4), 334-339.
Zissis, D. and Lekkas, D., 2012. Addressing cloud computing security issues. Future
Generation computer systems, 28(3), pp.583-592.
level agreements: A case study. Proc. of Security and Cryptography, 64-73.
Manvi, S. S., & Shyam, G. K. (2014). Resource management for Infrastructure as a Service
(IaaS) in cloud computing: A survey. Journal of Network and Computer Applications, 41,
424-440.
Rebollo, O., Mellado, D., & Fernández-Medina, E. (2012). A Systematic Review of
Information Security Governance Frameworks in the Cloud Computing Environment. J.
UCS, 18(6), 798-815.
Ren, K., Wang, C., & Wang, Q. (2012). Security challenges for the public cloud. IEEE Internet
Computing, 16(1), 69-73.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys & Tutorials,
16(1), 369-392.
Sarwar, A., & Khan, M. N. (2013). A review of trust aspects in cloud computing security.
International Journal of Cloud Computing and Services Science, 2(2), 116.
Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud
computing systems. Network Security, 2011(3), 4-10.
Ward, B. T., & Sipior, J. C. (2010). The Internet jurisdiction risk of cloud computing.
Information systems management, 27(4), 334-339.
Zissis, D. and Lekkas, D., 2012. Addressing cloud computing security issues. Future
Generation computer systems, 28(3), pp.583-592.
1 out of 21
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024  |  Zucol Services PVT LTD  |  All rights reserved.