Cloud Computing Security: Webb's Data Backup and Recovery Report

Verified

Added on 2019/11/26

AI Summary

This report provides a detailed analysis of cloud computing security, specifically addressing the context of a company, Webb’s, considering a shift to cloud-based data storage and backup. It begins with an executive summary highlighting the relationship between virtualization and cloud computing, emphasizing the benefits of cloud computing such as cost savings and enhanced security. The report then delves into the methods for protecting data stored in IaaS infrastructure, including data monitoring, end-to-end logging, authentication, infrastructure hardening, and encryption. It subsequently identifies the risks associated with IaaS infrastructure, such as data leakage, authentication bypass, API hacking, cyberattacks, and data loss. The report also explores the risks related to data backup, retrieval, and storage in the cloud, discussing issues like bandwidth limitations, restore windows, and dependency on service provider security. It concludes by outlining ways to protect data in the cloud, emphasizing the importance of backup recovery, business continuity, and disaster recovery. The report's conclusion recommends that Webb's implement security measures and engage in thorough discussions with their service provider to ensure data protection, cost-effectiveness, and ease of access in their transition to cloud computing.

Running head: CLOUD COMPUTING
Cloud computing
Assessment number
Name of the Student
Student ID
Student email

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CLOUD COMPUTING
Executive summary:
Virtualization and cloud computing are closely related better to say that cloud computing has
taken virtualization to a higher level. By use of the cloud, users store their valuable data and they
can experience different operating systems in a single host device thereby saving money as well
as time of the user. Security increases thereby decreasing the threats. The report discusses about
the security issues related to cloud computing and dealing with the problems. The company
Webb’s has decided to shift their data center at Auckland to some other place. The company
thinks of backing up their data in the clouds and is concerned about all the issues related to cloud
computing. This report briefs the possibilities of benefits of the company and the necessary steps
the company would take in the future to protect its data.
1 | P a g e

CLOUD COMPUTING
Table of Contents
1. Introduction:.............................................................................................................................4
2. Methods used for protection of data stored in IaaS infrastructure and their benefits:.............4
 Protection of data and Monitoring of the usage:..................................................................5
 End-to-End Logging and Reporting:....................................................................................5
 Authentic and authorized access:..........................................................................................5
 Hardening of the infrastructure:............................................................................................6
 Encryption from end to end:.................................................................................................6
3. Risks related to IaaS Infrastructure, the database and communication between Webb’s and
IaaS database:..................................................................................................................................6
 Leakage of data:....................................................................................................................6
 Bypass of authentication:......................................................................................................6
 API hacking and Interface:...................................................................................................6
 Cyber-attacks:.......................................................................................................................7
 Permanent loss of data:.........................................................................................................7
4. Risks associated with backing up of data, retrieval of data and storing of data in the cloud:..7
4.1. Risks regarding backing up data to a Cloud:....................................................................7
4.2. Risks in restoring of data from the cloud:.........................................................................7
2 | P a g e

CLOUD COMPUTING
4.3. Risk in storing of data in a cloud:.....................................................................................8
5. Ways to protect the data in the cloud:......................................................................................8
6. Conclusion:.............................................................................................................................10
References:....................................................................................................................................11
3 | P a g e

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CLOUD COMPUTING
1. Introduction:
The process of creating a virtual edition of something or something, which is not real, is
called virtualization. It allows a single hardware to use different operating systems. By this, a
single system can host a multiple number of systems. Cloud computing (Rittinghouse, &
Ransome, 2016). Refers to the computing of a process or software, which helps to gain access
over various computer related resources like computer network, storage, various servers,
applications and various services. It is done with the help of internet. Cloud computing helps in
storing of various data and also helps in their processing of this data by various users and
organizations. Cloud computing also considers the security of the users (Almorsy, Grundy &
Müller, 2016). This report is going to discuss about how the company is going to benefit from
the use of cloud computing.
Webb’s decision of closing their Auckland data center rather than updating or replacing
the old infrastructure has made them think of moving the data and service to the cloud. IaaS
(Infrastructure as a Service) is one of the four models for delivering cloud services. IaaS is the
process in which the hardware, network and storage services are delivered to the cloud by virtual
computing. IaaS resources can be rented (Chen, Li & Ruiz, 2017) as needed by companies rather
than buying and installing the resources required. The increasing cost of the LTO 6 tapes used
for backing up of data can be easily avoided by the use of IaaS.
2. Methods used for protection of data stored in IaaS infrastructure and their benefits:
4 | P a g e

CLOUD COMPUTING
Working in IaaS is comfortable and familiar as it is similar to working in data centers.
Securities issues in IaaS can vary according to the use of public clouds (Heydari, Tavakoli &
Riazi, 2014) or private clouds. Virtual machines (VMs) and services running on VMs can be
controlled with IaaS in the public cloud. Security issues related to IaaS in public cloud are:
 Protection of data and Monitoring of the usage: Data present IaaS infrastructure is
both private and public therefore monitoring is essential. This monitoring becomes very
much essential when IaaS is deployed in public cloud. It is very important to know who
has accessed the information, how was the information accessed and from where the
information is accessed and what happens to the accessed information. The problems are
easily solved by applying proper modern Rights Management services, which restricts the
critical data of the business (Latif et al., 2014). Creation and deploying of policies for
information is essential for protection of the data.
 End-to-End Logging and Reporting: Demanding of comprehensive logging and
reporting in place by effective deployment of IaaS. Robust logging and reporting solution
helps in keeping track of who has accessed information, from where the information has
been accessed, which machines are handling the information and the storage arrays (Chen
& Zhao, 2012). This information’s are very important for service management and
optimization.
 Authentic and authorized access: Effective Data Loss Prevention (DLP) solution can
be obtained by robust authentication and authorization. Use of two or multiple
5 | P a g e

CLOUD COMPUTING
authentication technique is required for the most secure authentication mechanism (Chen
& Zhao, 2012).
 Hardening of the infrastructure: Hardening and cleaning of “Golden image” VM and
VM templates needs to be done on a regular basis. This can be done while the images are
being created.
 Encryption from end to end: All the data including the data on the disk can be
encrypted by the use of whole disk encryption this leads to prevention of offline attacks.
Besides encryption of disk, the communications that host’s OS and VM’s are also
encrypted.
3. Risks related to IaaS Infrastructure, the database and communication between
Webb’s and IaaS database:
Cloud security refers to the processes involved in the protection of the data stored in the
clouds (Hashizume et al., 2013). The security issues related to IaaS infrastructure are as follows:
 Leakage of data: As large amount of data is stored in cloud it becomes a target for
attackers. Data leak can lead to a chain of unfortunate events for the company IaaS
providers (Khalil, Khreishah & Azeem, 2014).
 Bypass of authentication: Insufficient attention to authentic verification, leads to
leakage of data (Hashizume et al., 2013). Weak passwords along with problems in
management of encryption and certificates are the main reasons for this problem.
 API hacking and Interface: Cloud services and applications cannot be imagined
without friendly user interface (UIs) and application program interface (API) (Bhadauria
6 | P a g e

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CLOUD COMPUTING
& Sanyal, 2012). Reliable mechanism of data access control and encryption are
responsible for the security and availability of cloud services.
 Cyber-attacks: Cyber-attacks are very much common nowadays. An experienced
attacker is not easily detectable when an infrastructure is under attack (Pearson, 2013).
Remote network attack also has a great impact on the infrastructure.
 Permanent loss of data: Data loss may occur due to accident or malicious acts. Data loss
is no less than a data leak. Addition to this it is necessary to take care of storage used for
encryption keys moving of encrypted data to the cloud (Chen & Zhao, 2012).
4. Risks associated with backing up of data, retrieval of data and storing of data in the
cloud:
4.1. Risks regarding backing up data to a Cloud:
Windows used for backing up of data are too large: Speed of moving of data (during
onsite backup) from the servers to the backup system is similar to LAN speed. During backup
process the internet speed play a very vital role (Lu et al., 2015). Due to dependency on the
internet connection the backups faces congestion and the uploading process becomes slow.
Monitoring of bandwidths and looking for services that can support continuous backups helps to
avoid congestion and the issues caused due to bandwidth constraints.
4.2. Risks in restoring of data from the cloud:
The restore windows used for restoring of data are too small: during a time of disaster, a
company needs to get their service up and running as fast as they can (Sharma et al., 2017).
Likewise, the dependency of creating the backup on internet speed the restoring of data is also
7 | P a g e

CLOUD COMPUTING
slow. Comparatively the speed of restoring of data from a tape is much faster than restoring data
from the cloud. Evaluating the time required and the objectives and the Service Level
Agreements can help in solving the problem (Hirano & Ogawa, 2016). The company must make
an estimate of the time required for restoration of the backup data. In tapes, a company can keep
backups of data on a monthly, weekly, quarterly and annual basis. Backup from tapes is time
saving as well as restoration can be done from any point in time. Whereas in cloud backup
process there is continuous replication of data and changes overwrites the previous file. This is
advantageous as it saves time and bandwidth but it is also disadvantageous during the need of an
older version of the files. Consulting with the service provider if they keep an older version of
files helps in solving the problem.
4.3. Risk in storing of data in a cloud:
Many companies suffer a risk of security breach. When a company stores data and
backups in the cloud it means they are totally depending on the service provider’s security.
Backing up of data in an encrypted format makes the data unusable to anyone else even if the
service provider experiences a breech (Latif et al., (2014). Along with this storing of the keys
used for encryption in some other place of the cloud rather than the place where the backup of
the data is stored. Losing of the keys, make the data inaccessible.
5. Ways to protect the data in the cloud:
Backup recovery, business continuity and disaster recovery are some of the issues for which
protection is required. Backup is the easiest way for Webb’s to protect their data from many
issues. A backup is nothing but a copy of the data that the company is storing in the clouds (Lu et
8 | P a g e

CLOUD COMPUTING
al., 2015). Disaster recovery is something which the company can use to recover the entire
relevant IT infrastructure at a remote site after a primary becomes unavailable for an
unacceptable period of time (Sharma et al., 2017). Besides data recovery, recovery of server and
applications along with any network capabilities (Pearson, 2013). The company should read the
user license agreement very carefully. Before uploading any data, the company should encrypt
the data properly.
6. Conclusion:
The reports conclude that the company Webb’s can use the IaaS for backing up their data.
Besides the security, solving of issues related to cloud computing is avoided by taking up certain
security measures and consciousness of the company. Webb’s can back up their data from
Auckland data center before restoring the data in some other data center; they must talk to the
service provider regarding the issues that they might face. IaaS not only helps Webb in lowering
their cost of shifting the data but also helps in saving the time and makes the process much
easier. They can easily access their data and protect them by using certain encryption key, which
makes the data present in the cloud accessible only to the company.
9 | P a g e

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

CLOUD COMPUTING
References:
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Bhadauria, R., & Sanyal, S. (2012). Survey on security issues in cloud computing and associated
mitigation techniques. arXiv preprint arXiv:1204.0764.
Chen, D., & Zhao, H. (2012, March). Data security and privacy protection issues in cloud
computing. In Computer Science and Electronics Engineering (ICCSEE), 2012
International Conference on (Vol. 1, pp. 647-651). IEEE.
Chen, L., Li, X., & Ruiz, R. (2017). Resource renting for periodical cloud workflow
applications. IEEE Transactions on Services Computing.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of Internet Services and Applications, 4(1),
Heydari, A., Tavakoli, M. A., & Riazi, M. (2014). An Overview of Public Cloud Security
Issues. International Journal of Management Excellence, 3(2), 440-445.
Hirano, M., & Ogawa, H. (2016, August). A Log-Structured Block Preservation and Restoration
System for Proactive Forensic Data Collection in the Cloud. In Availability, Reliability
and Security (ARES), 2016 11th International Conference on (pp. 355-364). IEEE.
Khalil, I. M., Khreishah, A., & Azeem, M. (2014). Cloud computing security: a
survey. Computers, 3(1), 1-35.
10 | P a g e

CLOUD COMPUTING
Latif, R., Abbas, H., Assar, S., & Ali, Q. (2014). Cloud computing risk assessment: a systematic
literature review. In Future Information Technology(pp. 285-295). Springer, Berlin,
Heidelberg.
Lu, P., Zhang, L., Liu, X., Yao, J., & Zhu, Z. (2015). Highly efficient data migration and backup
for big data applications in elastic optical inter-data-center networks. IEEE
Network, 29(5), 36-42.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for
Cloud Computing (pp. 3-42). Springer London.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Sharma, P., Lee, S., Guo, T., Irwin, D., & Shenoy, P. (2017). Managing Risk in a Derivative IaaS
11 | P a g e