Security Risks and Risk Mitigation in Cloud Data Migration

Verified

Added on 2020/04/01

AI Summary

The migration of data to cloud computing platforms introduces various security concerns that organizations must address to protect their information assets effectively. This report delves into the potential risks associated with cloud-based services, such as unauthorized access, data breaches, insecure interfaces, account hijacking, and malicious insiders. It also highlights vulnerabilities in service provider infrastructure, including inadequate security configurations and shared technology issues. To combat these threats, this document suggests a range of mitigation strategies, including implementing robust encryption techniques for data at rest and in transit, employing strong authentication and authorization protocols to prevent unauthorized access, conducting regular security audits, and developing comprehensive disaster recovery plans. Furthermore, it underscores the importance of establishing clear service level agreements (SLAs) with cloud service providers to ensure adherence to specified security standards. By addressing these critical areas, organizations can significantly enhance their data protection measures during cloud migration processes.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
Cloud Computing
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
CLOUD COMPUTING
Executive Summary
The purpose of the report is to provide a detailed discussion on the different security issues and
risks associated with the migration of data into a Cloud instance. The Webb’s Stores, which is a
regional store operating in Australia and New Zealand is planning to migrate their database in
cloud instance. The report discusses the various security risks and privacy issue associated with
the project. The report concludes with the suggestion of effective backup and disaster recovery
plan.

2
CLOUD COMPUTING
Table of Contents
Introduction..........................................................................................................................3
1. Answer 1..........................................................................................................................3
1.1 Security Type.............................................................................................................3
1.2. Benefits and Issues...................................................................................................3
2. Answer 2..........................................................................................................................4
2.1. The Risk in Database................................................................................................4
2.2. The Risk IaaS Infrastructure.....................................................................................5
2.3. The Risk in communication between Webb’s and IaaS database............................5
3. Answer 3..........................................................................................................................5
3.1. Risk of Backing up data to the cloud........................................................................6
3.2. Cloud back up and DR plans....................................................................................6
4. Answer 4..........................................................................................................................7
4.1. IaaS Infrastructure....................................................................................................7
4.2. MS SQL Server 2012 R2 Cloud Instance.................................................................7
4.3. Cloud network infrastructure....................................................................................8
4.4. Cloud backup and restore infrastructure...................................................................8
Conclusion...........................................................................................................................8
References..........................................................................................................................10

3
CLOUD COMPUTING
Introduction
The aim of the report is to discuss the different risks and security issues that Webb’s
Stores might face by moving the existing data present in the Auckland data center top the cloud
storage. The report gives an insight of the major risk associated with this process and suggests
different risk mitigation approaches for successful implementation of the project (Li et al., 2015).
The different security issues associated with this project and risk mitigation approaches are
elaborated in the following paragraphs.
1. Answer 1
1.1 Security Type
The security essentials that is recommended for securing the data over cloud instance
includes, proper use of two basic security essential, encryption and authentication, in order to
prevent the unauthorized access to the data (Boyd & Mathuria, 2013).
 Authentication helps in validating the identity of a user and in turn prevent the
unauthorized access of the data
 Encryption is a process of converting a readable information or plain text to
hypertext. It helps in preventing the unauthorized access of the data (Malawski et
al., 2013).
1.2. Benefits and Issues

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
CLOUD COMPUTING
1) The major benefit of Webb’s store is integration of all the operations in a single place,
which would further help in reducing the cost of data maintenance. Furthermore, it will help in
improving the business processes.
2) The basic security measures of encryption and authentication helps in maintaining the
integrity can confidentiality of the data (Doan, Halevy & Ives, 2012).
3) The storage of data in cloud instance offers a huge amount of flexibility in access and
storage of data.
4) Furthermore, it is very cot effective and therefore, Webb’s Stores will definitely be
benefited after implementation of this project.
However, there are certain security issues that are associated with the deployment of the
security standards, which are listed below (Tao et al., 2014)-
1) The IaaS instance of a hybrid cloud environment is complex and therefore,
incorporating a proper security measure becomes difficult.
2) The database is vulnerable to Brute Force attack, which is a trial and error method
used by a hacker with an aim of decoding an encrypted data. Therefore, the cloud database is
exposed to this attack even after incorporating the security measure of data encryption (Wei et
al., 2014).
2. Answer 2
2.1. The Risk in Database

5
CLOUD COMPUTING
The major risk associated with the migration of database in cloud infrastructure includes
corruption of data due to the data transfer in a bulk amount. Furthermore, if the data transferred
is not protected using proper data protection standard such as encryption, it may lead to the
severe loss of data in form of data theft (Hashem et al., 2015).
2.2. The Risk IaaS Infrastructure
The major risk associated with the moving of data in IaaS infrastructure is privacy and
security risk. The IaaS instance would possibly be monitored, controlled and managed by the
service provider and therefore, there remains a huge risk of data loss and data theft. This risk
comes under the category of risk from an insider (Zissis & Lekkas, 2012).
Apart from that, there is a risk of outside attack by launching a malware attack, as
nothing is secure over internet. This may further lead to the loss of modification of the data.
Denial of service attack is another risk associated with the IaaS infrastructure, which
prevents the use an access of the resources by the legitimate users. DOS attack may considerably
affect the normal operations of the store and in turn affect the business process.
2.3. The Risk in communication between Webb’s and IaaS database
The risk associated with the communication between Webb and its IaaS database is the
risk of interception of data by an attacker. This can result in data theft and loss of confidential
information. Furthermore, the working of IaaS largely depends on the network and therefore, any
issue with the internet may result in the entire operations coming to a hault (Fernando, Loke &
Rahayu, 2013).
3. Answer 3

6
CLOUD COMPUTING
3.1. Risk of Backing up data to the cloud
i) The different risks associated with the backing up of data in a cloud are elaborated
below-
1) The process of data backup will be controlled by the IaaS service provider and
therefore, there remains a possibility of major security risk (Gonzalez et al., 2012).
2) If the process of data backup is not properly done, it can lead to loss of data.
ii) The different risks associated with the storage of data in cloud are listed below-
1) If the data present in the database are not properly secured with the method of
encryption, it may lead to the possibility of data theft and modification of data.
2) The cloud database is prone to malware infection and a planned malware attack may
lead to loss of data or the removal of the entire database (Chou, 2013).
ii) The risks that the Webb’s Store might face while retrieving the data are listed below-
1) Snooping is a method of intercepting a data while it is being transferred. Therefore,
retrieval of data includes high chances of snooping and a resulting data theft (Leippold & Lohre,
2012).
2) Another risk associated with the retrieval of data is the data leakage. As the data
retrieval would require internet connection, an attacker may use this opportunity to launch an
attack with an intention of data theft.
3.2. Cloud back up and DR plans

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
CLOUD COMPUTING
The disaster recovery technique in cloud includes the maintaining a copy of all the data
and records in order to manage an event of data loss. The migration of the database in the cloud
instance can definitely help in effective disaster recovery. The IaaS offers a function of regular
backup, which makes the process of data recovery much easier. Furthermore, the process of data
recovery is in cloud is very simple and mostly controlled by the service provider (Phillips, 2015).
4. Answer 4
Access control or access protection is a process of protecting the data from unauthorized
access. Therefore, access protection is used to limit data access to registered person only.
4.1. IaaS Infrastructure
The primary process of ensuring access control in IaaS infrastructure is controlling the
physical access of the data by incorporating the process of multiphase authentication and
password protection in order to prevent the unauthorized access to the database and server.
Use of unsecure API in accessing the data further increases the risks of malware infection
into the server. Therefore, use of unsecure API should be prohibited.
4.2. MS SQL Server 2012 R2 Cloud Instance
The access control procedures that can be implemented in order to protect the data in the
MS SQL server are listed below-
1) Proper encryption of the data present in the database helps in preventing the
unauthorized access to the data and further prevents the data loss. With the involvement of the
process of encryption, only the authorized person with the access to decryption key will be able
to access the data (Biham & Shamir, 2012).

8
CLOUD COMPUTING
2) Proper monitoring of the content and access to the database is another effective
method of access control.
4.3. Cloud network infrastructure
The different methods that can be used to effectively control the access to the cloud
network infrastructure are listed below-
1) Proper monitoring of the cloud database server will help in keeping a track of the
person accessing the network and therefore it is an important process ensuring access control in
cloud network infrastructure.
2) Controlling the access of data by the service provider will help in risk mitigation as
well. Webb’s Stores should have an idea about the times when service provider is accessing the
data.
4.4. Cloud backup and restore infrastructure
The backup and restore procedure of the data should incorporate password protection.
This will help in preventing the access of the data by unauthorized person as the backup can be
completed only after using a proper password. Furthermore, the data encryption will help in
preventing the unauthorized access to the data.
Conclusion
Therefore, from the above discussion, it can be concluded that there are certain risks and
security issues associated with the migration of data in the cloud instance. Webb’s Stores should
incorporate proper risk mitigation approaches in order to avoid the risks discussed in the report.

9
CLOUD COMPUTING
The report further discusses the different risk mitigation techniques along with proper back up
and disaster recovery plan.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10
CLOUD COMPUTING
References
Biham, E., & Shamir, A. (2012). Differential cryptanalysis of the data encryption standard.
Springer Science & Business Media.
Boyd, C., & Mathuria, A. (2013). Protocols for authentication and key establishment. Springer
Science & Business Media.
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of
Computer Science & Information Technology, 5(3), 79.
Doan, A., Halevy, A., & Ives, Z. (2012). Principles of data integration. Elsevier.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.
Gonzalez, N., Miers, C., Redigolo, F., Simplicio, M., Carvalho, T., Näslund, M., & Pourzandi,
M. (2012). A quantitative analysis of current security concerns and solutions for cloud
computing. Journal of Cloud Computing: Advances, Systems and Applications, 1(1), 11.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Leippold, M., & Lohre, H. (2012). Data snooping and the global accrual anomaly. Applied
Financial Economics, 22(7), 509-535.

11
CLOUD COMPUTING
Li, J., Li, Y. K., Chen, X., Lee, P. P., & Lou, W. (2015). A hybrid cloud approach for secure
authorized deduplication. IEEE Transactions on Parallel and Distributed Systems, 26(5),
1206-1216.
Malawski, M., Juve, G., Deelman, E., & Nabrzyski, J. (2015). Algorithms for cost-and deadline-
constrained provisioning for scientific workflow ensembles in IaaS clouds. Future
Generation Computer Systems, 48, 1-18.
Phillips, B. D. (2015). Disaster recovery. CRC press.
Tao, F., Cheng, Y., Da Xu, L., Zhang, L., & Li, B. H. (2014). CCIoT-CMfg: cloud computing
and internet of things-based cloud manufacturing service system. IEEE Transactions on
Industrial Informatics, 10(2), 1435-1442.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and
privacy for storage and computation in cloud computing. Information Sciences, 258, 371-
386.
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation
computer systems, 28(3), 583-592.