Cloud Migration: Evaluating IT Security Risks and Benefits

Verified

Added on 2020/04/07

AI Summary

The task at hand is an evaluation of information technology security concerns related to cloud migration for enterprises. It necessitates a detailed analysis that weighs the inherent risks against the potential benefits that migrating business operations to cloud computing platforms can offer. Key areas of focus include evaluating data backup in the cloud, assessing encryption methodologies, and understanding infrastructure as a service (IaaS) security considerations. The assignment will also delve into specific threats such as unauthorized access, data breaches, and compliance challenges associated with cloud storage solutions. By examining various case studies and expert analyses, this evaluation aims to provide a balanced perspective on whether enterprises can effectively mitigate risks while leveraging the scalability, flexibility, and cost-efficiency benefits of cloud computing.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: WEBB’S STORES & CLOUD COMPUTING
[Assessment ID & Name]
[Student Name, ID]
[Student Email]
[Professor’s Name Here]
[Date Here]
[Name] [Student No.]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

WEBB’S STORES & CLOUD COMPUTING
Executive Summary
Cloud solutions have completely changed the modes of accessing and utilizing IT resources
through the services they offer. In essence, cloud-based solutions provide leased IT resources
to users through internet connections where on-demand infrastructures are supported by
dedicated service providers. In all, a user or subscriber having an internet connection can
‘borrow’ any resources they require at a specified fee including components such as storage
and computational facilities. Furthermore, because these resources are provided by a party
dedicated to cloud solutions, they can be adequately adjusted to fit the need of the user at
minimal expenditures. Therefore, a user in need of flexible storage facilities or database
systems can regularly adjust them based on their immediate demands. Now, Webb’s Stores
(a retail store) owns many business locations in Australia and New Zealand. Each one of
these location requires access to the company’s information which necessitates the need for
data centres, the prevailing challenges for the enterprise where data replication has become a
problem. As a solution, Webb’s Stores aim to integrate cloud solutions into its operations to
expand the reach of its data centres and to improve its business expansion requirements. This
report highlights the key components of this endeavour.
[Name] [Student No.] 2

WEBB’S STORES & CLOUD COMPUTING
Table of Contents
Contents Page
Task one: Database migration to IaaS instance....................................................3
a. IaaS security in public domain........................................................................3
b. Benefits and risks of the security methods......................................................4
The benefits:........................................................................................................4
The risks:.............................................................................................................4
Task two: The risks of a cloud migration..............................................................5
a. On the database................................................................................................5
b. Risk on the IaaS infrastructure........................................................................5
c. Communication risk between Webb’s and IaaS resource...............................6
Task three: Cloud resources for backup and restoration requirements............6
a. The risks/issues of cloud backups...................................................................6
i. Backing up data risks....................................................................................6
ii. Data storage.................................................................................................7
iii. Data retrieval...............................................................................................7
b. How is the DR plan affected?..........................................................................8
Task four: Protecting access to the cloud resource..............................................8
a. IaaS infrastructure............................................................................................8
b. Ms SQL server instance..................................................................................9
c. The cloud network infrastructure....................................................................9
d. Cloud backup and restoration facility...........................................................10
References..............................................................................................................11
[Name] [Student No.] 3

WEBB’S STORES & CLOUD COMPUTING
Task one: Database migration to IaaS instance
a. IaaS security in public domain
Consider the security risk imposed by the internet which is the support environment for the
cloud computing resources. The IaaS infrastructure can be compromised using an array of
intrusion methods including interceptions, snooping and malware among many others.
Therefore, the users of this service must implement several security measures to protect the
acquired IaaS resource.
System encryption: A security method that serves as the single most important resource for
any publicly deployed resource. In this security feature, the data used by the enterprise is
encrypted using certain protocols and access keys. These keys are integrated into the
operating system and provided to the members of the organizations (verified members)
which protects the information being used. Furthermore, the channels of communication
(networks) are also encrypted using specialized parameters such as VPNs (virtual private
networks) which boosts the security of the access environments (Mogull, 2017).
IaaS service isolation: The cloud resource will be accessed by different people within the
leasing organization. These people will hold different roles within the organization and thus
will require different data and resources. Similarly, the IaaS instance should be isolated based
on a specified access policy. This policy would isolate the structure of the IaaS infrastructure
thus enhance its accountability and management.
Infrastructure assessment and management: These roles that would be accomplished by
using firewalls and intrusion detection systems. In essence, these security features would
assess the data packets being transferred between the host organization and the IaaS instance
thus filter out all the negative intrusions and content (Walker, 2015).
[Name] [Student No.] 4

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

WEBB’S STORES & CLOUD COMPUTING
b. Benefits and risks of the security methods
The benefits:
Time convenience: When properly implemented, the security features of the IaaS instance
would mitigate attacks and intrusion. This outcome would enhance the speed of operations as
the computational power of the IT equipment would be dedicated to service delivery
(Shumaker, 2016)..
Cost saving: Similarly, the security features would minimize the expenditures of fixing
damaged equipment and resources due to attacks. Moreover, the cloud resource would suffer
minimal damages and congestion which would improve the cost expenditures.
Virtualization conveniences: Without the security limitations of virtualization i.e. the
internet, the subscriber can benefit from the affiliated conveniences of online systems such as
the flexibility, scalability and mobility of IT resources (Shinder, 2011).
The risks:
The complexity of the security configurations: During the deployment of the IaaS instance,
the user will have to consider many different parameters in order to successfully utilize the
leased resources. In addition to this, the security feature will also have to consider the
environment of operation and deployment languages which will intensify the risks of the
security features.
Compatibility of security methods: All security methods will require privileged access to the
resources being used. While in action they will also root out other complementary features
accessing the same system which may serve as a conflict in case multiple security features
are used (Mehtra, 2014).
[Name] [Student No.] 5

WEBB’S STORES & CLOUD COMPUTING
Task two: The risks of a cloud migration
a. On the database
Data security and privacy – the data is migrated to unknown locations and is handled by a
third party member. Therefore, its security is not fully guaranteed and can also be exposed to
reveal confidential information (Healy, 2015).
Migration complexities – a database owned by an organization like Webb’s Stores will
contain billions of records which may be lost during the migration process due to the
complexity of the move.
Limited data control – unlike in-house facilities, the subscribers do not have a physical
access to their data. Moreover, they cannot adequately track their information as its ferried
over the internet (Braddy, 2014).
b. Risk on the IaaS infrastructure
System compatibility – to date there are no specified standards for cloud resources, this
outcome enables service providers to use different operational standards including the
deployment languages. As a subscriber, the leased resource (IaaS) may fail to align with the
in-house facilities.
Limited user control – again, the subscriber cannot adequately track the resource hosted
online. Therefore, the IaaS instance may lose some resources while the subscriber is
unaware. Moreover, the overall control of the cloud resources is maintained by the service
provider and not the user (leasing party) (Badola, 2015).
System outage and downtimes – the IaaS resource is subject to the limitations of online
facilities such as internet downtime and bandwidth. In true sense, the IaaS infrastructure is
fully an online resource that depends on an internet connection and its affiliated risks.
[Name] [Student No.] 6

WEBB’S STORES & CLOUD COMPUTING
c. Communication risk between Webb’s and IaaS resource
Data leakage – while using the IaaS resource, Webb’s Stores will require regular
communication with its service provider for support services. This communication will take
place through public channels which if not well encrypted and protected will leak
information to the public.
Cyber-intrusions – secondly, the organization will also have to contend with the possibility
of being hacked or attacked by malicious individual trolling the internet. Their
communication channels may also be intercepted to acquire access information for the leased
services, a common occurrence today (Healy, 2015).
Data privacy – in addition to this, the subscriber may be required to verify their identity
using confidential information such as address and identification number in order to improve
the security of the access procedures. Now, in case of a data leak during the communication
process, the privacy of the parties involved is lost, an outcome that can also endanger their
security.
Task three: Cloud resources for backup and restoration
requirements
a. The risks/issues of cloud backups
i. Backing up data risks
Storage/size limitation – the backup process will be limited by the speeds of the internet
connection. This outcome will affect the time frame used to store data online which will
interfere with the backup process
Backup window – due to the limitations of the network (e.g. bandwidth), the subscriber will
frequently have a short access window to back up their resources more so, when the access
networks are affected by the elements of internet operation (Manes, 2012).
[Name] [Student No.] 7

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

WEBB’S STORES & CLOUD COMPUTING
.
Downtime – internet downtime is a substantial risk for the backup process as it will interfere
with the entire storage plan of the organization. Similarly, any outage associated by the
service provider will affect the backup process.
ii. Data storage
Data leaks – cloud resources are prone to data leakages because of their operating
environment which is associated with intrusion and system interceptions. Therefore, any data
stored in these facilities will have to contend with the risk of being exposed to the public.
Data security and privacy – cloud service providers will store data in different locations
unknown to the subscriber which eliminates the physical security available to users using in-
house storage facilities.
Data management – most of the risks identified above stem from the limited control provided
to the subscriber who essentially surrenders their data to a third party member. This minimal
control presents the biggest risk to using cloud storage facilities (Prinzlau, 2017).
iii. Data retrieval
Varying access time – when disaster strikes, the affected organization requires a fast solution
to acquire its original resources. The process of re-acquiring the backup resources stored in
cloud facilities will also be subject to the limitation of internet connections which will affect
the access window and time (Healy, 2015).
Unavailable SLAs – the risk identified above is as a result of the problems caused by internet
connection. Now, Webb’s Store may have a service agreement with the cloud service
provider however, this agreement does not guarantee the data retrieval process as its subject
to the limitations of the network, be it bandwidth or data throughput.
[Name] [Student No.] 8

WEBB’S STORES & CLOUD COMPUTING
b. How is the DR plan affected?
First, the recovery procedure is transformed from a physical IT component to a virtualized
resource hosted in an online facility. Therefore, there will be a distinct isolation between the
physical structure of the organization and the software or system applications. This outcome
will improve the DR plan because the organization will not need to replicate all the
foundational elements of a recovery procedure. What does this mean? Backup resources of
the overall system such as operating systems, patches and support applications will be hosted
in a centralized system which will be continuously updated based on the original system
(Healy, 2015).
In addition to this, the benefits of virtualization will also trickle down to the backup and
recovery procedures where resources will be readily available so long as an internet
connection is provided. Again, this will increase the flexibility and scalability of the DR plan
where any given business location will serve as a backup location in case of a disaster.
Finally, the DR plan will become both time and cost effective due to the availability of
resources.
Task four: Protecting access to the cloud resource
Recommendations to protect:
a. IaaS infrastructure
End to end access protection – starting with the encryption of the access ports of the
network, the IaaS resource should be protected at both ends i.e. one the service provider
systems and the subscribers.
[Name] [Student No.] 9

WEBB’S STORES & CLOUD COMPUTING
System authentication – a multifactor system should be used to access the IaaS instance. This
authentication process can be done using passwords and biometric systems (Microsoft,
2017).
Constrain the privileged access – very few members of the subscribing organization should
have access to the privileged modes of the IaaS infrastructure. Furthermore, this access
should be given to a single individual to avoid a single point of failure.
b. Ms SQL server instance
Access policy – the policy adopted should reflect the roles of the company’s staff a strategy
that would improve the system’s accountability and facilitate the management of attacks
(Microsoft, 2017).
SQL authentication and management – all logical SQL instances are developed with
automatic security features. These features will include system authentication, a measure that
should be activated in this instance.
Packet filters – traffic between the SQL instance and the host organization should be closely
monitored for any variations that may harbour attacks.
c. The cloud network infrastructure
Limited network administration – a basic access protection method that ensures very few
people are able to alter the state of the network. These individuals will also monitor the
network using intrusion detection systems and firewalls.
Encrypting the access nodes – all access nodes to the cloud network should be encrypted to
frustrate the objectives of intruders. Now, this security feature is necessary as most network
systems are designed to offer an all-access path to any given network, e.g. the Cisco devices
[Name] [Student No.] 10

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

WEBB’S STORES & CLOUD COMPUTING
which have access ports in dynamic modes. Therefore, the first step in access protection
should be to encrypt and shut off all unused network ports (Sovetkin, 2017).
d. Cloud backup and restoration facility
Standardized access procedures – the enterprise has many business locations and they all
require access to the backup facilities. Therefore, the access to these resources should be
centralized to standardize the security measures put in place. Furthermore, this
standardization will help in system updates which will be executed across all business
locations.
Encrypt the storage facilities – the backup resources i.e. server disks should be tokenized to
limit their access to verified members of the organization. The same feature will also protect
the access keys used in the cloud resources as they are integrated into the backup procedures
(Healy, 2015).
[Name] [Student No.] 11

WEBB’S STORES & CLOUD COMPUTING
References
Badola, V. (2015). Cloud migration: benefits and risks of migrating to the Cloud. Cloud
Migration for Enterprises , Retrieved 22 September, 2017, from:
https://cloudacademy.com/blog/cloud-migration-benefits-risks/.
Braddy, R. (2014). Risks And Rewards Of Moving Data To The Cloud. Enterprise Tech,
Retrieved 23 September, 2017, from: https://www.enterprisetech.com/2014/09/26/risks-
rewards-moving-data-cloud/.
Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Retrieved 09 September, 2017, from:
http://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud.
Manes, C. (2012). What are the risks of backing up your business data in the cloud? DR Journal,
Retrieved 22 September, 2017, from:
https://www.drj.com/articles/online-exclusive/what-are-the-risks-of-backing-up-your-
business-data-in-the-cloud.html.
Mehtra, H. (2014). Issues and Standards in Cloud Security. Retrieved 09 September, 2017, from:
https://www.cse.wustl.edu/~jain/cse571-14/ftp/cloud_security/index.html.
Microsoft. (2017). Security best practices for IaaS workloads in Azure. Microsoft Azure,
Retrieved 23 September, 2017, from:
https://docs.microsoft.com/en-us/azure/security/azure-security-iaas.
Mogull, R. (2017). Cloud computing encryption and IaaS security. Tech target, Retrieved 23
September, 2017, from: http://searchcloudsecurity.techtarget.com/tip/Cloud-computing-
encryption-and-IaaS-security.
Prinzlau, M. (2017). 6 security risks of enterprises using cloud storage and file sharing apps.
Data insider, Retrieved 23 September, 2017, from: https://digitalguardian.com/blog/6-
security-risks-enterprises-using-cloud-storage-and-file-sharing-apps.
Shinder, D. (2011). Security Considerations for Infrastructure as a Service Cloud Computing
Model. TechGenix, Retrieved 23 September, 2017, from: http://techgenix.com/security-
considerations-infrastructure-service-cloud-computing-model/.
Shumaker, L. (2016). 5 key benefits of the Microsoft Azure Cloud Platform. Menlo
Technologies, Retrieved 22 September, 2017, from:
http://info.menlo-technologies.com/blog/5-key-benefits-of-the-microsoft-azure-cloud-
platform.
[Name] [Student No.] 12

WEBB’S STORES & CLOUD COMPUTING
Walker, S. (2015). 5 Benefits of a Cloud Computing Security Solution. TBCONSULTING,
Retrieved 09, September, 2017, from: https://www.tbconsulting.com/blog/5-benefits-of-
a-cloud-computing-security-solution/.
[Name] [Student No.] 13