Cloud Computing: Security, Risks and Benefits for Webb's Stores Report
VerifiedAdded on 2020/04/01
|14
|3513
|308
Report
AI Summary
This report provides a comprehensive analysis of cloud computing for Webb's Stores, addressing the challenges of managing IT resources and data replication across multiple business locations. The report explores the benefits and risks of migrating an MS SQL database to an IaaS structure, including security features like resource isolation, firewalls, elastic storage blocks, and data encryption. It also discusses the risks associated with data security, database compatibility, and system control. Furthermore, the report examines cloud backup and archival services, detailing risks such as system outages, backup window limitations, and data security concerns. The report offers recommendations for implementing a hybrid cloud system, emphasizing disaster recovery plans and cloud backup strategies to ensure business continuity. The report covers topics from security to disaster recovery, providing a complete overview of the cloud computing landscape for the business.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: CLOUD COMPUTING
[Assessment Name & ID]
[Student Name, ID]
[Student Email]
[Professor’s Name Here]
[Date Here]
[Name] [Student No.]
[Assessment Name & ID]
[Student Name, ID]
[Student Email]
[Professor’s Name Here]
[Date Here]
[Name] [Student No.]
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CLOUD COMPUTING
Executive Summary
Cloud computing has emerged as a major driving force for information technology where
through its services it offers resources adequately and based on the demands of the users or
subscribers. In itself, cloud computing represents a new way of inventing, developing, scaling,
maintaining and even paying for IT services. So how is this so? Essentially, the technology falls
under the wider topic of virtualization which encapsulates resources that are provided using the
internet with minimal cost expenditures. Therefore, requirements such as computational
resources, storage, and processing power are not fully bought by the user but are leased from
well-established resource providers known as cloud service providers (CSP). This outcome
makes it easier to manage and maintain IT resources and services as they are operated with the
dedicated help of the CSP. Now, Webb’s Stores in its current business operation faces several
challenges of managing its IT resources, where different business location regularly require
access to data which forces the organization to replicate its data centres. Using cloud computing,
the company can be able to maximize its business operations through the benefits of
virtualization, including rapid business expansion. This report offers recommendations to this
endeavour where strategies for deploying a hybrid system is given.
[Name] [Student No.] 2
Executive Summary
Cloud computing has emerged as a major driving force for information technology where
through its services it offers resources adequately and based on the demands of the users or
subscribers. In itself, cloud computing represents a new way of inventing, developing, scaling,
maintaining and even paying for IT services. So how is this so? Essentially, the technology falls
under the wider topic of virtualization which encapsulates resources that are provided using the
internet with minimal cost expenditures. Therefore, requirements such as computational
resources, storage, and processing power are not fully bought by the user but are leased from
well-established resource providers known as cloud service providers (CSP). This outcome
makes it easier to manage and maintain IT resources and services as they are operated with the
dedicated help of the CSP. Now, Webb’s Stores in its current business operation faces several
challenges of managing its IT resources, where different business location regularly require
access to data which forces the organization to replicate its data centres. Using cloud computing,
the company can be able to maximize its business operations through the benefits of
virtualization, including rapid business expansion. This report offers recommendations to this
endeavour where strategies for deploying a hybrid system is given.
[Name] [Student No.] 2
CLOUD COMPUTING
Table of Contents
Contents Page
Task 1.......................................................................................................3
a. Security for the mission-critical MS SQL database migrated to an
IaaS structure..........................................................................................3
b. Benefits and risks of implementing the IaaS security features.......4
Benefits:..............................................................................................4
Risks:...................................................................................................4
Task 2.......................................................................................................5
a. Database..........................................................................................5
b. IaaS infrastructure...........................................................................6
c. Communication between Webb’s Stores and CSP.........................6
Task 3.......................................................................................................7
a. Risks and Issues of cloud backups and archival services................7
i. Backing up data.............................................................................7
ii. Storage of data.............................................................................7
iii. Retrieving data from the cloud...................................................8
b. Cloud backups and Webb’s Stores DR plan...................................9
Task 4.......................................................................................................9
a. IaaS infrastructure...........................................................................9
b. Ms SQL Server 2012 R2...............................................................10
c. Cloud network structure................................................................10
d. Cloud back and restoration structures...........................................11
References..............................................................................................12
[Name] [Student No.] 3
Table of Contents
Contents Page
Task 1.......................................................................................................3
a. Security for the mission-critical MS SQL database migrated to an
IaaS structure..........................................................................................3
b. Benefits and risks of implementing the IaaS security features.......4
Benefits:..............................................................................................4
Risks:...................................................................................................4
Task 2.......................................................................................................5
a. Database..........................................................................................5
b. IaaS infrastructure...........................................................................6
c. Communication between Webb’s Stores and CSP.........................6
Task 3.......................................................................................................7
a. Risks and Issues of cloud backups and archival services................7
i. Backing up data.............................................................................7
ii. Storage of data.............................................................................7
iii. Retrieving data from the cloud...................................................8
b. Cloud backups and Webb’s Stores DR plan...................................9
Task 4.......................................................................................................9
a. IaaS infrastructure...........................................................................9
b. Ms SQL Server 2012 R2...............................................................10
c. Cloud network structure................................................................10
d. Cloud back and restoration structures...........................................11
References..............................................................................................12
[Name] [Student No.] 3
CLOUD COMPUTING
Task 1
a. Security for the mission-critical MS SQL database migrated to an IaaS structure
MS SQL server databases usually contain its own security features where each and every logical
database is developed using access features such as usernames and passwords. However, these
features are not enough when this critical element is moved to a foreign system consisting of
public IaaS structures. The transferred content can be intercepted and interfered with thus affect
the integrity of the data. Furthermore, IaaS offers extended control to the subscriber which can
be exploited by intruders to affect other various systems of an organization or user (Marston, Li,
Bandyopadhyay, Zhang, & Ghalsasi, 2011). Therefore, the following security components are
recommended for the IaaS instance holding the MS SQL servers.
Resource isolation (hypervisor) – this security feature will isolate the IaaS instance based on the
privilege levels given to the users. In this case, the employees and management of Webb’s Store
will hold different access level based on their roles which enhances system accountability
(Magalhaes, 2015).
Firewall – an inbound and deny all default firewall should be used, where all traffic coming into
the instances is automatically denied entry unless it's outlined as an exemption in the access
policy. Furthermore, traffic restrictions can be outlined using protocols, access ports and IP
addresses.
Elastic storage blocks – in this feature, all the IaaS storage instances are isolated and the access
is restricted based on the access levels. Moreover, data is encrypted across the channels used to
improve the integrity of data used (Mogull, 2017).
Data encryption – serving as the single most important security feature, the communication and
data transfer between the subscribing organization and the IaaS instance should be done via
[Name] [Student No.] 4
Task 1
a. Security for the mission-critical MS SQL database migrated to an IaaS structure
MS SQL server databases usually contain its own security features where each and every logical
database is developed using access features such as usernames and passwords. However, these
features are not enough when this critical element is moved to a foreign system consisting of
public IaaS structures. The transferred content can be intercepted and interfered with thus affect
the integrity of the data. Furthermore, IaaS offers extended control to the subscriber which can
be exploited by intruders to affect other various systems of an organization or user (Marston, Li,
Bandyopadhyay, Zhang, & Ghalsasi, 2011). Therefore, the following security components are
recommended for the IaaS instance holding the MS SQL servers.
Resource isolation (hypervisor) – this security feature will isolate the IaaS instance based on the
privilege levels given to the users. In this case, the employees and management of Webb’s Store
will hold different access level based on their roles which enhances system accountability
(Magalhaes, 2015).
Firewall – an inbound and deny all default firewall should be used, where all traffic coming into
the instances is automatically denied entry unless it's outlined as an exemption in the access
policy. Furthermore, traffic restrictions can be outlined using protocols, access ports and IP
addresses.
Elastic storage blocks – in this feature, all the IaaS storage instances are isolated and the access
is restricted based on the access levels. Moreover, data is encrypted across the channels used to
improve the integrity of data used (Mogull, 2017).
Data encryption – serving as the single most important security feature, the communication and
data transfer between the subscribing organization and the IaaS instance should be done via
[Name] [Student No.] 4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CLOUD COMPUTING
secured channels based on the encryption of data. Through this security feature, the verified
users access and understand the data used.
b. Benefits and risks of implementing the IaaS security features
Benefits:
Rapid deployment of services – As an enterprise, Webb’s Stores requires to offer satisfactory
services to its customers an outcome that is highly dependent on time. The security features
outlined above ensure that the services provided to Webb’s customers are given using any
platform as the security is in place. Therefore, minimal security resources for the host devices are
needed.
Cost saving – top-notch security features minimizes system damages such as server crashes and
network congestion. Therefore, the subscriber uses minimal resources to maintain and even
restores damaged resources as they are in low amounts (Siasmsp, 2015).
Server and system virtualization – this is a substantial benefit as the subscriber is able to take
advantage of all the conveniences of virtualization. In essence, with good security, the users can
expand operations based on the flexibility, mobility and scalability features of virtualization
(Shinder, 2011).
Risks:
Conflicting security features – some security features will monitor systems for any variations and
either report or mitigate them based on the configured parameters. This process can become a
hindering factor if one security feature identifies another as an anomaly hence mitigate its
functionalities (eSecurity, 2017).
[Name] [Student No.] 5
secured channels based on the encryption of data. Through this security feature, the verified
users access and understand the data used.
b. Benefits and risks of implementing the IaaS security features
Benefits:
Rapid deployment of services – As an enterprise, Webb’s Stores requires to offer satisfactory
services to its customers an outcome that is highly dependent on time. The security features
outlined above ensure that the services provided to Webb’s customers are given using any
platform as the security is in place. Therefore, minimal security resources for the host devices are
needed.
Cost saving – top-notch security features minimizes system damages such as server crashes and
network congestion. Therefore, the subscriber uses minimal resources to maintain and even
restores damaged resources as they are in low amounts (Siasmsp, 2015).
Server and system virtualization – this is a substantial benefit as the subscriber is able to take
advantage of all the conveniences of virtualization. In essence, with good security, the users can
expand operations based on the flexibility, mobility and scalability features of virtualization
(Shinder, 2011).
Risks:
Conflicting security features – some security features will monitor systems for any variations and
either report or mitigate them based on the configured parameters. This process can become a
hindering factor if one security feature identifies another as an anomaly hence mitigate its
functionalities (eSecurity, 2017).
[Name] [Student No.] 5
CLOUD COMPUTING
Data privacy and security – most security features will require the users to verify their identity
using their confidential information. This requirement greatly exposes the sensitive data owned
by the user and if accessed by the wrong individuals can lead to severe damages.
Complex configuration – IaaS security features and those of cloud computing, in general, require
complex implementation procedures which sometimes confuses the users. This outcome has
been known to cause several data breaches as the user is not fully aware of the configurations
needed to secure the cloud resource instance (Braddy, 2014).
Task 2
Risks of migrating the database to the cloud
a. Database
Data security – while it is true that most CSP offers better security features as compared to in-
house resources, the move towards a foreign environment is always associated with many data
security risks. For one, the data is stored in unknown locations and also by unknown individuals
who may hold sinister objectives. Furthermore, the database systems are accessed using public
channels (internet) thus can be intercepted affecting the integrity of the entire storage system
(Braddy, 2014).
Complex migration process – consider the MS SQL server instance outlined in this case study
where organization having more than 600 employees and several business branches migrates its
entire database to a cloud infrastructure. This process would require extensive procedures to
ensure all the data is migrated and has the necessary operational requirements. Therefore, there
will always be a substantial risk of losing some the components during the migration process.
[Name] [Student No.] 6
Data privacy and security – most security features will require the users to verify their identity
using their confidential information. This requirement greatly exposes the sensitive data owned
by the user and if accessed by the wrong individuals can lead to severe damages.
Complex configuration – IaaS security features and those of cloud computing, in general, require
complex implementation procedures which sometimes confuses the users. This outcome has
been known to cause several data breaches as the user is not fully aware of the configurations
needed to secure the cloud resource instance (Braddy, 2014).
Task 2
Risks of migrating the database to the cloud
a. Database
Data security – while it is true that most CSP offers better security features as compared to in-
house resources, the move towards a foreign environment is always associated with many data
security risks. For one, the data is stored in unknown locations and also by unknown individuals
who may hold sinister objectives. Furthermore, the database systems are accessed using public
channels (internet) thus can be intercepted affecting the integrity of the entire storage system
(Braddy, 2014).
Complex migration process – consider the MS SQL server instance outlined in this case study
where organization having more than 600 employees and several business branches migrates its
entire database to a cloud infrastructure. This process would require extensive procedures to
ensure all the data is migrated and has the necessary operational requirements. Therefore, there
will always be a substantial risk of losing some the components during the migration process.
[Name] [Student No.] 6
CLOUD COMPUTING
Database compatibility – based on the DB language and system used, the subscriber resources
can fail to align with those of the CSP. If so, the functionalities of the database system can be
affected which will result in poor service delivery (Healy, 2015).
b. IaaS infrastructure
Loss of system control – a contentious issue in cloud computing where the ultimate control of the
cloud service is unknown. In essence, the question of whether the subscriber or CSP control the
overall system emerges. Furthermore, as the IaaS resources are transferred using the online
infrastructure the subscriber is unable to tag or track them. Therefore, a resource can be lost
online unknowingly only to be discovered when they are needed (Whitehouse, 2017).
Instance downtime – considering that the IaaS infrastructure is supported by the internet, its
operations are therefore usually dependent on the functionalities of this resource. In this case, the
subscriber has to consider factors such as latency, bandwidth and goodput among many other
factors. Now, in case of internet downtime, the entire IaaS infrastructure is deemed inaccessible
which would defiantly halt business operations.
System complexity – while one may argue that the complexity exhibited by cloud resources
improve the security, the same feature affect the conveniences of cloud computing. This
complexity forces an organization to acquire specialized teams in order to minimize these
complexities more so, for the business-end operations (Healy, 2015).
c. Communication between Webb’s Stores and CSP
Cybercrime – the communication between the CSP and Webb’s Stores will be conducted using
the internet which is an open and public channel. This channel will have many users having
different objectives, some of which are meant to disrupt other people’s functionalities. Therefore,
[Name] [Student No.] 7
Database compatibility – based on the DB language and system used, the subscriber resources
can fail to align with those of the CSP. If so, the functionalities of the database system can be
affected which will result in poor service delivery (Healy, 2015).
b. IaaS infrastructure
Loss of system control – a contentious issue in cloud computing where the ultimate control of the
cloud service is unknown. In essence, the question of whether the subscriber or CSP control the
overall system emerges. Furthermore, as the IaaS resources are transferred using the online
infrastructure the subscriber is unable to tag or track them. Therefore, a resource can be lost
online unknowingly only to be discovered when they are needed (Whitehouse, 2017).
Instance downtime – considering that the IaaS infrastructure is supported by the internet, its
operations are therefore usually dependent on the functionalities of this resource. In this case, the
subscriber has to consider factors such as latency, bandwidth and goodput among many other
factors. Now, in case of internet downtime, the entire IaaS infrastructure is deemed inaccessible
which would defiantly halt business operations.
System complexity – while one may argue that the complexity exhibited by cloud resources
improve the security, the same feature affect the conveniences of cloud computing. This
complexity forces an organization to acquire specialized teams in order to minimize these
complexities more so, for the business-end operations (Healy, 2015).
c. Communication between Webb’s Stores and CSP
Cybercrime – the communication between the CSP and Webb’s Stores will be conducted using
the internet which is an open and public channel. This channel will have many users having
different objectives, some of which are meant to disrupt other people’s functionalities. Therefore,
[Name] [Student No.] 7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
CLOUD COMPUTING
the two parties will have to contend with fact that their communication processes may be
intercepted and interfered with using different intrusion mechanisms e.g. malware attacks
(Whitehouse, 2017).
Extended system intrusion – intruders can use the log files of the communication process to
acquire access to the subscriber systems (on-premise resources). Therefore, while cybercrime is a
risk affecting the online services, the compromises made in this process can affect the offline
resources the main problem outlined by this risk (King, 2016).
Task 3
Cloud backups and archival services
a. Risks and Issues of cloud backups and archival services
i. Backing up data
System outages – a backup facility should serve as an impromptu resource for storing sensitive
data for future recovery procedures. Therefore, as an operational resource, backup facilities must
always be available. However, this requirement is not guaranteed in cloud computing as online
systems can go offline (King, 2016).
Backup window – a quick comparison between the cloud backups and in-house backups (tapes)
reveals the time differences used to store the backup records. In essence, the in-house resources
can backup records at fast speeds as they are physically connected to the data itself. However,
cloud resources are subject to internet speeds, which alters the overall backup functionality.
Size limitations – the bandwidth offered to the subscriber will determine the capacity of
information transferred to the backup facility. Moreover, the cloud resource may be limited in
size based on the lease agreements (Healy, 2015).
[Name] [Student No.] 8
the two parties will have to contend with fact that their communication processes may be
intercepted and interfered with using different intrusion mechanisms e.g. malware attacks
(Whitehouse, 2017).
Extended system intrusion – intruders can use the log files of the communication process to
acquire access to the subscriber systems (on-premise resources). Therefore, while cybercrime is a
risk affecting the online services, the compromises made in this process can affect the offline
resources the main problem outlined by this risk (King, 2016).
Task 3
Cloud backups and archival services
a. Risks and Issues of cloud backups and archival services
i. Backing up data
System outages – a backup facility should serve as an impromptu resource for storing sensitive
data for future recovery procedures. Therefore, as an operational resource, backup facilities must
always be available. However, this requirement is not guaranteed in cloud computing as online
systems can go offline (King, 2016).
Backup window – a quick comparison between the cloud backups and in-house backups (tapes)
reveals the time differences used to store the backup records. In essence, the in-house resources
can backup records at fast speeds as they are physically connected to the data itself. However,
cloud resources are subject to internet speeds, which alters the overall backup functionality.
Size limitations – the bandwidth offered to the subscriber will determine the capacity of
information transferred to the backup facility. Moreover, the cloud resource may be limited in
size based on the lease agreements (Healy, 2015).
[Name] [Student No.] 8
CLOUD COMPUTING
ii. Storage of data
Data security – as stated before, the cloud resources are subject to the security limitations of
online facilities. Therefore, data stored in cloud resources is usually subject to these limitations.
Moreover, the data is also stored in unknown locations which intensify the risk at hand as
unknown operations can be conducted on it (Prinzlau, 2017).
Data breaches/leakage – many organization today have held back on adopting cloud storage
facilities due to the fear of losing their information through data leaks. Now, this outcome (data
leaks) is caused by the nature of the cloud facility which exists as a multi-user environment,
having shared resources. Therefore, the structures operated by the CSP can conflict exposing
users’ information.
Minimal data control – in-house storage facility will enable users to track data in all the
operations executed. However, the same functionality is limited when using cloud resources as
the subscriber cannot track all the resources used.
iii. Retrieving data from the cloud
Seeding and retrieval time – an extended period of time can be spent on retrieving the data stored
in cloud facilities because of the limitations of size given to the subscriber based on the service
agreements given. Moreover, the same problem can be caused by the limitations of online
facilities such as outages and bandwidth limitations.
Lack of service level agreements – some performance parameters are not guaranteed by the CSP
because they do not fall within their service agreements. These parameters include bandwidth,
connection networks and online accessibility. These elements can hinder the data retrieval
process as they occur as independent variables not supported by the CSP.
[Name] [Student No.] 9
ii. Storage of data
Data security – as stated before, the cloud resources are subject to the security limitations of
online facilities. Therefore, data stored in cloud resources is usually subject to these limitations.
Moreover, the data is also stored in unknown locations which intensify the risk at hand as
unknown operations can be conducted on it (Prinzlau, 2017).
Data breaches/leakage – many organization today have held back on adopting cloud storage
facilities due to the fear of losing their information through data leaks. Now, this outcome (data
leaks) is caused by the nature of the cloud facility which exists as a multi-user environment,
having shared resources. Therefore, the structures operated by the CSP can conflict exposing
users’ information.
Minimal data control – in-house storage facility will enable users to track data in all the
operations executed. However, the same functionality is limited when using cloud resources as
the subscriber cannot track all the resources used.
iii. Retrieving data from the cloud
Seeding and retrieval time – an extended period of time can be spent on retrieving the data stored
in cloud facilities because of the limitations of size given to the subscriber based on the service
agreements given. Moreover, the same problem can be caused by the limitations of online
facilities such as outages and bandwidth limitations.
Lack of service level agreements – some performance parameters are not guaranteed by the CSP
because they do not fall within their service agreements. These parameters include bandwidth,
connection networks and online accessibility. These elements can hinder the data retrieval
process as they occur as independent variables not supported by the CSP.
[Name] [Student No.] 9
CLOUD COMPUTING
System intrusions – On the other hand, during the retrieval process, the subscriber gives the CSP
ultimate access to the on-premise equipment in order to acquire the necessary data. This access
can be exploited by intruders after compromising the cloud facilities (King, 2016).
b. Cloud backups and Webb’s Stores DR plan
Disaster recovery plans are meant to offer a lifeline to resources when extensive damages
(disasters) occur. In the current system, Webb’s Stores uses multiple data centres to stores its
information which presumably includes the DR plan having all the necessary backups i.e.
recovery tapes. When the cloud backups are adopted by the organization the DR plan will shift
from being a physical system to a virtualized structure having all the recovery procedures in one
online system. In essence, all the recovery resources (Software, patches and hardware) will be
offered by the CSP based on the lease agreement. Moreover, the DR plan will become more
extensive as the resources will be readily available across all the business locations (tech,
2017)..
In terms of the backup and restoration procedures, these processes will be drastically changed
because of the rapid availability of resources, where all location having an internet access will
act as recovery centres. Furthermore, the recovery and backup procedures will become cost-
effective as the resources needed will be leased and not fully purchased. This outcome will even
lower the management cost of these processes which will improve the operational time i.e.
backup and recovery time (Healy, 2015).
Task 4
Cloud access protection
[Name] [Student No.] 10
System intrusions – On the other hand, during the retrieval process, the subscriber gives the CSP
ultimate access to the on-premise equipment in order to acquire the necessary data. This access
can be exploited by intruders after compromising the cloud facilities (King, 2016).
b. Cloud backups and Webb’s Stores DR plan
Disaster recovery plans are meant to offer a lifeline to resources when extensive damages
(disasters) occur. In the current system, Webb’s Stores uses multiple data centres to stores its
information which presumably includes the DR plan having all the necessary backups i.e.
recovery tapes. When the cloud backups are adopted by the organization the DR plan will shift
from being a physical system to a virtualized structure having all the recovery procedures in one
online system. In essence, all the recovery resources (Software, patches and hardware) will be
offered by the CSP based on the lease agreement. Moreover, the DR plan will become more
extensive as the resources will be readily available across all the business locations (tech,
2017)..
In terms of the backup and restoration procedures, these processes will be drastically changed
because of the rapid availability of resources, where all location having an internet access will
act as recovery centres. Furthermore, the recovery and backup procedures will become cost-
effective as the resources needed will be leased and not fully purchased. This outcome will even
lower the management cost of these processes which will improve the operational time i.e.
backup and recovery time (Healy, 2015).
Task 4
Cloud access protection
[Name] [Student No.] 10
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
CLOUD COMPUTING
a. IaaS infrastructure
Privileged access – Webb’s Stores has many employees who will need to access the resources of
the organization. This access should be limited or rather organized based on the roles of the
employees. This strategy would limit the intrusion instances and even contain them in case they
occur.
Multifactor authentication – usernames and passwords are good security features but in today’s
digital world are usually reduced to simple authentication measures. Therefore, a multifactor
system using passwords and other authentication methods should be used e.g. biometric
scanning.
Endpoint protection – the subscriber (Webb’s) should ensure the CSP offers the best security
features for the IaaS instance in their system. Similarly, Webb’s Stores should safeguard their
access sections using all the necessary security parameters e.g. firewalls and intrusion detection
systems (Mehtra, 2014).
b. Ms SQL Server 2012 R2
SQL authentication – Webb’s Store must enable all the authentication procedures for their SQL
instances. This process can be done using access protocols that filter traffic accessing the servers
and also by using the default access procedures designed for all logical SQL instances
(usernames and passwords)
Identity and user access management – First, the SQL instances should only be accessed by the
technical team in order to manage it. The rest of the employees should access the front end of the
servers where the business data is contained. However, in each case, the access given should be
based on the identity of the users to promote system accountability (Microsoft, 2017).
[Name] [Student No.] 11
a. IaaS infrastructure
Privileged access – Webb’s Stores has many employees who will need to access the resources of
the organization. This access should be limited or rather organized based on the roles of the
employees. This strategy would limit the intrusion instances and even contain them in case they
occur.
Multifactor authentication – usernames and passwords are good security features but in today’s
digital world are usually reduced to simple authentication measures. Therefore, a multifactor
system using passwords and other authentication methods should be used e.g. biometric
scanning.
Endpoint protection – the subscriber (Webb’s) should ensure the CSP offers the best security
features for the IaaS instance in their system. Similarly, Webb’s Stores should safeguard their
access sections using all the necessary security parameters e.g. firewalls and intrusion detection
systems (Mehtra, 2014).
b. Ms SQL Server 2012 R2
SQL authentication – Webb’s Store must enable all the authentication procedures for their SQL
instances. This process can be done using access protocols that filter traffic accessing the servers
and also by using the default access procedures designed for all logical SQL instances
(usernames and passwords)
Identity and user access management – First, the SQL instances should only be accessed by the
technical team in order to manage it. The rest of the employees should access the front end of the
servers where the business data is contained. However, in each case, the access given should be
based on the identity of the users to promote system accountability (Microsoft, 2017).
[Name] [Student No.] 11
CLOUD COMPUTING
Firewalls and intrusion detection systems – these features would filter all the traffic accessing
the SQL servers in order to verify their legitimacy. In all accounts, this verification would be
based on a denial all default configuration with only the exemptions being given access.
c. Cloud network structure
Network control – this access feature would encapsulate all the procedures used to mitigate
network intrusion. In the first step, the organization should limit administrative access where a
few individuals should control the network operations. Through this access limitation, the safety
of the network resources would be almost guaranteed as few users would access the privileged
modes.
Endpoint access limitation – by default the access ports of most new networks are designed to
allow all connections without regardless of their authenticity. After acquiring the cloud
resources, all endpoints more so, the ports should be encrypted and protected using the utmost
security features (e.g. SSH encoding). Furthermore, all unused access port should be blocked off
(Mogull, 2017).
d. Cloud back and restoration structures
Encryption of the virtual disks and storage – since the backup facilities are hosted in the public
domain, their content should be encrypted. This encryption would include features such as
BitLocker which encrypt resources such as operating systems and information drives. Through
these features, unverified members would not be able to access the content stored in the online
facilities. Furthermore, these encryption features integrate their services with key vaults which
safeguard the access keys (Sovetkin, 2017).
Centralized security management – Webb’s Stores has many business locations all of which will
require the backup and restoration services. Therefore, the security of the overall infrastructure
[Name] [Student No.] 12
Firewalls and intrusion detection systems – these features would filter all the traffic accessing
the SQL servers in order to verify their legitimacy. In all accounts, this verification would be
based on a denial all default configuration with only the exemptions being given access.
c. Cloud network structure
Network control – this access feature would encapsulate all the procedures used to mitigate
network intrusion. In the first step, the organization should limit administrative access where a
few individuals should control the network operations. Through this access limitation, the safety
of the network resources would be almost guaranteed as few users would access the privileged
modes.
Endpoint access limitation – by default the access ports of most new networks are designed to
allow all connections without regardless of their authenticity. After acquiring the cloud
resources, all endpoints more so, the ports should be encrypted and protected using the utmost
security features (e.g. SSH encoding). Furthermore, all unused access port should be blocked off
(Mogull, 2017).
d. Cloud back and restoration structures
Encryption of the virtual disks and storage – since the backup facilities are hosted in the public
domain, their content should be encrypted. This encryption would include features such as
BitLocker which encrypt resources such as operating systems and information drives. Through
these features, unverified members would not be able to access the content stored in the online
facilities. Furthermore, these encryption features integrate their services with key vaults which
safeguard the access keys (Sovetkin, 2017).
Centralized security management – Webb’s Stores has many business locations all of which will
require the backup and restoration services. Therefore, the security of the overall infrastructure
[Name] [Student No.] 12
CLOUD COMPUTING
should be centralized to standardize the measures put in place. For one, the online servers used
will require regular patches and configurations which can be easily done from a centralized
structure. Secondly, the centralized management would facilitate the management and
monitoring functionalities of the security administrators.
References
Braddy, R. (2014). Risks And Rewards Of Moving Data To The Cloud. Enterprise Tech,
Retrieved 23 September, 2017, from: https://www.enterprisetech.com/2014/09/26/risks-
rewards-moving-data-cloud/.
eSecurity. (2017). IaaS Security: Threats and Protection Methodologies. eSecurity Planet,
Retrieved 23 September, 2017, from:
http://www.esecurityplanet.com/network-security/iaas-security-threats-and-protection-
methodologies.html.
Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Annese, Retrieved 23 September,
2017, from: http://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud.
King, T. (2016). Top 4 Risks Associated with Cloud Backup. Backup and recovery, Retrieved 23
September, 2017, from: https://solutionsreview.com/backup-disaster-recovery/top-4-
risks-associated-with-cloud-backup/.
Magalhaes, R. (2015). Security Best Practices for AWS (IaaS) EC2 (Part 1). TechGenix,
Retrieved 23 September, 2017, from: http://techgenix.com/security-best-practices-aws-
iaas-ec2-part1/.
Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud computing—
The business perspective. Decision Support Systems, Retrieved 23 September, 2017,
from: http://www.keencomputer.com/images/KEENCOMP/CLOUD/cloud-computing-
business-perspective.pdf.
Microsoft. (2017). Security best practices for IaaS workloads in Azure. Microsoft Azure,
Retrieved 23 September, 2017, from:
https://docs.microsoft.com/en-us/azure/security/azure-security-iaas.
Mogull, R. (2017). Cloud computing encryption and IaaS security. Tech target, Retrieved 23
September, 2017, from: http://searchcloudsecurity.techtarget.com/tip/Cloud-computing-
encryption-and-IaaS-security.
[Name] [Student No.] 13
should be centralized to standardize the measures put in place. For one, the online servers used
will require regular patches and configurations which can be easily done from a centralized
structure. Secondly, the centralized management would facilitate the management and
monitoring functionalities of the security administrators.
References
Braddy, R. (2014). Risks And Rewards Of Moving Data To The Cloud. Enterprise Tech,
Retrieved 23 September, 2017, from: https://www.enterprisetech.com/2014/09/26/risks-
rewards-moving-data-cloud/.
eSecurity. (2017). IaaS Security: Threats and Protection Methodologies. eSecurity Planet,
Retrieved 23 September, 2017, from:
http://www.esecurityplanet.com/network-security/iaas-security-threats-and-protection-
methodologies.html.
Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Annese, Retrieved 23 September,
2017, from: http://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud.
King, T. (2016). Top 4 Risks Associated with Cloud Backup. Backup and recovery, Retrieved 23
September, 2017, from: https://solutionsreview.com/backup-disaster-recovery/top-4-
risks-associated-with-cloud-backup/.
Magalhaes, R. (2015). Security Best Practices for AWS (IaaS) EC2 (Part 1). TechGenix,
Retrieved 23 September, 2017, from: http://techgenix.com/security-best-practices-aws-
iaas-ec2-part1/.
Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., & Ghalsasi, A. (2011). Cloud computing—
The business perspective. Decision Support Systems, Retrieved 23 September, 2017,
from: http://www.keencomputer.com/images/KEENCOMP/CLOUD/cloud-computing-
business-perspective.pdf.
Microsoft. (2017). Security best practices for IaaS workloads in Azure. Microsoft Azure,
Retrieved 23 September, 2017, from:
https://docs.microsoft.com/en-us/azure/security/azure-security-iaas.
Mogull, R. (2017). Cloud computing encryption and IaaS security. Tech target, Retrieved 23
September, 2017, from: http://searchcloudsecurity.techtarget.com/tip/Cloud-computing-
encryption-and-IaaS-security.
[Name] [Student No.] 13
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
CLOUD COMPUTING
Prinzlau, M. (2017). 6 security risks of enterprises using cloud storage and file sharing apps.
Data insider, Retrieved 23 September, 2017, from: https://digitalguardian.com/blog/6-
security-risks-enterprises-using-cloud-storage-and-file-sharing-apps.
Shinder, D. (2011). Security Considerations for Infrastructure as a Service Cloud Computing
Model. TechGenix, Retrieved 23 September, 2017, from: http://techgenix.com/security-
considerations-infrastructure-service-cloud-computing-model/.
Siasmsp. (2015). Benefits of Infrastructure-as-a-Service (IaaS). Secure infrastructure and
services, Retrieved 23 September, 2017, from: http://www.siasmsp.com/benefits-of-
infrastructure-as-a-service-iaas/.
Whitehouse, L. (2017). The pros and cons of cloud backup technologies. Tech target, Retrieved
23 September, 2017, from: http://searchdatabackup.techtarget.com/tip/The-pros-and-
cons-of-cloud-backup-technologies.
[Name] [Student No.] 14
Prinzlau, M. (2017). 6 security risks of enterprises using cloud storage and file sharing apps.
Data insider, Retrieved 23 September, 2017, from: https://digitalguardian.com/blog/6-
security-risks-enterprises-using-cloud-storage-and-file-sharing-apps.
Shinder, D. (2011). Security Considerations for Infrastructure as a Service Cloud Computing
Model. TechGenix, Retrieved 23 September, 2017, from: http://techgenix.com/security-
considerations-infrastructure-service-cloud-computing-model/.
Siasmsp. (2015). Benefits of Infrastructure-as-a-Service (IaaS). Secure infrastructure and
services, Retrieved 23 September, 2017, from: http://www.siasmsp.com/benefits-of-
infrastructure-as-a-service-iaas/.
Whitehouse, L. (2017). The pros and cons of cloud backup technologies. Tech target, Retrieved
23 September, 2017, from: http://searchdatabackup.techtarget.com/tip/The-pros-and-
cons-of-cloud-backup-technologies.
[Name] [Student No.] 14
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.