Cloud Computing: Security Measures and Business Planning
VerifiedAdded on  2021/06/17
|11
|2222
|133
Report
AI Summary
This report addresses cloud computing security and business continuity planning for Regional Gardens Ltd., focusing on the adoption of a hybrid cloud and microservices model. It details essential security steps and controls, including passwords, secured browsers, access control, antivirus software, popup blocking, encryption, firewalls, digital authentication, regulatory compliance, and VPN implementation. The report also outlines a comprehensive business continuity plan (BCP), emphasizing the importance of business impact analysis, security measure implementation, team organization, and training. It highlights key issues related to application resilience, backup, and disaster recovery in a hybrid cloud environment, such as slower cloud adoption, slower data recoveries and reliability concerns. The report concludes by providing a thorough analysis of security and business planning in cloud computing.
Running head: CLOUD COMPUTING
Cloud Computing
Name of the Student
Name of the University
Author’s Note:
Cloud Computing
Name of the Student
Name of the University
Author’s Note:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
CLOUD COMPUTING
Table of Contents
Question 3..................................................................................................................................2
Question 4..................................................................................................................................6
References..................................................................................................................................8
CLOUD COMPUTING
Table of Contents
Question 3..................................................................................................................................2
Question 4..................................................................................................................................6
References..................................................................................................................................8
2
CLOUD COMPUTING
Question 3
Security Steps and Controls for Hybrid Cloud
Regional Gardens Ltd. is one of the most popular organizations that is running several
inter related gardening enterprises. They comprise of a larger display garden and it opens for
the purpose of several times in a year (Taddeo, 2013). This particular organization has
planned to retain the data centre of Bathurst for storing their data. Regional Gardens Ltd thus
requires to move all of their infrastructures to the cloud. The web services are to be moved to
the cloud for providing an incremented level of High Availability. It would also provide
flexibility to these services for data supply to all the employees and customers. The Micro
Services model would be helpful in this case (Von Solms & Van Niekerk, 2013). They have
decided to move their data to the hybrid cloud.
There are various risks that are related to this Micro services model and hybrid cloud.
The most significant risks to this model and hybrid cloud are hijacking of accounts, data
breaching, insider threats, malware injection, insecure application programming interface or
API, denial of service attacks, abuse of cloud services and many more (Cavelty, 2014). All of
these risks are required to be mitigated for the successful operation within the cloud. These
mitigation strategies are mere security steps for the reduction of all these risks.
The various information security steps and controls for the proper reduction of any
type of security risk to the hybrid cloud and Micro Services model are given below:
i) Passwords: The first and the foremost security control that would be helpful for the
Regional Gardens Ltd is incorporation of passwords (Wells et al., 2014). A password is any
word or specific string of various characters that is utilized for the purpose of user
authentication and hence proving the access approval for gaining access to the resources.
CLOUD COMPUTING
Question 3
Security Steps and Controls for Hybrid Cloud
Regional Gardens Ltd. is one of the most popular organizations that is running several
inter related gardening enterprises. They comprise of a larger display garden and it opens for
the purpose of several times in a year (Taddeo, 2013). This particular organization has
planned to retain the data centre of Bathurst for storing their data. Regional Gardens Ltd thus
requires to move all of their infrastructures to the cloud. The web services are to be moved to
the cloud for providing an incremented level of High Availability. It would also provide
flexibility to these services for data supply to all the employees and customers. The Micro
Services model would be helpful in this case (Von Solms & Van Niekerk, 2013). They have
decided to move their data to the hybrid cloud.
There are various risks that are related to this Micro services model and hybrid cloud.
The most significant risks to this model and hybrid cloud are hijacking of accounts, data
breaching, insider threats, malware injection, insecure application programming interface or
API, denial of service attacks, abuse of cloud services and many more (Cavelty, 2014). All of
these risks are required to be mitigated for the successful operation within the cloud. These
mitigation strategies are mere security steps for the reduction of all these risks.
The various information security steps and controls for the proper reduction of any
type of security risk to the hybrid cloud and Micro Services model are given below:
i) Passwords: The first and the foremost security control that would be helpful for the
Regional Gardens Ltd is incorporation of passwords (Wells et al., 2014). A password is any
word or specific string of various characters that is utilized for the purpose of user
authentication and hence proving the access approval for gaining access to the resources.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
CLOUD COMPUTING
Passwords would be extremely important and effective for the organization, since the
authenticity would be properly maintained.
ii) Secured Browser: The second important security control for Regional Gardens Ltd
is the secured browser. The browser that is being utilized by them should be secured (Anwar
& Mahmood, 2014). Any type of safe and secured browser restricts or blocks the entry of
spam or virus to the organizational network and hence the hacker does not get the access to
the data.
iii) Access Control: The third significant and important security control for the
organization of Regional Gardens Ltd is controlling of the access. This would stop the users
from entering into the cloud and thus the authenticity would be maintained.
iv) Antivirus: This is the most basic security measure for any type of cloud. Antivirus
is the typical software program that is utilized for preventing, detecting as well as removal of
malware (Elmaghraby & Losavio, 2014). The computer viruses are easily detected with the
help of this software program. Moreover, the Trojan horses are also removed by this software
easily and promptly.
v) Popup Blocking: The next significant security measure is popup blocking. It is the
specific software that helps to block or restrict the popup windows and hence confidential
information could not be hacked as well as intruded. Hence phishing is easily stopped.
vi) Encryption: Encryption is considered as one of the most effective security control.
It helps to secure the data or information within any system (Dinh et al., 2013). It is the
significant procedure of encoding the confidential text or message to a cipher text in the
method, which would only allow the receiver in accessing the text or message. This is
considered as the most popular and efficient for Regional Gardens. This particular
CLOUD COMPUTING
Passwords would be extremely important and effective for the organization, since the
authenticity would be properly maintained.
ii) Secured Browser: The second important security control for Regional Gardens Ltd
is the secured browser. The browser that is being utilized by them should be secured (Anwar
& Mahmood, 2014). Any type of safe and secured browser restricts or blocks the entry of
spam or virus to the organizational network and hence the hacker does not get the access to
the data.
iii) Access Control: The third significant and important security control for the
organization of Regional Gardens Ltd is controlling of the access. This would stop the users
from entering into the cloud and thus the authenticity would be maintained.
iv) Antivirus: This is the most basic security measure for any type of cloud. Antivirus
is the typical software program that is utilized for preventing, detecting as well as removal of
malware (Elmaghraby & Losavio, 2014). The computer viruses are easily detected with the
help of this software program. Moreover, the Trojan horses are also removed by this software
easily and promptly.
v) Popup Blocking: The next significant security measure is popup blocking. It is the
specific software that helps to block or restrict the popup windows and hence confidential
information could not be hacked as well as intruded. Hence phishing is easily stopped.
vi) Encryption: Encryption is considered as one of the most effective security control.
It helps to secure the data or information within any system (Dinh et al., 2013). It is the
significant procedure of encoding the confidential text or message to a cipher text in the
method, which would only allow the receiver in accessing the text or message. This is
considered as the most popular and efficient for Regional Gardens. This particular
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
CLOUD COMPUTING
organization should implement this security measure in their business. It is nearly impossible
to crack the cipher text and can only be done with the help of decryption. Only the authorized
recipient has the ability in easily decrypting the specific message with a key that is being
provided by the sender and recipients. This eventually restricts the entry to the authorized and
authenticated data within the cloud. There are specifically two types of algorithms. They are
symmetric key algorithm and asymmetric key algorithm (Arora, Parashar & Transforming,
2013). The symmetric key algorithm helps to restrict the data and the data can be retrieved
with only one key, i.e. only one key is required for encryption and the same key is used for
decryption. The asymmetric key algorithm restricts the data with the help of two keys. One of
the key is used for encryption and the other key is used for decryption.
vii) Firewalls: Firewalls is the network security system, which significantly monitors
or controls the incoming as well as outgoing traffic of network that is based on the previously
determined security rules (Fernando, Loke & Rahayu, 2013). The firewall is the specific
barrier between the trusted internal and the un-trusted external networks like Internet
connection. Regional Gardens Ltd should implement a proper firewall within their hybrid
cloud and thus their security would be checked.
viii) Digital Authentication: It is the significant process by which authentication is
introduced with the help of an electronic signature. This provides evidence to the data
received with the help of electronic signature and the authenticity would be maintained
properly. Identity theft and frauds are easily identified in this process (Garg, Versteeg &
Buyya, 2013). Regional Gardens Ltd can easily secure their hybrid cloud with the
implementation of digital authentication.
ix) Regulatory Compliance: One of the most significant security controls is the
implementation of regulatory compliance. It is the specification or policy that helps in
CLOUD COMPUTING
organization should implement this security measure in their business. It is nearly impossible
to crack the cipher text and can only be done with the help of decryption. Only the authorized
recipient has the ability in easily decrypting the specific message with a key that is being
provided by the sender and recipients. This eventually restricts the entry to the authorized and
authenticated data within the cloud. There are specifically two types of algorithms. They are
symmetric key algorithm and asymmetric key algorithm (Arora, Parashar & Transforming,
2013). The symmetric key algorithm helps to restrict the data and the data can be retrieved
with only one key, i.e. only one key is required for encryption and the same key is used for
decryption. The asymmetric key algorithm restricts the data with the help of two keys. One of
the key is used for encryption and the other key is used for decryption.
vii) Firewalls: Firewalls is the network security system, which significantly monitors
or controls the incoming as well as outgoing traffic of network that is based on the previously
determined security rules (Fernando, Loke & Rahayu, 2013). The firewall is the specific
barrier between the trusted internal and the un-trusted external networks like Internet
connection. Regional Gardens Ltd should implement a proper firewall within their hybrid
cloud and thus their security would be checked.
viii) Digital Authentication: It is the significant process by which authentication is
introduced with the help of an electronic signature. This provides evidence to the data
received with the help of electronic signature and the authenticity would be maintained
properly. Identity theft and frauds are easily identified in this process (Garg, Versteeg &
Buyya, 2013). Regional Gardens Ltd can easily secure their hybrid cloud with the
implementation of digital authentication.
ix) Regulatory Compliance: One of the most significant security controls is the
implementation of regulatory compliance. It is the specification or policy that helps in
5
CLOUD COMPUTING
achieving the efforts to ensure that all the employees of the company are maintaining the
rules.
x) Involving Virtual Private Network: The proper implementation of VPN or virtual
private network would again be one of the most important and significant method of
restricting the data and securing the information of the Regional Gardens Ltd (Taddeo, 2013).
It is a private network within a public network that helps to send and receive data. Man in the
middle attacks is easily prevented by this particular security measure or control.
All the above mentioned security controls or measures would be extremely helpful for
the organization of Regional Gardens Ltd for securing their hybrid cloud and confidential
information.
CLOUD COMPUTING
achieving the efforts to ensure that all the employees of the company are maintaining the
rules.
x) Involving Virtual Private Network: The proper implementation of VPN or virtual
private network would again be one of the most important and significant method of
restricting the data and securing the information of the Regional Gardens Ltd (Taddeo, 2013).
It is a private network within a public network that helps to send and receive data. Man in the
middle attacks is easily prevented by this particular security measure or control.
All the above mentioned security controls or measures would be extremely helpful for
the organization of Regional Gardens Ltd for securing their hybrid cloud and confidential
information.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
CLOUD COMPUTING
Question 4
Business Continuity Planning
The business continuity planning or BCP refers to the creation of the specific strategy
with the proper recognition of various risks or threats that are faced by a company with the
assurance that the assets and personnel are secured and have the ability in functioning for
disasters (Wells et al., 2014). The business continuity planning explicitly includes various
significant risks that would determine how all those risks and threats would be affecting the
operations of the organization. Moreover, several safeguards would be implemented and
processes would be designed for mitigating each and every risk. This results after testing all
the processes for ensuring the fact that the processes are reviewed for making them up to
date.
The Regional Gardens Ltd should develop a specific business continuity planning for
their business. All the disasters can eventually lead to the failure of the system completely.
There are several issues of the application resilience, backup and DR or disaster recovery
within the hybrid cloud environment (Fernando, Loke & Rahayu, 2013). The business
continuity planning of the Regional Gardens Ltd for the adoption of the hybrid cloud and
Micro services model should have the following steps:
i) The first step of the business continuity planning or BCP is the conduction of the
business impact analysis for the proper identification of time sensitive and various critical
business operations or processes as well as the resources, which would be supporting these
processes (Elmaghraby & Losavio, 2014).
CLOUD COMPUTING
Question 4
Business Continuity Planning
The business continuity planning or BCP refers to the creation of the specific strategy
with the proper recognition of various risks or threats that are faced by a company with the
assurance that the assets and personnel are secured and have the ability in functioning for
disasters (Wells et al., 2014). The business continuity planning explicitly includes various
significant risks that would determine how all those risks and threats would be affecting the
operations of the organization. Moreover, several safeguards would be implemented and
processes would be designed for mitigating each and every risk. This results after testing all
the processes for ensuring the fact that the processes are reviewed for making them up to
date.
The Regional Gardens Ltd should develop a specific business continuity planning for
their business. All the disasters can eventually lead to the failure of the system completely.
There are several issues of the application resilience, backup and DR or disaster recovery
within the hybrid cloud environment (Fernando, Loke & Rahayu, 2013). The business
continuity planning of the Regional Gardens Ltd for the adoption of the hybrid cloud and
Micro services model should have the following steps:
i) The first step of the business continuity planning or BCP is the conduction of the
business impact analysis for the proper identification of time sensitive and various critical
business operations or processes as well as the resources, which would be supporting these
processes (Elmaghraby & Losavio, 2014).
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CLOUD COMPUTING
ii) The second significant step of the business continuity planning or BCP is the
identification, documentation and finally implementation of various security measures for the
successful recovery of the business processes and functions.
iii) The next important step in the business continuity planning for Regional Gardens
Ltd is the proper organization of a business continuity team and hence compiling the business
continuity plan for the proper management of business disruption.
iv) The final vital step in the business continuity planning for Regional Gardens Ltd is
the conduction of training for the business continuity team and hence testing or exercising for
evaluation of strategies as well as the planning (Garg, Versteeg & Buyya, 2013).
There are several issues related to the application resilience, backup and disaster
recovery within the environment of hybrid cloud. These issues are as follows:
i) Slower Adoption of Cloud: This is the most important issue in application
resilience, backup and disaster recovery. The adoption to the cloud is much slower than usual
and hence data protection is highly challenged (Rittinghouse & Ransome, 2016). The
traditional storage target is often limited and thus this issue is to be mitigated. BCP can easily
resolve the issue without much complexity by segregating the cloud activities.
ii) Slower Recoveries: This is another significant issue related to backup and recovery
is slower recovery of data. BCP is helpful in this case, since various security measures are
present within the planning and thus makes the hybrid cloud absolutely safe and secured.
iii) Reliability: Another issue related to application resilience is reliability (Hashizume
et al., 2013). Due to the presence of various security measures and since the strategies are
evaluated properly, the reliability of the cloud is extremely high and could be easily checked
with the help of this planning.
CLOUD COMPUTING
ii) The second significant step of the business continuity planning or BCP is the
identification, documentation and finally implementation of various security measures for the
successful recovery of the business processes and functions.
iii) The next important step in the business continuity planning for Regional Gardens
Ltd is the proper organization of a business continuity team and hence compiling the business
continuity plan for the proper management of business disruption.
iv) The final vital step in the business continuity planning for Regional Gardens Ltd is
the conduction of training for the business continuity team and hence testing or exercising for
evaluation of strategies as well as the planning (Garg, Versteeg & Buyya, 2013).
There are several issues related to the application resilience, backup and disaster
recovery within the environment of hybrid cloud. These issues are as follows:
i) Slower Adoption of Cloud: This is the most important issue in application
resilience, backup and disaster recovery. The adoption to the cloud is much slower than usual
and hence data protection is highly challenged (Rittinghouse & Ransome, 2016). The
traditional storage target is often limited and thus this issue is to be mitigated. BCP can easily
resolve the issue without much complexity by segregating the cloud activities.
ii) Slower Recoveries: This is another significant issue related to backup and recovery
is slower recovery of data. BCP is helpful in this case, since various security measures are
present within the planning and thus makes the hybrid cloud absolutely safe and secured.
iii) Reliability: Another issue related to application resilience is reliability (Hashizume
et al., 2013). Due to the presence of various security measures and since the strategies are
evaluated properly, the reliability of the cloud is extremely high and could be easily checked
with the help of this planning.
8
CLOUD COMPUTING
CLOUD COMPUTING
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
CLOUD COMPUTING
References
Anwar, A., & Mahmood, A. N. (2014). Cyber security of smart grid infrastructure. arXiv
preprint arXiv:1401.3936.
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing
using encryption algorithms. International journal of engineering research and
applications, 3(4), 1922-1926.
Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and
removing vulnerabilities. Science and Engineering Ethics, 20(3), 701-715.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Elmaghraby, A. S., & Losavio, M. M. (2014). Cyber security challenges in Smart Cities:
Safety, security and privacy. Journal of advanced research, 5(4), 491-497.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation,
management, and security. CRC press.
CLOUD COMPUTING
References
Anwar, A., & Mahmood, A. N. (2014). Cyber security of smart grid infrastructure. arXiv
preprint arXiv:1401.3936.
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing
using encryption algorithms. International journal of engineering research and
applications, 3(4), 1922-1926.
Cavelty, M. D. (2014). Breaking the cyber-security dilemma: Aligning security needs and
removing vulnerabilities. Science and Engineering Ethics, 20(3), 701-715.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Elmaghraby, A. S., & Losavio, M. M. (2014). Cyber security challenges in Smart Cities:
Safety, security and privacy. Journal of advanced research, 5(4), 491-497.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An
analysis of security issues for cloud computing. Journal of internet services and
applications, 4(1), 5.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation,
management, and security. CRC press.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
CLOUD COMPUTING
Taddeo, M. (2013). Cyber security and individual rights, striking the right balance.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security
challenges in manufacturing systems. Manufacturing Letters, 2(2), 74-77.
CLOUD COMPUTING
Taddeo, M. (2013). Cyber security and individual rights, striking the right balance.
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
security. computers & security, 38, 97-102.
Wells, L. J., Camelio, J. A., Williams, C. B., & White, J. (2014). Cyber-physical security
challenges in manufacturing systems. Manufacturing Letters, 2(2), 74-77.
1 out of 11
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.