Hybrid Cloud Security: Risk Analysis & Control Recommendations Report

Verified

Added on 2023/06/03

AI Summary

This report assesses the risks and controls associated with a hybrid cloud and microservices strategy for Meta Soft Ltd, a software development company operating in New Zealand and Australia. It identifies key risks such as high complexity, unplanned acquisition of cloud services, data management issues, lack of privacy and security, latency and bandwidth problems, and lack of disaster recovery. For each risk, the report proposes corresponding controls to mitigate them. Furthermore, the report outlines essential information security steps, including identity and access management, data encryption, API protection, and security log utilization. Finally, it recommends implementing legal and compliance measures, checking security tool compatibility, conducting risk assessments, and employing data encryption techniques to secure Meta Soft Ltd's hybrid cloud environment. Desklib provides students access to solved assignments and past papers.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
Cloud Computing
Name of the Student
Name of the University
Author’s Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1
CLOUD COMPUTING
Table of Contents
Task 1.........................................................................................................................................2
Task 2.........................................................................................................................................6
References..................................................................................................................................7

2
CLOUD COMPUTING
Task 1
Risks and Controls Associated with Hybrid Cloud and Micro services Strategy
Meta Soft Ltd is the software development company that is working n New Zealand
and Australia. They have decided to update and replace their old infrastructure. There is
existing data as well as services within the data centre that is to be moved to the respective
data centre in Sydney (Arora, Parashar & Transforming, 2013). The flexibility as well as
scalability is maintained with this specific type of cloud. They have decided to run a
workshop of risk and security for assessing the various security issues and risks and eve the
possible methodologies for controlling the approach of hybrid cloud.
The various risks associated with the hybrid cloud and micro services strategy are as
follows:
Serial
Number
Risks for
Hybrid
Cloud and
Micro
Services
Strategy
Description of the Risks Controls for Mitigating
the Risks
1. High
Complexity
The first and the foremost risk
that is associated with the hybrid
cloud and micro services strategy
in the organization of Meta Soft
Ltd is that the architecture is
extremely complex and this
makes the data management
The control for the
reduction of higher
complexity of hybrid cloud
is to include backup and
site recovery within this
cloud (Dinh et al., 2013).
Moreover, Cloud Care is

3
CLOUD COMPUTING
quite tough. The major reason
for this type of complexity is that
the hybrid cloud systems are
responsible for bringing the
onsite systems of information
technology, private cloud system
and public cloud system (Hashem
et al., 2015). This could be
extremely vulnerable for this
particular organization, since
they will not be able to access
their confidential data easily and
promptly.
also effective for the
management of such risks.
2. Unplanned
Acquisition
The second important and
significant risk for any specific
hybrid cloud and micro services
strategy is that the unplanned
acquisition. Without the planned
approach, the selection of the
hybrid cloud systems can
eventually create a mishmash of
the various types of IT systems
(Fernando, Loke & Rahayu, 2013).
The business oriented
This particular risk can be
controlled by the
amalgamation of acquiring
or building of several
cloud services.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4
CLOUD COMPUTING
departments are the common
victims for these types of risks.
3. Issues in Data
Management
The next significant risk in the
hybrid cloud and micro services
strategy for the organization of
Meta Soft Ltd is the issue for
managing the confidential data
and information. The storage
automation is being utilized by
several organizations within the
data centres for the purpose of
sending data to the various
storage tiers. It is extremely risky
to manage the data and hence
often the users undergo some of
the major issues.
A distinct plan for the
transfer of data to any
other location like public
cloud system is the best
control for reducing this
particular risk (Rittinghouse
& Ransome, 2016).
4. Lack of
Privacy as
well as
Security
The next significant risk within
the hybrid cloud for the company
of Meta Soft Ltd is the lack of
privacy as well as security. The
public and private cloud
components are combined
together for issuing this type of
risk (Garg, Versteeg & Buyya,
The proper set up for data
handling is the best control
for properly reducing this
issue of lacking the privacy
and security in data.

5
CLOUD COMPUTING
2013). This specific risk is
extremely vulnerable and
dangerous for all organizations
and thus proper security
measures should be undertaken
properly to avoid any type of
complexity.
5. Latency as
well as
Bandwidth
Issues
The fifth important and
significant issue that is quite
common for the hybrid cloud and
micro services strategy in Meta
Soft Ltd is the issue related to
latency as well as bandwidth
(Hashem et al., 2015).
The major control for this
particular risk is by
utilizing high end
applications.
6. Lack of
Disaster
Recovery
Another significant and
noteworthy risk for the
organization of Meta Soft Ltd is
the lack of disaster recovery.
There are certain policies that
should be reviewed properly for
stopping the major complexities.
The most significant and
important method for
reducing this type of risk is
by linking the aspects of
private cloud with the
various aspects of public
cloud eventually (Fernando,
Loke & Rahayu, 2013).

6
CLOUD COMPUTING
Task 2
Steps of Information Security and Recommendations of Controls to Secure Hybrid Cloud
The information security steps for Meta Soft Ltd are provided below:
i) Identity and Access Management Controls: The first and the foremost step in the
information security is that the identity as well as the access management controls should be
properly managed (Arora, Parashar & Transforming, 2013).
ii) Encryption of Data: The second important step for this information security in
hybrid cloud is the proper encryption of confidential data for the company.
iii) Protection of APIs: The APIs should be protected in the third significant step of
information security.
iv) Collection and Utilization of Security Logs: The several security logs is collected
and utilized in this step (Rittinghouse & Ransome, 2016).
The recommendations for the security of hybrid cloud in Meta Soft Ltd are as follows:
i) The first recommendation for the hybrid cloud security within Meta Soft Ltd is to
implement legal and compliance issues.
ii) The next recommendation for the security of hybrid cloud is to check for the
compatibility of security tools.
iii) Risk assessment is also mandatory for Meta Soft Ltd to properly mitigate the
issues.
iv) Another important and significant recommendation for Meta Soft for their hybrid
cloud is to implement encryption technique for the data or information.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7
CLOUD COMPUTING
References
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing
using encryption algorithms. International journal of engineering research and
applications, 3(4), 1922-1926.
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation,
management, and security. CRC press.