Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Cloud Computing Report: Hybrid Cloud Security, Risks, and Mitigation

Verified

Added on 2023/06/12

AI Summary

This report discusses the implementation of data storage to the cloud for Regional Gardens Ltd, evaluating the security and risks associated with the migration process. It explores different risk control methods and mitigation strategies, along with business process continuity considerations. The report recommends the deployment of a suitable cloud architecture, specifically a hybrid cloud model utilizing PaaS (Platform as a Service), such as AWS. Benefits of this architecture include improved service, data availability, and cost-effectiveness. The report also addresses potential disadvantages like the absence of business continuity planning, software development lifecycle support, and sufficient SLA provisions. Key risks associated with hybrid cloud deployment, such as poor encryption, inefficient risk assessment, lack of compliance, and authentication failures, are identified along with mitigation techniques. The report concludes by emphasizing the importance of data redundancy, authentication verification, and application interface protection for ensuring a secure and reliable cloud environment.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: CLOUD COMPUTING
CLOUD COMPUTING
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1CLOUD COMPUTING
Table of Contents
Introduction......................................................................................................................................2
Discussion........................................................................................................................................2
The cloud architecture that can be assisted for the Regional Gardens:.......................................2
The benefits that can be achieved for the deployment of the mentioned architecture in the
Regional Garden:.........................................................................................................................4
Risk regarding the hybrid cloud and the strategies to control those risks:..................................6
Steps and controls for securing the hybrid cloud.......................................................................10
Business Continuity Planning for the micro service approach and hybrid cloud:.....................11
Resource management , SLA management and the remote server administration...................12
Migration to AWS services:......................................................................................................12
Critical points and issues:..........................................................................................................13
Conclusion.....................................................................................................................................13
References......................................................................................................................................15

2CLOUD COMPUTING
Introduction
Regional Gardens Ltd is an organization which is owner of the several gardening
enterprise. The organization controls and manage the variety of garden display and those
gardening will be open for the inspection of the people for the certain time. The organization is
currently planning to move all the stored data to migrate to the cloud (Hashem et al.,2015). The
business of this organization is growing and to make their service highly available to the
consumer, the organization has planned to improvise the Web service. This modification of the
system will increase the flexibility of the business operating system along with the maintenance
of the scalability of the system. In order to implement the system in a better way the security and
the associated threats with the improvised system is needed to be discussed during the time of
migration.
The main objective of this article is to discuss about the implementation of the data
storage to the cloud along with the evaluation of the security and the risks associated with the
migration process. Different ways of risk control method along with the ways for the mitigation
of the risk are also described in this study. The business process continuity of the Regional
Gardens are also provided along with mentioning the recommendation for the deployment of the
right cloud architecture to be implemented in the Regional Garden.

3CLOUD COMPUTING
Discussion
The cloud architecture that can be assisted for the Regional Gardens:
In order to choose the significant cloud architecture for the Regional Gardens, the
evaluation of different types cloud architectures are needed to be discussed. There variations of
the cloud architecture can be classified upon two attributes-
Difference based on the type of service
The classification of the service based on the deployment method.
There are three types of cloud service based on the type of service. These three categories
are- SaaS (Software as service),IaaS( Infrastructure as service), PaaS(Platform as service).
On the basis of the deployment of the cloud architecture the cloud architecture can be
categorized in to three different kinds- public cloud, private cloud and hybrid cloud. The hybrid
cloud is the combination of the public clod and the hybrid cloud.
The Regional Garden has decided to migrate the data to the hybrid cloud and the service
it is going to use is PaaS (Platform as Service). This solution can be helpful for the organization
to expand the business along with that the improvisation of service can be done as the migration
of data to the cloud will provide better management of data. Moreover, this improvement of the
organization will help the Regional Garden to provide better customer service.
The significance for choosing the cloud service and the type of the deployment of the
cloud can be justified. PaaS or platform as a service is a cloud service where the vendor or the
cloud providing company will provide both the hardware and the software infrastructure to the
users. The users can use those infrastructure to run their own programs(Sanaei et al.,2014) . This

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4CLOUD COMPUTING
service provides a platform that allows the client to manage , develop and run all the applications
under one platform. Implementation of this system can be helpful for the organization as the cost
of managing and maintaining the infrastructure can be done by the third party could provider.
This helps to reduce the cost of maintenance of the organization along with that the maintenance
of the data can be managed easily.
The deployment of the hybrid cloud is selected for the Regional Garden. The main
advantage of the hybrid cloud is that it allows the implementation of both public cloud and the
private cloud. In the public cloud the data which is stored can be accessed by the people. The
security of the public cloud is maintained by the third party cloud provider. On the other hand the
security of the private cloud is maintained by the organization or the cloud vendor. The hybrid
cloud allows the partial migration of data to the cloud. The suitable PaaS cloud service that can
be deployed in the hybrid cloud architecture can be AWS or Amazon Web Service.
The benefits that can be achieved for the deployment of the mentioned architecture in the
Regional Garden:
There are several benefits those can be achieved after the deployment of the above mentioned
services in the organization. Some of the selected benefits those can be achieved-
 Better service: The modification of the system which includes the migration of the data
to the cloud will improve the service provided by the Regional Garden. The migration of
the data to the cloud will simplify the procedure of the working of the Regional Garden
along with that will also add sustainability and the scalability to the services. The
productivity along with the data sharing can be improved with the deployment of the
cloud.

5CLOUD COMPUTING
 Availability of the data: The migration of data to the cloud will increase the availability
of data. The information regarding the regional garden can be accessed online from
anywhere and at anytime (Dinh et al.,2013). This will improve the quality of the business
along with the betterment of the service.
 Managing the application management: The main benefit that can be achieved from the
implementation of the cloud computing is that it allows the streamlining of the
application management. In order to manage the business effectively, the streamlining of
the application is needed to be done effectively (Almorsy, Grundy & Müller,2016). This
feature of the cloud computing can help the organization to gain the competitive
advantage over the other companies in the market.
 Cost effectiveness: The implementation of the hybrid cloud in the organizational system
will help the organization to achieve the cost effective solutions. The hybrid cloud
infrastructure allows the saving of the cost for maintaining the infrastructure for the
organization. In this case, the infrastructure can be managed by the third party cloud
service provider. The security of the cloud can be managed by the cloud providing
vendor . These specification of the hybrid cloud computing has managed the organization
to save the cost for the maintenance of the data.
These are the several benefits those can be achieved with the deployment of the cloud
service in the organization. However, there are certain disadvantages or the risks those are
associated with the deployment of the hybrid cloud in the Regional Garden. Some of the
significant disadvantages are-
 DR and BCP: The main disadvantage of implementation of the hybrid cloud
computing is the absence of the business continuity planning and disaster recovery

6CLOUD COMPUTING
system (Alshamaila, Papagiannidis & Li,2013). The presence of the BCP and the DR
is very much important for the organization system (Avram,2014). In case if the
server is hacked and the data is lost form the system , the disaster recovery system
can be beneficial for retrieving of the data.
 Absence of SSDLC: Another risk associated with implementation of the hybrid cloud
architecture is that it does not support the software development life cycle. Due to the
absence of the software development life cycle model in the deployment process the
chances of error in the implementation system along with errors in the system code
may occur.
 Absence of the sufficient SLA provision: Another significant risk associated with the
hybrid cloud architecture model is the lack of the SLA provision. The working
process of the Regional Garden can be effected due to this reason and the service to
the consumer can be disrupted.
Risk regarding the hybrid cloud and the strategies to control those risks:
There are certain risks which are associated with the deployment of the hybrid cloud and
the micro services. These risks can be mitigated using different technical approaches and te
control technologies. Different risks associated with the hybrid cloud computing along with the
mitigation techniques are shown in the table below:
Threats or the possible security
risks
Risk description Ways to mitigate the risk
1. Poor encryption One of the most significant
security threats for the hybrid
cloud computing is the poor
One of the way to mitigate the
risk is to implement the good
encryption technique. There

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7CLOUD COMPUTING
encryption technique in the
system (Fernando, Loke &
Rahayu,2013). The poor
encryption technique will
enable the system prone to the
external threats. This results
of the attacks on the system
will be the damage of the
system along with the loss of
data.
are two types of encryption
technique-symmetric and
asymmetric. However, the
selection of the encryption
technique is based on the
requirement and the design of
the deployed system
(Hashizume et al.,2013). The
use of the encryption will help
to maintain the security and
data integrity.
2. Inefficient
assessment of the
risk
The second most important
risk associated with the
deployment of the cloud is the
inefficient assessment of the
security risk (Whaiduzzama et
al.,2014). In this case, the
users of the system can not
identify the way intruders are
entering in the system. In this
case the data breaches cannot
be identifies easily.
The risk prevention
assessment can prevent these
kind of risks and mitigate the
threats associate with the data
breaches. The IDS system
scan can be applicable for
scanning the malicious virus
or activities.
3. Lack in the
compliance
There is lack of compliance in
the implementation of the
hybrid cloud computing.
The only way to mitigate this
problem is maintaining the
right communication between
the public and private cloud

8CLOUD COMPUTING
of the hybrid cloud system.
4. Inaccurate security
management
One of the major issue in the
hybrid cloud management is
the lack of the authentication .
The authentication problem
can be arise due to the
difference of the integration
between the various cloud
architecture
One of the major way to
mitigate the system is to
provide a mechanism that will
synchronize the proper
communication between
different cloud security
protocols (Garg, Versteeg &
Buyya, 2013). This will help
to mitigate the security risks
regarding the authentication.
5. Poor redundancy of
the data
One of the most significant
security or the threat
regarding the hybrid cloud is
the poor data redundancy. The
data in the system is needed to
be distributed in a proper
manner.
The redundancy of the data
can be achieved by using the
multiple data centers from any
one cloud providers, apart
from that this can be achieved
from using the various cloud
providers.
6. Failure of
authentication
One of the major security risk
or threats associate with the
implementation of the hybrid
cloud is the failure of the
authentication of the cloud.
This can cause a problem for
the Regional Garden during
This issue can be easily
managed by the monitoring
and the controlling of the
verification for each of the
user using the system.

9CLOUD COMPUTING
the access of the data.
7. Protection of the
application interface
Another major security risk
associated with the
implementation of the hybrid
in the Regional Garden is the
unprotected interface of the
application programming.
This risk can cause the
security threats to the data and
the data can be accessed by
the unauthorized users, the
application can be infected
with the malicious virus
which will eventually damage
the system and the loss of data
will occur.
The way to get the protection
from this kind of security
threats is the deployment of
the encryption and the use of
API keys. The third party
developers are needed to be
concerned about maintaining
the security of the data stored
in the public cloud.
8. Denial of service
attack
The hybrid cloud system in
prone to the denial of service
attack. In this kind of attack
the cloud system will be
managed by the unauthorized
users and the authorized user
of the cloud will not be able to
control the system.
In order to mitigate this kind
of attack the flow analytics
can be used. This will
identify the unnecessary
traffics in the network and
will redirect the traffic.
9. Poor IP protection This is the significant risk
associated with the poor IP
The automated system can be
deployed to mitigate this kind

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10CLOUD COMPUTING
protection system in the
hybrid cloud architecture
(Khan et al.,2013). The proper
identification and the
classification of the threats
can not be identified due to
this risk.
of risk (Gupta, Seetharaman
& Raj,2013). The IT
management team of the
organization should know the
source of the threat so that
they can keep the system
secure form the affected
system
10. Server breakdown This can be considered one of
the important risks associated
with the cloud
computing(Yang & Jia,2013) .
Due to the breakdown of the
servers, the users in the
Regional Garden may not
communicate with the server
cloud. The users may not able
to access the data from the
cloud due to this reason.
This risk can be mitigated by
the maintenance of the cloud
server by the provider of the
cloud. Apart from that the
security and the verification
method of the third party
cloud provider are the
important factors for
mitigation of the threat.
Steps and controls for securing the hybrid cloud
The proper maintenance of the security of the hybrid cloud will prevent the unauthorized access
to the cloud. Some of these steps are-

11CLOUD COMPUTING
 Security from the advanced threats: There are various kind of security threats
those may be happen in the deployment of the hybrid cloud (Carlin & Curran,
2013). These threats are advanced in the nature (Xia et al.,2016). The
advancement of the technology has made the way of security attacks complex. In
order to face these challenges the hybrid cloud architecture in the Regional
Garden needs the better authentication and encryption techniques.
 Security: The scaling of the security is needed to be done in hybrid cloud
architecture. The scaling attribute will enhance the security of the hybrid cloud
system (Jain & Paul, 2013). The scaling of the security is needed to be done by
the organization.
 The lowering of the operational cost: The important step for the organization is
lowering the operational cost for the implementation of the hybrid cloud (Arora,
Parashar & Transforming, 2013). The organization should be concerned about the
deployment of the hybrid cloud so that the right implementation of the cloud can
be den along with the proper security in a cost effective way.
 Optimization of the security: Another important step for the maintaining of the
safety of the hybrid cloud is to optimize the security of the system (Botta et
al.,2016). The deployment of the cloud along with the virtualization of the system
needs the optimization of the security (Fernando, Loke & Rahayu,2013). In order
to take the deployment strategies the considerations regarding the optimization of
the network is needed to be checked. The Regional Garden should include this
step in the implementation plan.

12CLOUD COMPUTING
Business Continuity Planning for the micro service approach and hybrid cloud:
Business Continuity Process is the plan which is involved in the development of the
business. The plan includes the planning of the factors for the development of the business
(Xiao, Song & Chen,2013). The BCP includes certain threats and the mitigation plan of those
threats. The processes are tested and evaluated to judge the effectiveness of the process.
The importance of developing the business plan for the Regional Garden is important
as the planning will indicate the areas of risks associated with the implementation of
the hybrid cloud architecture in the system. The disaster manager planning and the
recovery planning can be included in the planning documentation.
Resource management , SLA management and the remote server administration
There are various significance for the management of the remote server and the SLA
management . The various tools for managing the resource and the SLA management and the
remote server application are server manager, consoles , Microsoft Management Console
(Herbst, Kounev & Reussner, 2013). These are the important tools for managing the instances
for IaaS and PaaS. Shared resource is the most important part in the resources management. The
managing of the service level agreement will help to manage all the resources of the cloud
properly in the PaaS environment for the regional garden. The negotiation regarding the SLA can
be done properly.
Migration to AWS services:
The Regional Garden has decided to migrate all the data to the AWS. There are certain
steps for the implementation of the process.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

13CLOUD COMPUTING
 Planning of the migration: Then initial phase for the migration to the cloud is
the preparation of the planning for the migration.
 Discovery of the portfolio and the planning: This step will indicate the
application between various dependencies in the mitigation strategies which
will deploy the mitigation theories in the business process.
 Designing of the application: In this phase the blueprint of the planning is
carried out.
 Mitigation and validation of the application: In this step the security risks are
identified and the mitigation plan is made.
 Operating: In this step the deployment of the plan is done.
Critical points and issues:
There are some steps those are needed to be address the critical points and issues. Some of
these factors are-
 Issues regarding the preparation plan for the migration: During the planning phase the
wrong implementation of the plan can be done. In case , if the plan is not carried out
accurately, the migration may not be carried out properly.
 There can be many issues due to the inaccurate discovery of the planning and the
portfolio.
 In case, if there is any error in the designing process, the major failure of the system may
happen.
 Migration and the validation of the application: The migration and the validation of the
application may be difficult if any mistake happen in the implementation process.
 The errors in the above steps will generate the wrong operational service.

14CLOUD COMPUTING
Conclusion
Therefore it can be concluded that implementation of the hybrid cloud requires certain
steps in maintaining the architecture. There are certain advantages the Regional Garden can face
after the implementation of the hybrid cloud architecture in the organization. It will help the
Regional Gardens to expand the business and improve the quality of the service. Apart from that
the there are certain security threats. The paper has discussed about the certain risks along with
the mitigation plans for the risks. The steps for the migration of the data from the server to the
AWS is described along with that the issues regarding the each of the steps. It can be said the
implementation of the cloud in the Regional Gardens using the proper steps will be helpful for
the organization.

15CLOUD COMPUTING
References
Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security
problem. arXiv preprint arXiv:1609.01107.
Alshamaila, Y., Papagiannidis, S., & Li, F. (2013). Cloud computing adoption by SMEs in the
north east of England: A multi-perspective framework. Journal of Enterprise Information
Management, 26(3), 250-275.
Arora, R., Parashar, A., & Transforming, C. C. I. (2013). Secure user data in cloud computing
using encryption algorithms. International journal of engineering research and
applications, 3(4), 1922-1926.
Avram, M. G. (2014). Advantages and challenges of adopting cloud computing from an
enterprise perspective. Procedia Technology, 12, 529-534.
Botta, A., De Donato, W., Persico, V., & Pescapé, A. (2016). Integration of cloud computing and
internet of things: a survey. Future Generation Computer Systems, 56, 684-700.
Carlin, S., & Curran, K. (2013). Cloud computing security. In Pervasive and Ubiquitous
Technology Innovations for Ambient Intelligence Environments (pp. 12-17). IGI Global.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

16CLOUD COMPUTING
Dinh, H. T., Lee, C., Niyato, D., & Wang, P. (2013). A survey of mobile cloud computing:
architecture, applications, and approaches. Wireless communications and mobile
computing, 13(18), 1587-1611.
Fernando, N., Loke, S. W., & Rahayu, W. (2013). Mobile cloud computing: A survey. Future
generation computer systems, 29(1), 84-106.
Garg, S. K., Versteeg, S., & Buyya, R. (2013). A framework for ranking of cloud computing
services. Future Generation Computer Systems, 29(4), 1012-1023.
Gupta, P., Seetharaman, A., & Raj, J. R. (2013). The usage and adoption of cloud computing by
small and medium businesses. International Journal of Information Management, 33(5),
861-874.
Hashem, I. A. T., Yaqoob, I., Anuar, N. B., Mokhtar, S., Gani, A., & Khan, S. U. (2015). The
rise of “big data” on cloud computing: Review and open research issues. Information
Systems, 47, 98-115.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of
security issues for cloud computing. Journal of internet services and applications, 4(1),
5.
Herbst, N. R., Kounev, S., & Reussner, R. H. (2013, June). Elasticity in Cloud Computing: What
It Is, and What It Is Not. In ICAC (Vol. 13, pp. 23-27).
Jain, R., & Paul, S. (2013). Network virtualization and software defined networking for cloud
computing: a survey. IEEE Communications Magazine, 51(11), 24-31.

17CLOUD COMPUTING
Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud
computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.
Krishna, P. V. (2013). Honey bee behavior inspired load balancing of tasks in cloud computing
environments. Applied Soft Computing, 13(5), 2292-2303.
Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal
health records in cloud computing using attribute-based encryption. IEEE transactions on
parallel and distributed systems, 24(1), 131-143.
O’Driscoll, A., Daugelaite, J., & Sleator, R. D. (2013). ‘Big data’, Hadoop and cloud computing
in genomics. Journal of biomedical informatics, 46(5), 774-781.
Oliveira, T., Thomas, M., & Espadanal, M. (2014). Assessing the determinants of cloud
computing adoption: An analysis of the manufacturing and services sectors. Information
& Management, 51(5), 497-510.
Pearson, S. (2013). Privacy, security and trust in cloud computing. In Privacy and Security for
Cloud Computing (pp. 3-42). Springer, London.
Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management,
and security. CRC press.
Rong, C., Nguyen, S. T., & Jaatun, M. G. (2013). Beyond lightning: A survey on security
challenges in cloud computing. Computers & Electrical Engineering, 39(1), 47-54.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud
computing: taxonomy and open challenges. IEEE Communications Surveys &
Tutorials, 16(1), 369-392.

18CLOUD COMPUTING
Tao, F., Cheng, Y., Da Xu, L., Zhang, L., & Li, B. H. (2014). CCIoT-CMfg: cloud computing
and internet of things-based cloud manufacturing service system. IEEE Transactions on
Industrial Informatics, 10(2), 1435-1442.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and
privacy for storage and computation in cloud computing. Information Sciences, 258, 371-
386.
Whaiduzzaman, M., Sookhak, M., Gani, A., & Buyya, R. (2014). A survey on vehicular cloud
computing. Journal of Network and Computer Applications, 40, 325-344.
Xia, Z., Wang, X., Zhang, L., Qin, Z., Sun, X., & Ren, K. (2016). A privacy-preserving and
copy-deterrence content-based image retrieval scheme in cloud computing. IEEE
Transactions on Information Forensics and Security, 11(11), 2594-2608.
Xiao, Z., & Xiao, Y. (2013). Security and privacy in cloud computing. IEEE Communications
Surveys & Tutorials, 15(2), 843-859.
Xiao, Z., Song, W., & Chen, Q. (2013). Dynamic resource allocation using virtual machines for
cloud computing environment. IEEE transactions on parallel and distributed
systems, 24(6), 1107-1117.
Yang, K., & Jia, X. (2013). An efficient and secure dynamic auditing protocol for data storage in
cloud computing. IEEE transactions on parallel and distributed systems, 24(9), 1717-
1726.