Cloud Service Deployment Security, Privacy, and Compliance Report

Verified

Added on 2023/04/23

AI Summary

This report, prepared for the SCM module, delves into the critical aspects of managing security, privacy, and compliance within cloud service deployments. It begins by identifying the cloud security issues organizations face across different deployment models, including security concerns related to data location, and various mitigation strategies such as in-house computing centers and electronic discovery. The report then explores different deployment models like SaaS, PaaS, and IaaS, along with alternative solutions and a comparative analysis of public versus private cloud models. It outlines security responsibilities, compliance regulations, and proposes a private cloud computing solution, assessing associated risks and strategies for avoidance. The report also includes a comparative analysis of cloud deployment models, and a calculation part evaluating different options like in-house computing, electronic discovery, PaaS software, and isolation software based on their benefits, disadvantages, and costs, recommending the PaaS software as a suitable solution for mitigating data security risks. It concludes with references to support the findings and recommendations.

Running Head: SCM
Manage security, privacy, and compliance of cloud service deployment

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SCM 2
Table of Contents
Task 1: Manage security, privacy, and compliance of cloud service deployment.....................3
Task 2: Manage security, privacy, and compliance of cloud service deployment-Alternative
solutions.....................................................................................................................................6
Comparative Analysis of best cloud deployment models between Public and private..............6
References..................................................................................................................................7

SCM 3
Task 1: Manage security, privacy, and compliance of cloud service deployment
Cloud computing is a tool that is practiced to access the data by considering the available
resources and make a favorable decision in the context of the current matter. It offers an
opportunity to manage the business operation and reach a reliable conclusion.
Security issues related to the cloud based solution
In cloud service deployment, the organization could use many activities in managing security,
privacy, and compliance. The organization has been moving their business with respect to the
cloud Organizations and consumers have been moving their core business and confronted
form many issues as it could be associated with security, privacy, and compliance. In
addition, independent response method is practiced to deal with results of attracting against
the security of computer structure (Aikat, et al., 2017). Through this method, the organization
will evaluate different activities like verification of incident, analysis of attracting, problem
remediation, and restoration of services. Furthermore, each layer could assist the business to
operate their function and accomplish their task. Cloud provider becoming more sensitive for
concern of regulatory and security. The major problem is confronted by the organization is
data location.
Mitigation strategies
For securing the location of data, the organization has used in-house computing center that
facilitates the organization to save its data in multiple locations with higher security.
Electronic discovery is another method that facilitates to the firm to perform many activities
as it could be associated with identification of data, gathering of data, and production of
electronically stored data (Kalloniatis, et al., 2014). It could facilitate the organization to
secure their data by evaluating the place wherein data has been stored. Moreover,
electronically stored data tool is practiced in collecting mail and electronic data media tool
and support to reach a reliable conclusion. In contrast to this, it is evaluated that the

SCM 4
organization has practiced PaaS software to store data and manage it accordingly. In support
of this, electronically stored data is practiced by the cloud provider for making security in the
organization. Apart from this, it is evaluated that data sanitization is practice for the
restoration of the services and the residual information based on the service termination. The
organization has also used temporary outages is another method that is practiced for securing
the data and reach a reliable conclusion (Duncan & Whittington, 2016). It is mainly
practiced for high service availability and reliability of the data to make a feasible decision in
the context of an organization. In addition, it is examined that the attacker used many
computers to theft the data from online sources that are complicated for the firm to manger
easily and secure their whole information. However, in the current era, the organization uses
a service denial method and control the attacker at the same time to reach a reliable
conclusion. Moreover, isolation software facilitates the organization to handle different issues
at the same time. Furthermore, it is examined that this software could be effective in
managing the huge amount of data in a limited time (Vitti, et al., 2014).
Deployment Model
The organization could also use different alternative solutions in their working place to
manage security, privacy, and compliance of cloud service deployment. These are known as
Cloud software as a service, Cloud platform as a service, and Cloud infrastructure as a
service. It will help the organization for increasing the security level of data in the
organization. Moreover, SaaS software is used to perform many activities that are associated
with email, CRM, collaboration, and ERP (Srivastava & Kumar, 2015). It will help the
organization to effectively offer the services to the consumers to consume it in a systematic
manner.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SCM 5
PaaS software is practiced to provide a platform to the organization for offering their
services. Through this software, the organization will be capable to perform many acts like
app development, decision support, web, and streaming (Jaiswal & Rohankar, 2014).
IaaS is practiced to migrate many activities in one act and reach a reliable conclusion. These
activities are catching, networking, security, and system management. It will also support to
make infrastructure of the working place as it would be effective in operating their business
and sustain its position in the marketplace.
Other Deployment models
There are four kinds of models that are known as cloud deployment models like private
cloud, community cloud, public cloud, and community cloud. The public cloud could be
publicly addressable, which is owned by third party cloud provider. Public clouds are
managing by different vendors like Google Apps, Dropbox, Salesforce, Cisco WebEx,
Amazon, and Concur. The private clouds could be manage by the IT professionals. It offers
more security and flexibility as compared to other clouds like hybrid, community, and public.
It is quite expensive than other cloud models (Harvey & Harvey, 2014).
Security responsibility covering
The client must not use applications that he/she is not authorized to use. Access should
always be asked from the employees wherever a Clint wants in any data that he/she does not
have access of. The data must be managed in such a manner that it should not go into wrong
hands. Moreover, Firewalls, antivirus, password are used by the consumers to securing their
physical cite security. The enterprise could use IAM tool to secure and mange structure.
Enterprise could use secret code for securing all disk Input/Output.
Compliance regulation

SCM 6
There are four kinds of regulation that might be considered as per the situation like
international, local, regional, and internet regulation. These regulations are used to secure the
personal data of consumers.
Proposed computing solution
For this case, private cloud computing model is used by the organization. It is operated by IT
professionals with more security and flexibility, which could favourable impact on the overall
productivity of the firm. There are different kinds of risk that could face by the firm like
security incidents, cloud provider viability, and network availability risk. It could be avoided
by involving different strategies like identification of CSPs, identify physical location of data,
and mapping analysis.
Task 2: Manage security, privacy, and compliance of cloud service deployment-Alternative
solutions
Comparative Analysis of best cloud deployment models between Public and private
Pubic Private
Ease of setup and use Easy Needs of IT proficiency
Data security and privacy Low High
Data control Little High
Reliability Vulnerable High
Scalability and flexibility High High
Cost-effectiveness cheapest one Cost-intensive
Demand for in-house
hardware
No Depends
From the above chart, it can be stated that organization could use private methods due to
getting higher profit as compared to the public cloud model.
Calculation part
Year-
1
Year-
2
Year-
3
Year-
4
Total
NPV
Option-1: In house computing
centre Capital -1200
Operational 500 600 720
Total -1200 500 600 720
$291.3
6

SCM 7
Option-2: Electronic discovery Capital -1000
Operational 400 480 576
Total -1000 400 480 576
$193.0
9
Option-3: PAAS Software Capital -1500
Operational 700 840 1008
Total -1500 700 840 1008
$587.9
0
Option-4: Isolation software Capital -1100
Operational 400 480 576
Total -1100 400 480 576 $93.09
From the above table, it is evaluated that there are four options like In house computing
centre, Electronic discovery, PaaS software, and Isolation software as it could support to
mitigate the data security risk. The obtained NPV of these options are $291.36, $193.09,
$587.90, and $93.09. It could be recommend that PaaS software is more suitable method as
compared to other.
Option-1 Option-2 Option-3 Option
-4
Benefits Save data
in
multiple
locations
with
higher
security
Identify
the actual
location
for data
storage
store data
and
manage it
according
ly
handle
differen
t issues
at the
same
time
Disadvantages Increase
additional
IT cost of
organizati
on
All time
cost
expensive Lack of
data
security
control
Total costs -1200 -1000 -1500 -1100
Total savings 1820 1456 2548 1456
Flexibility of the contract less less higher less
Estimated implementation
time frame
16 months 18
months
6 months 21
months
Requirement-1 Infrastruct
ure
purchase
software
Contract
with third
party
vendors
purchas
e
softwar
e

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

SCM 8
Requirement-2 Hiring
Employee
s
Hire
consultan
t
Hire
professio
nals
Third
party
venders
Requirement-n NA NA NA NA
Implementation risks Security
risk
Record
managem
ent
Data
ownershi
p
Portabil
ity

SCM 9
References
Aikat, J., Akella, A., Chase, J. S., Juels, A., Reiter, M., Ristenpart, T., & Swift, M. (2017).
Rethinking security in the era of cloud computing. IEEE Security & Privacy.
Duncan, R. A. K., & Whittington, M. (2016). Enhancing cloud security and privacy: the
power and the weakness of the audit trail. CLOUD COMPUTING 2016.
Harvey, M. J., & Harvey, M. G. (2014). Privacy and security issues for mobile health
platforms. Journal of the Association for Information Science and Technology, 65(7), 1305-
1318.
Jaiswal, P. R., & Rohankar, A. W. (2014). Infrastructure as a service: security issues in cloud
computing. International Journal of Computer Science and Mobile Computing, 3(3), 707-
711.
Kalloniatis, C., Mouratidis, H., Vassilis, M., Islam, S., Gritzalis, S., & Kavakli, E. (2014).
Towards the design of secure and privacy-oriented information systems in the cloud:
Identifying the major concepts. Computer Standards & Interfaces, 36(4), 759-775.
Srivastava, H., & Kumar, S. A. (2015). Control framework for secure cloud
computing. Journal of Information Security, 6(1), 12.
Srivastava, H., & Kumar, S. A. (2015). Control framework for secure cloud
computing. Journal of Information Security, 6(1), 12.
Vitti, P. A. F., dos Santos, D. R., Westphall, C. B., Westphall, C. M., & Vieira, K. M. M.
(2014). Current issues in cloud computing security and management. SECURWARE, 2014,
47.