Comprehensive Data Security Analysis for Webb's Cloud Computing System
VerifiedAdded on 2020/04/07
|9
|2628
|419
Report
AI Summary
This report examines cloud computing security, particularly focusing on Infrastructure as a Service (IaaS) systems and data protection for organizations like Webb's. It emphasizes the importance of data security in cloud environments, highlighting encryption, authentication, and authorization procedures as crucial security measures. The report discusses the benefits of cloud computing, such as increased throughput and improved customer satisfaction, while also addressing potential risks like data breaches and loss of control. It explores the disadvantages of cloud data backup and retrieval, and analyzes the effects of cloud hosting on Disaster Recovery (DR) plans. Furthermore, the report provides recommendations for protecting data and ensuring secure access to services within a cloud environment, including specific measures for MS SQL server 2012 R2 security, network infrastructure, and cloud backup implementation. The conclusion stresses the importance of comprehensive security measures to protect sensitive data and ensure efficient service delivery in cloud computing.
Cloud computing
Name
Institution
Professor
Course
Date
Page 1 of 9
Name
Institution
Professor
Course
Date
Page 1 of 9
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Introduction
Data security is a fundamental requirement that should be considered by all organizations
purporting to move its data into cloud for various reasons. As observed from the Webb’s case
study, moving from its original data hosting to cloud computing should be made with a lot of
considerations, mostly in data security. Webb’s data security is of importance when considering
which platform to move its data to. Webb’s moving its data into cloud might sound laudable but
must understand challenges and precautions that are related to cloud computing. When selecting
data storage capability in terms of security; important factors consider are authentication and
authorization procedures which would be used in accessing organizational data, data integrity as
data should only be accessed by only authorized and authenticated persons and consistency of
data in order to ensure organizational employees do not work on redundant data. Withstanding
all these factors, organization should be in a position to consider which company to host its data
and how it intends to keep its data safe and secure from cyber security threats.
IaaS database security measures
Upon moving its data to IaaS database which is open to public domain, Webb’s should
not forgo security measures that should be put on its data once it has been hosted. Since data is
hosted by a third party on the cloud, encryption of data is quite essential (Hwang, 2017).
Encrypted data has only meaning to the user with decryption key, without set data decryption
key, data is set to be unusable by any other third party. Decryption of data should take place once
data is entered into the organizational database to prevent it from being compromised at any
stage. The encryption of data selected should be strong and secure enough to mitigate any
possible risks of being cracked by hackers. To make its data secure, Webb’s might decide to
employ ethical recognized ethical hacker to be in constant watch of its data order to make sure
Page 2 of 9
Data security is a fundamental requirement that should be considered by all organizations
purporting to move its data into cloud for various reasons. As observed from the Webb’s case
study, moving from its original data hosting to cloud computing should be made with a lot of
considerations, mostly in data security. Webb’s data security is of importance when considering
which platform to move its data to. Webb’s moving its data into cloud might sound laudable but
must understand challenges and precautions that are related to cloud computing. When selecting
data storage capability in terms of security; important factors consider are authentication and
authorization procedures which would be used in accessing organizational data, data integrity as
data should only be accessed by only authorized and authenticated persons and consistency of
data in order to ensure organizational employees do not work on redundant data. Withstanding
all these factors, organization should be in a position to consider which company to host its data
and how it intends to keep its data safe and secure from cyber security threats.
IaaS database security measures
Upon moving its data to IaaS database which is open to public domain, Webb’s should
not forgo security measures that should be put on its data once it has been hosted. Since data is
hosted by a third party on the cloud, encryption of data is quite essential (Hwang, 2017).
Encrypted data has only meaning to the user with decryption key, without set data decryption
key, data is set to be unusable by any other third party. Decryption of data should take place once
data is entered into the organizational database to prevent it from being compromised at any
stage. The encryption of data selected should be strong and secure enough to mitigate any
possible risks of being cracked by hackers. To make its data secure, Webb’s might decide to
employ ethical recognized ethical hacker to be in constant watch of its data order to make sure
Page 2 of 9
all security features and requirements are in place. According to Forschungskolleg Service
Oriented Systems Engineering (2014), once data is encrypted, the next option is to implement
very strong authentication security features in order to determine which user has access to which
part of organizational data. Strong authentication features are set to make sure all employees of
the organization who makes access to the data are the right users. Each section of data has its
specific users who are granted privileges to work on it. With poor authentication, it means users
may end up accessing data that they are not granted permission. Lastly, Webb’s should make
sure system authorization is up to date. All system users’ should be granted with relevant
authorization features which enables all users to have right access to the system. Authorization
should be made strong enough to ensure all system users use verified and approved credentials
before accessing organizational system. System should be designed in such a way that, it updates
its authorization requirement in a given period of time (Jajodia, 2014). This helps in ensuring if
there is an attempt to sniff system authorization features, it expires shortly before a lot of damage
can be caused. Such authorization security feature can be enforced through use of biometric
features.
Benefit and issues with IaaS security measures
Once Webb’s deploys its data into cloud and recommended security measures are put in
place, the following advantages can be realized; increased throughput on its daily transaction.
Employing these security measures keeps off so many system malpractices which slows
organizational business transaction (International Conference on Security-Enriched Urban
Computing and Smart Grid et al, 2010). When all required security measures are set in place,
they allow business processes to be done in a safer and secure computing environment which
guarantees faster processing which in turn improves daily and overall throughput. Additionally,
Page 3 of 9
Oriented Systems Engineering (2014), once data is encrypted, the next option is to implement
very strong authentication security features in order to determine which user has access to which
part of organizational data. Strong authentication features are set to make sure all employees of
the organization who makes access to the data are the right users. Each section of data has its
specific users who are granted privileges to work on it. With poor authentication, it means users
may end up accessing data that they are not granted permission. Lastly, Webb’s should make
sure system authorization is up to date. All system users’ should be granted with relevant
authorization features which enables all users to have right access to the system. Authorization
should be made strong enough to ensure all system users use verified and approved credentials
before accessing organizational system. System should be designed in such a way that, it updates
its authorization requirement in a given period of time (Jajodia, 2014). This helps in ensuring if
there is an attempt to sniff system authorization features, it expires shortly before a lot of damage
can be caused. Such authorization security feature can be enforced through use of biometric
features.
Benefit and issues with IaaS security measures
Once Webb’s deploys its data into cloud and recommended security measures are put in
place, the following advantages can be realized; increased throughput on its daily transaction.
Employing these security measures keeps off so many system malpractices which slows
organizational business transaction (International Conference on Security-Enriched Urban
Computing and Smart Grid et al, 2010). When all required security measures are set in place,
they allow business processes to be done in a safer and secure computing environment which
guarantees faster processing which in turn improves daily and overall throughput. Additionally,
Page 3 of 9
with implementation of authorization and authentication features, organizational data is more
secure and safe from being accessed by unauthorized users. This keeps off unwarranted
competition which may pace off Webb’s from market. Hill (2013) argues that, data security is
very important because operational procedures are not exposed to their party which may end up
exploiting organizational procedures to launch competitive operations against Webb’s. Lastly,
security features are very beneficial to the organization as it allows organization guarantee its
client security of business transactions which in turn improves customer satisfaction. With
improved customer satisfaction, organization is able to increase its services delivery which in
turn guarantees profit generation to the organization.
Contrary, despite all benefits realized by moving organizational data into cloud hosting,
there are disadvantages which are associated with moving data into cloud. First, hosting data into
cloud presents data with so many uncertainties such as hacking. When data is hosted into the
cloud, hackers get privileges of trying to manipulate and compromise organizational system in an
attempt to downsize its development procedures (Gutwirth, 2011). Similarly, when data is hosted
into cloud, data breaches increase making it difficult to streamline operational procedures. Data
privacy in cloud computing is not guaranteed since data is hosted in public domain where
security is a major problem. Once data is hosted into the cloud, Webb’s is not aware of where
data is hosted from, which security features are provided for its data and who has access to its
data and from where. This implies problems associated with cloud hosting of data is quite
enormous and cannot be ignored. Lastly, when data is hosted into the cloud, consistency and
integrity of data is lost and cannot be guaranteed (Moumtzoglou & Kastania, 2014).
Risks associated with moving data into cloud
Page 4 of 9
secure and safe from being accessed by unauthorized users. This keeps off unwarranted
competition which may pace off Webb’s from market. Hill (2013) argues that, data security is
very important because operational procedures are not exposed to their party which may end up
exploiting organizational procedures to launch competitive operations against Webb’s. Lastly,
security features are very beneficial to the organization as it allows organization guarantee its
client security of business transactions which in turn improves customer satisfaction. With
improved customer satisfaction, organization is able to increase its services delivery which in
turn guarantees profit generation to the organization.
Contrary, despite all benefits realized by moving organizational data into cloud hosting,
there are disadvantages which are associated with moving data into cloud. First, hosting data into
cloud presents data with so many uncertainties such as hacking. When data is hosted into the
cloud, hackers get privileges of trying to manipulate and compromise organizational system in an
attempt to downsize its development procedures (Gutwirth, 2011). Similarly, when data is hosted
into cloud, data breaches increase making it difficult to streamline operational procedures. Data
privacy in cloud computing is not guaranteed since data is hosted in public domain where
security is a major problem. Once data is hosted into the cloud, Webb’s is not aware of where
data is hosted from, which security features are provided for its data and who has access to its
data and from where. This implies problems associated with cloud hosting of data is quite
enormous and cannot be ignored. Lastly, when data is hosted into the cloud, consistency and
integrity of data is lost and cannot be guaranteed (Moumtzoglou & Kastania, 2014).
Risks associated with moving data into cloud
Page 4 of 9
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Moving data into cloud makes it difficult to control security features of any data in an
organization. Organizational database is exposed to hackers with malicious intends while others
are just trying to streamline their data hacking expertise (Li & Qiu, 2014). This exposes
organizational database into dangers of being compromised without notice of the subject
organization. Hackers manipulate organizational data with aim of outcompeting the latter from
the market. On IaaS infrastructure, it is not clear what security measures are put in place in
regard to security features of organizational data. Infrastructure is designed to accommodate
various organizational structure but it does not put its specific security considerations into place.
Lastly, hacking is quite prone to any communication platform between Webb’s system and IaaS
infrastructure. According to Information Resources Management Association (2016),
communication platform are being hacked by organizations and other parties in an attempt to
acquire organizational data with aim of outcompeting subject organization.
Disadvantages of backing data from cloud
Data backup is essential for organizational system recovery when faced with an event
that compromises it operational procedures. Cloud computing data backup is not secure and is
full of uncertainties because organizational data is known where it resides. Organizational data
resides in an unknown place and its operations are not made public hence no one can determine
where data is being backed up (Williams, 2010). Consequently, cloud computing storage is not
secure and all parameters should be put in place to mitigate security issues. When data is hosted
in to the cloud, it is exposed into hackers and all sort of insecurity lapses that compromises data
integrity. No data is exposed into public that is free of interference. This makes operational
procedures of organization prone to data breaches and access by third party without knowledge
of the subject organization. Lastly, Chang, Walters & Wills (2015) stipulates that, data retrieval
Page 5 of 9
organization. Organizational database is exposed to hackers with malicious intends while others
are just trying to streamline their data hacking expertise (Li & Qiu, 2014). This exposes
organizational database into dangers of being compromised without notice of the subject
organization. Hackers manipulate organizational data with aim of outcompeting the latter from
the market. On IaaS infrastructure, it is not clear what security measures are put in place in
regard to security features of organizational data. Infrastructure is designed to accommodate
various organizational structure but it does not put its specific security considerations into place.
Lastly, hacking is quite prone to any communication platform between Webb’s system and IaaS
infrastructure. According to Information Resources Management Association (2016),
communication platform are being hacked by organizations and other parties in an attempt to
acquire organizational data with aim of outcompeting subject organization.
Disadvantages of backing data from cloud
Data backup is essential for organizational system recovery when faced with an event
that compromises it operational procedures. Cloud computing data backup is not secure and is
full of uncertainties because organizational data is known where it resides. Organizational data
resides in an unknown place and its operations are not made public hence no one can determine
where data is being backed up (Williams, 2010). Consequently, cloud computing storage is not
secure and all parameters should be put in place to mitigate security issues. When data is hosted
in to the cloud, it is exposed into hackers and all sort of insecurity lapses that compromises data
integrity. No data is exposed into public that is free of interference. This makes operational
procedures of organization prone to data breaches and access by third party without knowledge
of the subject organization. Lastly, Chang, Walters & Wills (2015) stipulates that, data retrieval
Page 5 of 9
from the third party does not guarantee security of the data since subject organization is not
aware where data is hosted from and retrieval is based on which criterion. When Webb’s hosts
its data into the cloud, it is left with just manipulation and operation of data without knowledge
of where its data is hosted from. This makes it difficult to implement security features of any
data retrieval procedures.
Effects of cloud hosting on DR plan
Hosting data into the cloud pushes Webb’s organization to abolish all its initial
operational procedures and allow effecting of new procedures related to cloud computing. Since
it is clear data storage and management is left to third party, it is not easy to work on any part of
data. DR plan should change completely to allow new implemented system take place in regard
to IaaS infrastructure. Initially, Webb’s used to work on physical data backup plan but after
cloud computing hosting, data has to be backed up online and this must implement required
changes which suites cloud computing infrastructure (Information Systems Audit and Control
Association, 2011). Similarly, data backup and recovery procedure plan must change in order to
accommodate new changes as desired by current cloud hosting technology. Lastly, the mode of
operation will initiate changes in modes of access. Since data was being accessed offline from
organizational storage infrastructure and now it is being accessed online, there must be change in
mode of operations and policies required to access organizational system.
Webb’s protection to services access
Webb’s migration into cloud services require new security features which should
guarantee safe and secure access to data. All security features must be put in place to provide
security to both organizational data and entire IaaS infrastructure. To protect IaaS infrastructure,
Page 6 of 9
aware where data is hosted from and retrieval is based on which criterion. When Webb’s hosts
its data into the cloud, it is left with just manipulation and operation of data without knowledge
of where its data is hosted from. This makes it difficult to implement security features of any
data retrieval procedures.
Effects of cloud hosting on DR plan
Hosting data into the cloud pushes Webb’s organization to abolish all its initial
operational procedures and allow effecting of new procedures related to cloud computing. Since
it is clear data storage and management is left to third party, it is not easy to work on any part of
data. DR plan should change completely to allow new implemented system take place in regard
to IaaS infrastructure. Initially, Webb’s used to work on physical data backup plan but after
cloud computing hosting, data has to be backed up online and this must implement required
changes which suites cloud computing infrastructure (Information Systems Audit and Control
Association, 2011). Similarly, data backup and recovery procedure plan must change in order to
accommodate new changes as desired by current cloud hosting technology. Lastly, the mode of
operation will initiate changes in modes of access. Since data was being accessed offline from
organizational storage infrastructure and now it is being accessed online, there must be change in
mode of operations and policies required to access organizational system.
Webb’s protection to services access
Webb’s migration into cloud services require new security features which should
guarantee safe and secure access to data. All security features must be put in place to provide
security to both organizational data and entire IaaS infrastructure. To protect IaaS infrastructure,
Page 6 of 9
Webb’s should make sure all its access points are secure and safe from being compromised by
any third party, either internally or externally (Udoh, 2011). For security purposes, all employees
must be encouraged to protect their point of access in order make sure system is currently secure
and cannot pose threats to IaaS infrastructure. In terms of MS SQL server 2012 R2 security
features, Webb’s cloud computing services should ensure data is safe, secure and free of
interruption by any other third party. It should be possible to secure data from SQL injection
which are being used to compromise system integrity. Security of SQL server 2012 should be
implemented to make sure data is free from compromise and all features are put in place
(International Conference on Cloud Security Management & Endicott-Popovsky, 2014). Both
SQL server authentication and authorization should be made strong through use of SQL server in
order to make sure organizational data is secure and safe.
Consequently, cloud computing infrastructure network should be free from being
compromised by any party regardless of any technical measures put in place (Ferrus & Sallent,
2015). When network of any organization is compromised, the entire system is put into risk of
being sabotaged by the hackers. Network infrastructure should be strong enough to guarantee
system security and its features should not allow other parties to compromise entire system.
Network intrusion should be taken with a lot of trust in order to make sure there is security of
any data captured through use of IaaS data infrastructure. Lastly, cloud backup and restore
infrastructure should be implemented to make sure data is secure from interruption. With change
in infrastructure from its initial operational procedures, Webb’s should make sure security of its
data implemented and managed appropriately (Webb, 2007). Infrastructure implemented should
be made secure and safe in order make sure data is consistency with technological updates.
Conclusion
Page 7 of 9
any third party, either internally or externally (Udoh, 2011). For security purposes, all employees
must be encouraged to protect their point of access in order make sure system is currently secure
and cannot pose threats to IaaS infrastructure. In terms of MS SQL server 2012 R2 security
features, Webb’s cloud computing services should ensure data is safe, secure and free of
interruption by any other third party. It should be possible to secure data from SQL injection
which are being used to compromise system integrity. Security of SQL server 2012 should be
implemented to make sure data is free from compromise and all features are put in place
(International Conference on Cloud Security Management & Endicott-Popovsky, 2014). Both
SQL server authentication and authorization should be made strong through use of SQL server in
order to make sure organizational data is secure and safe.
Consequently, cloud computing infrastructure network should be free from being
compromised by any party regardless of any technical measures put in place (Ferrus & Sallent,
2015). When network of any organization is compromised, the entire system is put into risk of
being sabotaged by the hackers. Network infrastructure should be strong enough to guarantee
system security and its features should not allow other parties to compromise entire system.
Network intrusion should be taken with a lot of trust in order to make sure there is security of
any data captured through use of IaaS data infrastructure. Lastly, cloud backup and restore
infrastructure should be implemented to make sure data is secure from interruption. With change
in infrastructure from its initial operational procedures, Webb’s should make sure security of its
data implemented and managed appropriately (Webb, 2007). Infrastructure implemented should
be made secure and safe in order make sure data is consistency with technological updates.
Conclusion
Page 7 of 9
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Data is quite sensitive and should be protected in order to make sure operational
procedures of the organization is not exposed to third party. In regard to IaaS security features,
all security measures in regard to available technological measures should be implemented.
Benefits realized from cloud computing are quite enormous and a lot of its features should
guarantee security of organizational data. Despite all benefits, there are number of disadvantages
which are associated with cloud computing. Similarly, Webb’s processes should enable
organization change its organization procedures in order to enable its DR plan. Lastly, cloud
computing services should guarantee efficient service delivery which are secure and safe.
References
Chang, V., Walters, R. J., & Wills, G. (2015). Delivery and adoption of cloud computing
services in contemporary organizations.
Ferrus, R., & Sallent, O. (2015). Mobile broadband communications for public safety: The road
ahead through LTE technology.
Forschungskolleg Service Oriented Systems Engineering. (2014). Proceedings of the ... Ph. D.
retreat of the HPI Research School on Service-Oriented Systems Engineering: 7.
Potsdam: Univ.-Verl.
Gutwirth, S. (2011). Computers, privacy and data protection: An element of choice. (Computers,
Privacy and Data Protection: an Element of Choice. Dordrecht, The Netherlands:
Springer.
Hill, R. (2013). Guide to cloud computing: Principles and practice. London: Springer.
Hwang, K. (2017). Cloud computing for machine learning and cognitive applications.
Page 8 of 9
procedures of the organization is not exposed to third party. In regard to IaaS security features,
all security measures in regard to available technological measures should be implemented.
Benefits realized from cloud computing are quite enormous and a lot of its features should
guarantee security of organizational data. Despite all benefits, there are number of disadvantages
which are associated with cloud computing. Similarly, Webb’s processes should enable
organization change its organization procedures in order to enable its DR plan. Lastly, cloud
computing services should guarantee efficient service delivery which are secure and safe.
References
Chang, V., Walters, R. J., & Wills, G. (2015). Delivery and adoption of cloud computing
services in contemporary organizations.
Ferrus, R., & Sallent, O. (2015). Mobile broadband communications for public safety: The road
ahead through LTE technology.
Forschungskolleg Service Oriented Systems Engineering. (2014). Proceedings of the ... Ph. D.
retreat of the HPI Research School on Service-Oriented Systems Engineering: 7.
Potsdam: Univ.-Verl.
Gutwirth, S. (2011). Computers, privacy and data protection: An element of choice. (Computers,
Privacy and Data Protection: an Element of Choice. Dordrecht, The Netherlands:
Springer.
Hill, R. (2013). Guide to cloud computing: Principles and practice. London: Springer.
Hwang, K. (2017). Cloud computing for machine learning and cognitive applications.
Page 8 of 9
Information Resources Management Association. (2016). Web-based services: Concepts,
methodologies, tools, and applications.
Information Systems Audit and Control Association. (2011). IT control objectives for cloud
computing: Controls and assurance in the cloud. Rolling Meadows, IL: ISACA.
International Conference on Cloud Security Management, & In Endicott-Popovsky, B. (2014).
Proceedings of the International Conference on Cloud Security Management ICCSM-
2014.
International Conference on Security-Enriched Urban Computing and Smart Grid, Kim, T.,
Stoica, A., & Chang, R.-S. (2010). Security-enriched urban computing and smart grid:
First International Conference, SUComS 2010, Daejeon, Korea, September 15-17,
2010, proceedings. Berlin: Springer.
Jajodia, S. (2014). Secure cloud computing.
Li, X., & Qiu, J. (2014). Cloud computing for data-intensive applications.
Moumtzoglou, A., & Kastania, A. (2014). Cloud computing applications for quality health care
delivery.
Udoh, E. (2011). Cloud, grid and high performance computing: Emerging applications.
Hershey, PA: Information Science Reference.
Webb, W. (2007). Wireless communications: The future. Chichester, England: John Wiley.
Williams, M. I. (2010). A quick start guide to cloud computing: Moving your business into the
cloud. London: Kogan Page.
Page 9 of 9
methodologies, tools, and applications.
Information Systems Audit and Control Association. (2011). IT control objectives for cloud
computing: Controls and assurance in the cloud. Rolling Meadows, IL: ISACA.
International Conference on Cloud Security Management, & In Endicott-Popovsky, B. (2014).
Proceedings of the International Conference on Cloud Security Management ICCSM-
2014.
International Conference on Security-Enriched Urban Computing and Smart Grid, Kim, T.,
Stoica, A., & Chang, R.-S. (2010). Security-enriched urban computing and smart grid:
First International Conference, SUComS 2010, Daejeon, Korea, September 15-17,
2010, proceedings. Berlin: Springer.
Jajodia, S. (2014). Secure cloud computing.
Li, X., & Qiu, J. (2014). Cloud computing for data-intensive applications.
Moumtzoglou, A., & Kastania, A. (2014). Cloud computing applications for quality health care
delivery.
Udoh, E. (2011). Cloud, grid and high performance computing: Emerging applications.
Hershey, PA: Information Science Reference.
Webb, W. (2007). Wireless communications: The future. Chichester, England: John Wiley.
Williams, M. I. (2010). A quick start guide to cloud computing: Moving your business into the
cloud. London: Kogan Page.
Page 9 of 9
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.