Cloud computing continues to proliferate most of the worlds largest companies, governments, and organization. Its benefits create a compelling value proposition for nearly all stakeholder groups in the form of higher efficiencies, better access to data, and better reliability. Unfortunately these benefits result in a corresponding increase in security vulnerabilities. This document will address these vulnerabilities and how they impact organizations utilizing cloud computing. Emphasis will be place on the more common vulnerabilities and possible solutions to rectify them.
Cloud Computing is increasing becoming a very contentious issue for businesses, governments, and communities around the world. A study initiated by Gartner found that cloud computing is considered one of the top 10 most influential technologies in the world (Gartner 2011). The prospects for the cloud are endless as adaptations can create enhancements in all industries. Industries typically use cloud computing to enhance efficiencies, reduce costs, reduce overall head, and increase returns on investment. The ability of cloud computing to provide ubiquitous and on-demand network access is also compelling for industries that require continually access throughout the day. Banks, insurance companies, and national defense organization must be all be operational throughout the entire day. Due to the ability of cloud computing to provide secure and convenient data storage over the internet, these organization can run their core processes 24 hours a day.
Cloud computing is unique in that it combines a number of varying concepts and technologies together in one package. Aspects such as Service Oriented Architecture, the Internet, and storage facilities are all used simultaneously to provide a compelling product. However, due to the sheer volume of applications and moving parts, cloud computing does present interesting security challenges. This is due primarily to the relative uncertainty regarding the adoption of new technology combined with the varying degrees of applications and materials needed for adoption. Making security more difficult is this uncertainty occurring at all levels of the cloud computing process including the (network, host, application, and data levels). As a result, many IT executives acknowledge that security is their primary concern regarding the cloud and information content (Mather, 2009).
In particular cloud-computing security risk occurs in three main areas. The areas include external data storage, the use of "public" Internet and inherent lack of control of doing so, and the overall integration process. As result of these security risks traditional methods such as identity, authentication and authorization are no longer viable. Therefore new and unique solutions are required to address the changing landscape of cloud application and their overall structure.
Literature Review/Discussion and Analysis
What security vulnerabilities and threats are the most important in Cloud Computing and how can organizations properly handle them? To begin, the traditional cloud-computing model has three separate types of services, which are described below. These definitions are taken directly from the Journal of Internet Services and Applications Journal.
1) Software as a Service- the capability provided to the consumer is to use the provider's applications running on a cloud infrastructure. In general the applications are accessible from various client devices through a thin client interface such as a web browser (Hashizume, pg 3).
2) Platform as a Service -- The capability provided to the consumer is to deploy onto the cloud infrastructure his own applications without installing any platform or tools on their local machines. PaaS refers to providing platform layer resources, including operating system support and software development frameworks that can be used to build higher-level services (Hashizume, pg 3).
3) Infrastructure as a Service.- The capability provided to the consumer is to provision processing, storage, networks, and other fundamental computing resources where the consumer is able to deploy and run arbitrary software, which can include operating systems and applications (Hashizume, pg3)
In addition to the models presented above, a very popular form of cloud computing is the hybrid cloud. Hybrid clouds are a combination of public and private cloud offerings which provides companies with much wider degree of freedom and security. It also allows for the exchange of information across disparate cloud offerings. This allows customers to use third party application in the manner in which they see fit.
In regards to security and vulnerability each has its respective strengths and weaknesses. For example with SaaS the overall security burden in on the cloud provider. This creates obvious problems for a business, as they are almost entirely dependent on the provider to provide secure access to private information. This vulnerability is the direct result of the overall intergration needed with the SaaS model. In contrast however, the PaaS and IaaS models are much more secure as the consumer...
IBM is well-known for its diversified product offerings and unparalleled scale with regards to SaaS offerings. IBM is highly regarded as one of the top ten cloud offerings in the market. The HR department of a small business has the ability to use and implement the extensive scale and expertise of IBM's SaaS offerings. First, IBM has unparalleled reach and expertise. By working with many small and large businesses, IBM
In some areas it actually appears as though certain reliability issues and their solutions might be simplified in the cloud when compared to traditional software and hardware set-ups; successful antivirus protection has been achieved simply by running preventative, diagnostic, and corrective programs on host computers and servers in the cloud, rather than necessitating the same type of vigilance for each and every end-user unit (Shah 2010). Solutions to more
Cloud Computing Governance There are many issues and implications that must be taken seriously when it comes to cloud computing. While the possibilities and capabilities that are newly or more significantly realized by cloud computing are fascinating and voluminous, so too are the security risks and ethical quandaries that can and do come up when it comes to the subject. With that in mind, this report shall cover two main topics
Cloud Computing Changes Systems Analysis and Design Instiution/University affiliation Both information systems and information technology infrastructure have been incorporated into business procedures for at least two decades. In the initial development of information technology, organizations which greatly invested in information technology infrastructure achieved strong growth in market shares and returns. Given that IT is now the core of businesses, nearly all organizations own their own IT infrastructures to manage their daily
Essay Prompt: 1. Using module theory and specific examples from the case provided identify and critically analyze the strategic issues confronting the 'IT'S LEARNING' as it expands beyond its home country (1000 words) 2. Using appropriate module frameworks and specific examples from the case critically analyze the advantages and disadvantages of the Norway as the home base for a global developer of Digital Learning Platforms. (1000 words) 3. Using module theory and examples
Cloud Computing at EasyJet 25/08/2015 Brief Company background Discussion of business problem High level solution Benefits of solving the problem Business/technical approach Business process changes Technology or business practices used to augment the solution Conclusions and overall recommendations High-level implementation plan EasyJet, a Luton-based low cost airline in the UK has managed to create differentiation from other low cost airlines through the introduction of a new system of seat booking. The move brought in a new era in the otherwise
Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.
Get Started Now