Security, also known as Cloud Computing Security, refers to a wide set of
policies, technologies, and controls deployed to protect data, applications,
and associated infrastructure of cloud computing. Cloud computing provides
users with the ability to store and process data in third-party data centres. Cloud
computing can be divided into three parts that are differentiated by levels of
control and access of mechanics of the system and applications. To add on, there
4 different types of architectural deployment methods for organizations
implementing cloud services, which are, Community Cloud, Public Cloud, Hybrid
Cloud and Private Cloud. All the clouds services have the similar fundamentals
cloud provider and user have to follow a few security concerns, in order to
provide the most effective security for the cloud environment. Some of the
controls that Cloud Security deployed are, deterrent, preventive, detective and
corrective controls. These controls are implemented to safeguard any
vulnerabilities in the system and reduce the impact of an attack. Deterrent
controls usually reduce the threat level by informing potential attackers that
there will be consequences if they still decide to proceed with the attack.
Preventive controls, on the other hand, strengthen the system against attacks,
generally by reducing vulnerabilities. Detective controls helps to detect and
react appropriately when an attack occur. On the flip side of the coin,
corrective control occurs during or after an attack, normally reducing the
consequence of an attack or limiting the damage.
from controls, Cloud Security includes security and privacy policies. All
organisation have their own identity management system to control access to
information and computing resources. Cloud providers either combine user’s
identity management system into their own infrastructure or provide an identity
management system of their own. This is one of the security and privacy
policies. To add on, there is physical security where cloud providers have to
physically secure their IT hardware against unauthorised access. Personnel
security means employers have to screen potential recruits thoroughly before
hiring them. Privacy is also one of the policies, where all critical data needs
to be encrypted and only accessible to authorised personnels.
part of cloud security falls in data security. There are 3 sub-headings for
data security, which are confidentiality, access controllability, and
integrity. Confidentiality refers to data stored shall not be made available or
disclosed to illegal users. Access controllability means that authorised owner
are able to access to data but not anyone else. Lastly, integrity means that
the data stored in cloud should not be illegally tampered, improperly modified,
deliberately deleted or maliciously fabricated. As user trusted cloud providers
to store the data, the cloud providers should have the integrity.
and regulations have been around to ensure cloud security. Cloud services
should be aware of the legal and regulatory differences between the
jurisdictions. Many of the regulations requires regular reporting. It is the
job of the user to ensure that their cloud providers fulfil the requirements
since to a certain extent, they are responsible of it. This includes, business
continuality and data recovery, log and audit trail, and lastly, unique
compliance requirements. The purpose is to ensure the service can be maintained
in case of an emergency, logs and audit are properly secured, the data centres
used by cloud providers may need to comply to certain requirements.
on the nature of the topic, you shall state either the potential benefits of
using the technology/concept or the negative implications from the
security to other on-premise security, cloud security cost less due to the
renting servicers from a cloud provider’s data centre, instead of building,
equipping, and managing their own data centre. It is also cheaper to have cloud
security as, payment is made on security that is based on the actual usage.
Whereas, with in-house data centre, the company pays for its security resources
not caring if they were being used or not.
To add on,
security apps and systems can be easily scaled up or down in a cloud provider’s
data centre. As one of the core competency, cloud providers are more vigilant
when deploying new security tools and systems. They employ experienced security
experts who have already done researches and analysis so that users do not have
to waste time.
Cloud security is
said to be more secure because cloud service providers have superior security
measures and their employees are security experts. On-premise data is more
vulnerable to security breaches, depending on the type of attack. Such attacks
like social engineering or malware, would be harmful for any data storage, but
on-site data would take the most damage as its “guardians” are less experience
in detecting such a threat.
think the company could make use of it? What are the potential challenges?
company could make use of it to store data from their clients in cloud, and to
ensure that it is secure, the company could ensure that cloud security is
applied. The company not only save cost from not having to manage the
maintenance and infrastructure, the company also save time. With more time in
hand, the company is able to boost its productivity by doing other important
there are potential challenges such as data leakage. The cloud is a place where
resources are shared, which means that outsiders might be able to get their
hands on user’s data. Hence, sharing a storage hardware and putting it in the
hands of cloud providers seems risky. To prepare for such a situation, the
company have to assume that the cloud provider could be compromised, and only
send encrypted files to the cloud. The company shall not depend on the cloud
provider to encrypt the files for user.
on, credentials are important as, access to storage is given based on
credentials. Thus, if the company and others share the same credentials, there
is a high chance that others are able to access the company’s data. Even if
others could not decipher the encrypted files, they are still able to delete
the files. To avoid such an unfortunate accident, the company can use a unique credentials.
But this means, files are not available to see other company and their data. No
one is able to log into the account and delete any files.
files are vulnerable in the cloud, and there are also vulnerabilities during
data transmission. When dealing with online security, it is best to assume the
worst and always stay on guard. This would prevent someone seeing cloud
metadata. Data and metadata should be completely opaque on the wire and cloud.
Nothing should be decipherable once it leaves the company’s hand.
nutshell, there are definitely challenges faced when using cloud. In order to
face this challenges, cloud security is an essential. The company would be
receiving a lot of benefits using cloud security and with the advancement of technology,
it is only right to advance together with it. Hence, using cloud security is
beneficial for the company.