Please Prepare a PPT with minimum of 10-12 slides on the project tropic “Shared technology vulnerabilities in the cloud”. Below is the abstract of the topic with brief description.
Note: Add speaker notes at the bottom of each slide to deliver the presentation.
Abstract
Shared technology vulnerabilities in the cloud
I chose Shared technology vulnerabilities in the cloud as my final project. This topic is important because today, whether a business is small or large, there is a need for using cloud computing for storing data since it is not expensive compared to where one separately buys hardware and software. Cloud computing offers storage and security of data over the internet, thus making the users to easily manage their data. Business can expand as new cloud-based models are employed to solve different problems. However, just like cloud computing is vast; there are a lot of security threats and vulnerabilities in the system. This calls for any company that is willing to implement cloud computing to consider both the advantages as well as the vulnerabilities which might contribute to the company losing data.
The cloud computing environment just like the traditional data environment experiences the same threats (Kazim, & Zhu, 2015). This is because both environments are running software ad it is known that software is prone to vulnerabilities and adversaries will always be trying to exploit those vulnerabilities. However, unlike traditional data systems, cloud computing there is the sharing of responsibilities for mitigating the risks. This, therefore, means that the vulnerabilities of the software are shared between the provider and the customer. Some of the vulnerabilities as a result of the implementation of cloud service include;
When one is transitioning the operation to the cloud, there is the possibility of losing some visibility as well as control over those particular operations and assets. However, when a company is using an external cloud service, some of the responsibilities move to the provider. This, therefore, calls for organizations to effectively monitor and analyze information concerning applications, data, users among others without the use of network-based monitoring and logging
Secondly, the providers make it easy providing on-demand self-service provision features. This enables the employee of the organization to provide supplementary services from the provider with no consent of the IT through the process referred to as shadow IT (Islam, et al., 2016). Since it is straightforward and cheap to employ PaaS and SaaS products, this boosts the chances of illegal use of cloud services. Services used without the knowledge of the IT also present risks to the organization. Using unauthorized cloud services is known for increasing malware infections. Also, multi-tenancy in cloud computing increases the attack surface which increases the chances of leakage of data in case there is the failing of separation controls. The attacks can be accomplished by exploiting vulnerabilities in the application of the provider, the hypervisor or hardware. It is, however, important to remember that in cloud computing, the provider accepts responsibilities for some security aspects while others are shared between the provider and the client.
References
Islam, T., Manivannan, D., & Zeadally, S. (2016). A classification and characterization of security threats in cloud computing. Int. J. Next-Gener. Comput, 7(1).
Kazim, M., & Zhu, S. Y. (2015). A survey on top security threats in cloud computing.