Cloud Risks & Risks Management

matador
CloudComputingRiskFactors.pdf
Home>Computer Science homework help>Cloud Risks & Risks Management

2/2/22, 5:21 PM Cloud Computing Risk Factors

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/cloud-computing-risk-factors.html?ou=622270 1/3

Learning Topic

Cloud Computing Risk Factors Risk factors are internal or external threats to the security posture of an organization that

can pose a risk to the organization if not monitored or handled properly.

Risk Factor Description

1. Vul nerabi

lities

Vulnerabilities can be exploited by attackers and result in lack of data integrity and/or loss, theft, destruction.

Minimize risk by: Patching to mitigate vulnerabilities, vulnerability and

virus scanning, monitoring aging infrastructure.

2. Thr eats

Properly identifying the threat landscape is critical to determining risk. This accounts for cyber threats, insider threats, brand reputation threats,

domain-based threats, and third-party threats.

Minimize risk: For insider threats, invoke separation of duties so that one

employee does not have privileges over too many business processes;

keep employees happy with good benefits, decent pay, reasonable working

hours, and training for the position and organizational security.

Brand threats: If an incident were to occur, customers could be vulnerable,

business could be lost, profits could decrease. Therefore, there should be a

plan in place for incidents or disasters.

2/2/22, 5:21 PM Cloud Computing Risk Factors

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/cloud-computing-risk-factors.html?ou=622270 2/3

Risk

Factor Description

3. Poli cy and

Plans

Proper policies must be in place to account for these threats and hold personnel accountable for taking the necessary steps and precautions.

Disaster recovery plans should be in place for a disaster, as well as other

plans for incidents such as an incident response plan.

Minimize risk by: Getting managerial and executive buy-in, routinely

testing plans, and updating policies.

4. Endpo

ints

Endpoints that store the data pose a great risk to the company if the device is stolen or lost.

Minimize risk by: Encrypting hard drives and having software to remotely

wipe devices, tracking the devices, managing and accounting for hardware,

and properly destroying hardware at end of life.

5. Data

Having too much data and not analyzing it properly for risk can be a danger to the business. Also, if anything happens to the data, specifically

personally identifiable information or protected health information, there

can be legal, state, local, or federal ramifications.

Minimize risk by: Following proper protocols for the data stored on the

network, managing endpoints and inventory appropriately, minimizing

vulnerabilities.

6. Regul

atory

Not being in compliance with regulations pertinent to the industry that you operate in.

Minimize risk by: Having a regulatory compliance program defined, with

appropriate policies, procedures, and well-defined roles and

responsibilities for staff.

2/2/22, 5:21 PM Cloud Computing Risk Factors

https://leocontent.umgc.edu/content/scor/uncurated/cca/2218-cca610/learning-topic-list/cloud-computing-risk-factors.html?ou=622270 3/3

An organization can perform a cloud computing risk assessment to determine the cloud

computing risks. Once these risks have been identified, an organization must determine

how to handle the risks (risk avoidance, acceptance, mitigation, control, monitoring, and

transfer).

© 2022 University of Maryland Global Campus

All links to external sites were verified at the time of publication. UMGC is not responsible for the validity or integrity

of information located at external sites.