Capstone IT Cloud-Based Security Plan
Professional Reflection Essay Submission
Jamie Vaughan
8 May 2018
Southern New Hampshire University
Running head: Capstone Component 3 – Professional Reflection Essay Submission
Problem Statement
Security is one of the largest problems for Cloud-based applications or servers. Currently there is a huge security risk for Cloud computing, companies are worried about data breaching, data loss, hijacking, and unauthorized logins. Security risks, companies are having trouble getting financial assistant with the setting up a cloud account. Using the cloud for storage and computing means that you will have no physical storage means or the need to have severs, everything will be web based or interfaced. Most companies that are moving to cloud-base is usually because of the cost for this transformation, being able to be flexible, re-allocation and the effectiveness is another reason that a company would change to a Cloud-base. Company “Data” is a key for the success of any company, the main concern is to ensure that their data is protected. These risks need to be limited, to ensure the all data is safe and secure from outside sources being able to intrude.
Significance of Problem
Significance of the problem is there are to many cloud-based products out there, that is lacking high security features. Sure, they have security features, but there is still Hijacking, Data Breaching, Data Loss and Unauthorized Logins. The problem is the firewalls are not protecting the data that is coming into or leaving the network. Companies are still using servers because of the security features, also people do not want to change to something they are unfamiliar with. There needs to be a team setup that their whole purpose is to create security risks, have them breached to fix the problem. This will allow for a stronger security system. It is like a bank, they often hire people to break into their banks, so that they can find the security risks and fix them.
Implementation and Testing Plausibility
There are many challenges to need to be implemented, to be able to deploy, there needs be the needs of planning and be able to find the funds to be able to set this operation in progress.
· Planning
The planning starts with the Data security, finding out what security concerns are and what is creating the concern is the first part of the planning process. The tools that are needed to accomplish this is the hardware, look at the latency and performance concerns, and use a specific OS that will keep security risks low. Need to ensure that all planning will be compatible with other sources.
· Resources
Need to look for personnel that have or know about data security, with personnel that know about security we can focus at the job at hand. Ensuring that personnel are in the right spot for training is very important to be able to deploy specific systems. Using CISSP and CISSA will help with the regards of data security. This is why being able to manage the available resource and personnel is needed to be successful.
Proposal Description
There are several areas that the company will need to look at for security, plugging a USB or other devices into a network will allow for security vulnerabilities. The blocking of any ports will be necessary to be able to keep security working and to be able to maintain the health of the company, this will help with and breach that may occur. Applications that will be used will be very specific to what will protect the company’s assets.
The planning begins with the stakeholders, impact of the proposed solution, the research market and the significance of the problem. Once all this information is gathered, the startup of the cloud but the technology and methodologies need to be in place before this can happen. The next phase will consist of (PaaS) and the OS will be Linux for security reasons, for networking we will use (IaaS) meets all the hardware, storage software and security requirements.
Methodologies will be key choosing how the process will be met, they work together with the shared data, the virtualization, tools needed for collaboration and other tools used to make a prosed solution. The virtual desktop need to use Linux as a kernel, this will provide an environment that is simulated to run the OS for real time events.
Innovation and Emerging Technologies
Internet 2
TIER is (Trust and Identity in Education and Research) that provides campus practice tools and open-source tools. The team will be setup to run programming, build trust, and build a stronger security. This environment that is being built will all users to speed-up the process, allow for innovation to be created, and ensure there is enough bandwidth to cover the requirements to build the architecture.
Cloud Computing
Currently there are several Cloud computing going on, the problem is still the security, allowing unauthorized personnel and there are attacks happening from breaching. Cloud computing needs to provide security and gaining trust of users. Attributed Access Control model (ABAC) allows all three models (PasS, IaaS, and SaaS) to make subtle changes to the network. Using ABAC will be less complex to see and make it more ecological.
Solution Application
ABAC will allows limited access to other resources for all know policies. The control principals will be done by individuals or associations that are involved with the exposure. VLANs will be setup to be flexible and enabling scalable, that will be the direct connect between Internet 2 and the endpoints. The service meets the wide-ranging needs of the research and education community—both now and into the future.” (Layer 2 services, 2017)
· User Network and Infrastructure
There will be a wired network that will use switches, routers, cables and the speeds will be 10mbps-100mbps), the bandwidth will be upgradeable. All the computers that will be used will need to use a Network Interface Card (NIC), this will secure the network. There will be four standard types of transmission (802.11a, 802.11g, 802.11, and 802.11a) these will be used with wireless. There will be Virtual Private Network (VPN) for every user that be using wireless interface, this will protect the network.
References:
Layer 2 services. (2017, January 10). Retrieved January 10, 2017, from http://www.internet2.edu/products-services/advanced-networking/layer-2-services/
http://ibmsystemsmag.com/mainframe/trends/cloud-computing/cloud_checklist/