4 Responses Oct 22
Dushyanth Work:
Week 9 Discussion Database Administrators and Cloud Investment
Database administrators have the roles of utilizing specialized software in data storage and organization. They also plan, install, and configure database designs (Rajani, 2020). Moreover, they can troubleshoot and monitor the performance of their organization in relation to data security. “The trend of cloud computing shows no signs of abating, with service providers such as Amazon facilitating users to develop applications on the cloud, along with remote access and real-time monitoring” (Rajani, 2020). It necessitates them to adopt cloud computing applications and source a cloud service provider.
However, the DBAs have to realize that adoption of cloud applications introduces data security issues. Rajani (2020) notes that “ While it’s imperative for organizations to ensure digital safety, the lines of accountability and responsibility for cloud security are becoming blur between cloud providing vendors and enterprises themselves”. The roles of DBAs is to support the enterprises in the management of cloud platforms. The management ensures the DBAs lower the probability of an attack in the organizations (Rajani, 2020). Previous studies claim that data breaches have been on the rise in the recent past.
The DBAs have to be incorporated in all cloud-based projects. The reason being, each project “requires companies to identify and understand the risks inherent to digitization, public networks and outsourcing of infrastructure components and yet strive in constant fear and insecurity of how secure their cloud deployments are” (Rajani, 2020). The demerits associated with the project should not exceed the merits due to defective shared responsibility models. The DBAs have to implement proactive risk management strategies. they can ensure that 50 % of organization’s cybersecurity budgets goes to alleviation of risks associated with the cloud.
Bernhard (2020) article shows that “Public cloud providers, like Amazon Web Services (AWS) and Microsoft Azure, have no choice but to take their security and compliance responsibilities very seriously.” Thus, the DBAs have to consider the security strategies offered by a cloud provider. The author noted that several firms have adopted cloud-based applications. He argues that, “Perhaps the strongest endorsement for the security capabilities of today’s leading cloud providers is the CIA’s strategic decision to go all-in on the cloud, using a private AWS cloud deployment” (Bernhard (2020). Stakeholders in the healthcare and financial sector believe that CIA’s investment into the cloud implied that the strategy is reliable.
All firms should consider the successes of Amazon in its cloud platform. “AWS did this by developing a shared responsibility model, structured in such a way that puts the onus on customers to close the data security loop in their own environments” (Bernhard (2020). The company assisted its customers protect their data, other than relying on the AWS security features only. The authors noted that” customizable cloud capabilities like application management, network configuration, and encryption are the responsibility of the end-user” (Bernhard (2020). Therefore, the DBAs have to ensure their organization has the best model. They can recommend installation of private or public cloud deployment model (Alashoor, 2014). Moreover, we have the community and hybrid cloud models that suits different organizations.
References
Alashoor, T. (2014) Cloud computing: a review of security issues and solutions. International Journal of Cloud Computing, 3(3):228- 244, DOI: 10.1504/IJCC.2014.064760
Bernhard, T. (2019, September 26). Understanding the Shared Responsibility Model for Cloud Security. Cloud Checkr
Rajani, V. (2020, January 23). The Role of Shared Responsibility Model in Ensuring Data Security in Cloud Computing. Entrepreneur
Naren Work:
Shared Security Responsibility Model
The shared responsibility model for cloud security dictates the security obligations of a cloud computing provider and its users to ensure accountability. When an organization manages its own IT infrastructure within its own data center, it is responsible for the security of the infrastructure. It is often the responsibility of a database administrator (DBA) to move to a cloud deployment. Cloud service providers are required to adhere to a shared security responsibility model, implying that the security team maintains some responsibilities for security as one moves their applications and data to the cloud. This means that as one moves to the cloud, at least half of the responsibilities are given to the cloud service provider (Nunnikhoven, 2019). Before moving to the cloud, a DBA must be aware of the shared responsibility for cloud service models infrastructure as a service (IaaS), Software as a service (SaaS), and Platform as a service (PaaS).
Before moving to the cloud, a DBA needs to understand the IaaS model. In this model, the physical infrastructure, network interfaces, and hypervisors are managed by the cloud provider, and the clients are responsible for securing and managing virtual networks and machines as well as the operating systems (Francis, 2019). In this deployment model, the users are responsible for maintaining control over most of their workloads. Still, they rely on their cloud providers to manage physical, network, infrastructure, and virtualization security. Furthermore, the cloud service provider is responsible for maintaining some basic level of network security, which may include detecting security breaches and preventing such breaches. Cloud service providers are also responsible for handling backups for data and applications of the clients. A DBA should therefore be aware of such responsibilities and distinguish between to ensure that they are on who is responsible for what operation task before moving their data and applications to the cloud.
Platform as a service (PaaS) is another cloud service model that a DBA must understand before moving to the cloud. According to Grier (2020), the PaaS model is the middle ground when it comes to the cloud shared responsibility model, in which more responsibility is placed on the cloud provider. In the PaaS model, the storage and network security concerns are the responsibility of the cloud provider. This provides a user with some level of comfort being aware that the cloud vendor handles network breaches. In this model, if the clients can ensure that their endpoint users are safe from introducing malicious components to the cloud, the cloud provider is able to keep their data secured. Moreover, the clients are responsible for securing and managing applications, the users, as well as the devices. In this context, IT security teams are still responsible for deploying and managing their applications and data, but the cloud provider secures the operations of the underlying infrastructure and overall operating systems.
In the Software as a Service (SaaS), the cloud provider is mainly responsible for the infrastructure and software applications as the client has less control over these components. The responsibility of the client is reduced to the security of the network interfaces and data. The cloud providers in this model are responsible for the security of their Platform and infrastructure as well as applications. Moreover, the cloud providers do not assume responsibility for how clients use the applications, as the clients are responsible for preventing the risk of data exposure. Before moving the cloud, a DBA must be aware that the shared responsibility model that they subscribe to dictates that cloud providers are responsible for the security of the cloud infrastructure. Simultaneously, they are responsible for protecting their own data, networks, and application systems (Alves, 2018). The DBAs should, therefore, not only be aware of the shared responsibility model but also clearly understand how it works.
References
Alves, A. (2018). Understanding Shared Responsibility For a SaaS Environment | Threat Stack. Threat Stack. https://www.threatstack.com/blog/understanding-shared-responsibility-for-a-saas-environment.
Francis, P. (2019). Security Think Tank: Cloud security is a shared responsibility. ComputerWeekly.com. https://www.google.com/amp/s/www.computerweekly.com/opinion/Security-Think-Tank-Cloud-security-is-a-shared-responsibility%3famp=1.
Grier, S. (2020). The cloud shared responsibility model for IaaS, PaaS and SaaS. SearchCloudComputing. https://www.google.com/amp/s/searchcloudcomputing.techtarget.com/feature/The-cloud-shared-responsibility-model-for-IaaS-PaaS-and-SaaS%3famp=1.
Nunnikhoven, M. (2019). The Shared Responsibility Model. Trend Micro. https://www.trendmicro.com/en_us/research/19/j/the-shared-responsibility-model.html.