IT Risk Management

profiledananjayad2@
ITC596-A3Sample1.pdf

ITC596-IT RISK MANAGEMENT ASSESSMENT-3

Submitted By:

Student Name:

Student ID:

2

Table of Contents

EXECUTIVE SUMMARY ............................................................................................................ 3

THREATS, VULNERABILITIES AND CONSEQUENCES ....................................................... 6

THREATS ................................................................................................................................... 8

SECURITY CONTROL MECHANISM .................................................................................. 11

PROTCTION MECHANISM ....................................................................................................... 13

REFERENCES ............................................................................................................................. 15

3

CLOUD SECURITY

EXECUTIVE SUMMARY

Cloud computing technology is one of the emerging technologies which are used in most

of the organization because it has lots of advantages and it gives complete security system of the

particular network. There are many techniques, methods and functions are applying in this cloud

network with the help of cloud resources and IT services through the internet. It can provide the

proper security on the cloud data by using separate infrastructure which can make the elastic

environment for sharing the data. Cloud network must have the service provider for the purpose

of giving the services from multitenant framework. From this, it will get many benefits to the

specific organization which is using cloud environment. In this report, we are going to know

about the cloud security in cloud computing environment, how it was providing security to the

entire network and what kind of technology had used this domain as well.

IT infrastructure services are associated with the cloud network that is in the form of

storage capacity, proper network, services over the servers in the network. Some applications are

playing main role while communication such as infrastructure as a service in which gives proper

database with platform deploy application. And also, it can enable with some other applications

such as software as a service for providing update version of software, platform as a service for

providing robust platform and software are merging with subscription oriented application.

Hence, the management has to create the cloud service providers who are already working.

IaaS has to making multiple customers for scaling the services whereas the service

providers should compute the pay as you go application for every organization. Each any every

enterprise should maintain the financial sectors for monitoring their finance-oriented things in

the network infrastructure which will select to construct the public and private cloud, IT

infrastructure, management team for doing self-services. It must be concentrated more on quality

of the service, provisioning for on demand process, scalable performance and chargeback like

pay as you go. Every enterprise is supposed to construct the private cloud service and public

4

cloud service with the relevant applications which are all considered in cloud model and the

application want to be belonging in the data migration process in the cloud computing network

infrastructure.

In public cloud network, there is the possibility to having some authority for cloud

providers to do the specific operations such as decision-making capacity while migration and

accessing the application. Data migration process brings the netter performance to the cloud

service providers in which process is based on the cloud application. This process will affect the

security control, not giving the successful performance and ease of data migration, which is

damaged the client service experience in future. Then only, the network environment will go for

data centers for assisting this entire process in an effective manner. The major responsibility of

data centers is implementing the applications that are already processed in cloud computing

technology and triggering the infrastructure for provide some benefits like resiliency of the

service and scalable performance. Sometimes it may create the security issues when existing

application are running over the network infrastructure. In cloud security, some possible ways

are affecting the network while migrate the relevant application to the network which can’t

correct any issues like scalable and reliable performance through intrinsic software.

Most of the IT organization has the capacity to solve these issues by using some

functional operations and proper financial sector services. The legacy server is sharing the

information to the cloud database by using this strategy on the whole network. By making the

fresh infrastructure, the applications are redeploying with the platform through the service with

the help of service provider. The IT management team should build the coordination control for

overall environment for setting the cut over time period which is fixed by the management. This

team is supposed to collect the basic requirements for recompilation process to avoid migration

by using the approval applications over the compatible platform. In data centers, the cloud data is

stored in the separate data storage for achieving the targeted data in cloud network in which

comes under the targeted infrastructure. It may be in many forms such as public data cloud,

private data cloud as well as hybrid data cloud and it should give the transparent service to the

client by organization. (Zissis & Lekkas, 2010)

The organizational network has to use physical to virtual migration for data migration

process during the platform using existing application to virtual data. The identified application

5

can understand the service on business factors by the cloud data providers with the help of

technical assistance which is very important. The implementation cost is the major problem

when built the cloud infrastructure. So, it should reduce the cost estimation and the agility for

enterprise with the business factor through application while migration process. The cloud

service providers have the significant services for the purpose of providing the large storage

because of the main resources should utilize the standard application by the output which will

need some automation technology. By using IT services, it needs to be enabling with the cloud

computing models which will bring some rapid delivered platform and efficient services for the

growth of business. It should accept the latest version innovative applications and make the

opportunities for developing their service and increasing the financial status. There are multiple

resources are used in cloud computing network which are all leading services for producing little

more resources over the cloud data performance and financial sector services.

Some servers are ready to perform more operations while running the well-designed

application for avoiding workload and blowout issues in the network. Nowadays, there is a

demand of using scaling automation control service for equate the current sectors. The financial

service has to associate with the cloud data through pay by usage service which is the latest

method for reducing the security issues and risks etc. Generally, every organization can make the

private cloud service provider for the purpose of connecting all the networks with the cloud

server that will fix the economical status for investing the amount for a transaction. This process

should not be compromised on data centers which are proceeded the progress under the services.

If it is huge network infrastructure, there is a critical situation for pushing the services for

providing some inspiration to the data centers when it is depending on offshore from the

customers.

So that many organizations which had maintained the large network, it will definitely get

more benefits and also avoiding the data migration problem. Sometimes cloud security will get

strong platform and there is no more possible situation for an attackers who were affect the cloud

data. Due to these reasons, the network will reach to enhance their service to many enterprises

and financially it will get profit which can develop the business growth as well. Meanwhile, it

can make the awareness to the private sector and public sector for organizing the typical network

infrastructure with the strategy which is given by the enterprise at the same time there are some

6

advantages such as make the responsible to the client and give the approach to the service

provider.

THREATS, VULNERABILITIES AND CONSEQUENCES

In cloud computing infrastructure, the private clouds were using the data centers through

the agencies and service departments which are maintained by cloud data providers. They can

easily pass the confidential or sensitive data with the internal operations by the organization.

Sometimes, there is a chance to involve the third person like attackers for the purpose of

accessing the sensitive data or including some irrelevant data into the data storage for affect the

cloud security. Every organization will face these issues for every data transaction over the

cloud. Meanwhile, some government has to maintain the private cloud data service providers for

controlling the entire network through the data centers with their agencies. It gives the clear

infrastructure along with some approaches that should apply for the purpose of exchanging the

confidential data and changing the interaction between the business sectors. It fixes the tax for

monitoring the finance sector management team by the government. During virtualization, it is

supposed to create the statistics for denoting the software for data transition over the private

cloud network. It gives more advantages to the private cloud infrastructure but they must do the

adoption process carefully with the significant application and proper planning which are

concentrated by the organizational management. In future, there is a possible ways to achieve the

service over the network in a successful manner.

Some financial factor can be balanced the adoption process while understanding the

customer’s experience and easy to access the network without any irrelevant process. The data

adoption process had done 30% for large organization and 40% for small scale organization.

From the initial level of stage, it sets the cloud strategy with the help of organization that is used

for business development. Most of the enterprises are associated with the deployment model that

has many correlation methods through the strategies. These strategies are created the

organization through the cloud data service provider. Cloud security will be maintained by the

private and public cloud sectors in form of utilizing the services and applications in which

process need to be integrated the self-service over the cloud network infrastructure.

7

Some enterprises don’t have a proper plan or strategies for maintaining the financial

process on relying as the private cloud network which is considerable as the difficult process as

well. There are some mutual approaches are connected with all types of cloud network such as

public, private and hybrid over the IT. It makes the uplift to the network for improvising the

services with the less amount of energy because of it may help in many ways such as eliminating

the irrelevant links in the network, reducing the time provision, increment the market value and

create the flexible process etc. And also, the cloud ownership could be adjusted with the data

adoption process while sharing about the implementation cost. These are all the common reasons

for developing the cloud infrastructure without any third person access in the data storage. Every

organization has to offer some enticing prospect to their cloud network which can easily change

the cloud computing services and it has the ability to invest more money on the IT sectors.

The spending amount can be invested rather than the proper equipment or tools,

application with software and memory storage capacity with the entire resources to be used.

These components will utilize in this process with the help of utility-based model. From the

significant requirements, it must provide the proper plan on expenditure list and investment list

which are all helpful in future through the basic equipment’s on the time. The pay as you model

can bring the resources on the cloud network in which resources are ending up the economic

status from the initial stage to final stage of the process. It is supposed to considerable

advantages with the clear terms and conditions that will followed by the organization based on

the cost and services whereas the cloud computing service provider move on to the third-party

access by facilitating the approaches. It saves the time consumption, energy consumption and

cost reduction during the data transaction period. The accomplishment of energy charger should

use for energy saving process which can easily reduce the unwanted process within the network.

The organizational management needs to be created the maintenance team and

controlling team for removal of irrelevant and damaged raw data in the data storage to the

network. The financial services are delivering the low cost services and reduction process over

cloud computing network infrastructure. Due to these reasons, the cloud network can easily

adopt with the data centers for the providing some application over the internet to the clients

network. Sometimes, the time duration is the heavy process by sharing the information and to

other networks for sends the virtual data. It has to increase some features such as,

8

 Integrity

 Scalability

 Reliability

THREATS

Threats are most avoidable one in cloud computing network which comes under from

third party accessibility and there is no assurance to control in which is the network such as

arrangements of outsourced data and traditional information in the data storage. But some of the

common network like security standards will make the challenges to the cloud network

infrastructure for accepting all the conditions via internet connections. This process is handled by

the cloud data vendors who are implemented the security standard with the help of technologies

and proprietary applications in various types of cloud security models. The cloud data vendor are

the taking the responsibility to take over the network security with the cloud models which can

ultimately slow down the process by the client from the attackers. Data adoption process is

monitoring by the organization with complete policies and conditions over the requirements

which are given by the cloud data provider. It will create this process for some reasons such as

diligence, activity based on assurance control and risk assessments.

Every enterprise should face the security challenges from the attackers that could faced

by the cloud provider with the radical manner. Nowadays, it can easily manage those situations

with the proper application standards and criteria. There are two types of threats are creating

these problems on cloud network environment such as internal and external which are used in

many ways in the form of acceptance of risks and data migration. In external threats, the

organizations need to apply the statistical information by adopting the security challenges

through the private cloud through the assurance activities. The public cloud has to design the

application among the cloud vendor while implementing the security control mechanism by

owned organization. From the own cloud network, the enterprise had examined the capable

network with the attack. The emerging technology must follow some rules and regulations for

control the security issues on their network and avoiding the risk assessments.

The cloud network countermeasures are associating the technology which is based on

security risk avoidance method as strategy. In cloud environment, the sensitive information are

9

residing the risks and threats. By using cloud security models and cloud delivery models, the

data can build the infrastructure with the assist components and design the parameters. Due to

the appearance of the vulnerable data, it will make the unavoidable threats into the cloud data

network. Both the models are provided the same categories such as, reliability, confidentiality

and scalability. There are many ways to attack the network through two types of attackers such

as,

 Internal Attacker

 External Attacker

INTERNAL ATTACKER

Generally, confidentiality is one of the main key threat agents which are in the form

insider user threats or internal attacker. It can enter into the network with the help of malicious

code that can classify into three types such as cloud provider or user, third party user and cloud

customer. The cloud customer can send the data by internal attacker who will assign the models

to the largest organizational network for introducing the service structures like IaaS, PaaS and

SaaS. Here, the admin of the cloud data network infrastructure is supposed to test all the services

and applications by the help of developers and cloud mangers. The cloud platform is focused

with the consultant and manger for reducing the third-party access.

EXTERNAL ATTACKER

External attacker can trigger the threat on the network for affecting the software and

application in the cloud environment and also it was monitoring the network infrastructure.

There are many software and hardware components are using for making the proper network

framework through the combinations of software and application and monitor as well. (Bowen,

2011)The cloud provider user is associated with the social engineering with the customer or user.

This could have the perceived data during the period of sharing information to the cloud data and

it makes the threats with the help of external attacker in both the cloud types such as private

cloud and public cloud. The cloud delivery model has the capacity to connect the various types

of multiple resources without affecting the network at the end point level by pin point.

10

The group of enterprises with the reserved data has more sensitive and confidential

information in the cloud data service providers. It may create the problem of data leakage in the

data storage and insert the threats because of attackers. The cloud data need the back up and it

can create the failure in the physical layer in the network with the help of assisting on electronic

transport system. From the multiple resources, there are lots of multiple domain are joining

together for accessing the right across for avoiding the failure of security level. By the presence

of data leakage, the threats can easily spread the unavoidable irrelevant data in the large cloud

data network with the organizational network. The cloud data service provider has to recover the

human errors for leading the development process and misuse the confidential data and sensitive

data. Some of the main problems are noticed in which are such as data leakage problem, data

mislead, misuse the information and affect the network. Hence both the types of attackers are

making many security problems and it can make the challenges to the network that is maintained

by organization.

Data integrity threats are caused by configuration of incorrect process through the virtual

machines during on sharing of virtual data. Though the appearance of security perimeters, it

should compromise the incorrect configuration process which is defined by cloud data provider.

In cloud environment, the data integration process is considered as more difficult to access the

SaaS infrastructure with configuration software from the multiple resources for the customer

satisfaction. Some threats are going to interrupt the network which is against the cloud server and

it is easily segregating the source in an effective manner for decreasing the performance while

communication over the network.

Changes in management make threats in two ways such as change the infrastructure and

change the customer services which are depending on cloud data network, customers, third party

or unauthorized access and cloud data providers. It can create the impact among them during the

penetration testing for the customers or clients. Due the changes in management, it will have

some responsibility to increase the models like cloud data delivery model by cloud service

providers. Hence, the threats are changing the development in to the cloud service in which is

introducing negative process in both the components such as software and hardware. The next

threat is denial of service, through DNS in the network, distribution network in network

bandwidth and applications over the data.

11

In cloud service, the public cloud is directly involved in external network of key threat

agent with the help of cloud computing resources which is affected the cloud security. It can

easily affect the models, service, components and communication etc. The one more threat is

disruption in to physical layer in which kind of threat is dangerous. It affects the physical access

over the IT services by the disruption process with the cloud customer. In WAN, the third party

is disrupting the network by the cloud service provider. Generally, the cloud service can enter

into the network for the purpose of induce the disruption in physical layer components and it will

make the difference in the data centers for protecting the facility by resilience. But it can affect

the internal and external components of physical layer through remote accessing that is used for

monitoring the work place with the standard perception. During the exploiting procedure, the

recovery of weal data will affect which is caused by attacker. The cloud data provider from the

attacker whose are connected with the business invocation and find any disaster into the recovery

process. (Anthens, 2010)

Incident management is one of the threats which is caused by the inadequate process of

recovering the data by the cloud providers and destroy the procedures, applications and

management. It is the initial stage for affect the sensitive data and confidential data during the

transaction among in both service providers on public cloud data network by using parallel

management technique. The third party has to attack the significant data during the recovery time

which makes the impact of other network providers and customers as well.

SECURITY CONTROL MECHANISM

Security control mechanism will be provided the centric security for the sensitive and

confidential information for the organizational network. It is for extending the control

mechanism over the cloud data to make the approach with the help of data protection technique.

Through the intelligence, there are some self-protection model which is for requiring the basic

data cloud and defending the self-data for describing the information over the data environment

process. It is regarding by the data protection control by securing the network infrastructure for

reducing the maximum attempts in the cloud environment. This process must take the time for

verification because it is trustworthiness process to create the cloud framework without any

interruption and attack with the help of using trusted technology in cloud computing domain.

12

Due to the business intelligence appearance, the privacy will be enhanced by the cloud

data provider which is suitable for multiple resources by using the process of encryption

technique for the purpose of controlling the retailed data, creating the limited resource in cloud

computing network infrastructure. Encryption process has done by the cryptographers for hiding

the personalized and confidential information which is considered as the most complicated

process and the operation of their process is also little bit critical during the compilation with the

help of cipher text key. It is most effective process for sustaining the security in cloud data

infrastructure. In current days, there are number of new cryptographic techniques are applying

for encryption process which gives many possible solutions and goes to the right direction over

the deployment model for providing cloud security.

The attestation between the cloud provider and customer are connected with the common

network server for monitoring the high assurance data. The business organization need not

behave any discouraging the attack in the cloud network for keeping the security level higher

than other network. Sometimes, it causes the lack of application, lack of transparency and lack of

security control. Data owners must do the auditing process over the network who can handle the

cloud data effectively and they are not allowing the abused data and leaked information in to the

cloud network infrastructure. This is the main responsibility of data owner in the network.

Trusted computing technology is the common technology which is especially made for

cloud network for the purpose of monitoring the cloud server and checking the data transmission

process on the server by using the operation before the auditing process. It is supposed to have

some proof of compliance with some guarantee card for accessing the trusted computing data

over the policies and conditions. (M Carroll, 2011)Because of, it will produce the requirements

for the process of proof compliance during data processing in to the cloud server and giving the

current statement for that execution. The proof compliance has to pass to the data owner of the

network after completing the auditing process who will receive the data compulsory. It should

monitor the data and verify the personalized information with the help of coding by the cloud

data server that has to be accessed over the terms and conditions.

13

PROTCTION MECHANISM

Cloud data must be in secure network because it is one of the largest networks and it consists of

many technologies, methodologies and security control mechanism. These are all used to store

the secured data and information that enforces to the government and also private sector

network. There are three different types of security breaking tools are used in cloud computing

network environment such as,

 Detection and prevention technique for data migration process

 Data moving protection technique

 Cloud data protection mechanism during data transition

These techniques are managed and controlled by the help of cloud data service providers.

Data migration process needs to allow the detection technique for the purpose of

identifying the threats and risks on the network and prevention technique is used for preventing

the vulnerabilities from an attacker on the cloud. The organization has to know about the inner

process of data migration that is the challenge for that particular network infrastructure. So that

many enterprises are associating with data centers for developing their business-oriented services

for storing the confidential information by the personal unit sector. It gives the approval for

getting the notification for keeping the security control from the cloud service provider. This is

very important process while data transaction among the communication between the multiple

networks. Here, the cloud data provider plays the major role to serving the service to all the

networks which are connected to the cloud server.

The server is supposed to monitor the data and information which is moving to other

network that can make the problem of data loss and data leakage while preventing the URL

filters. During data migration process, there are some possibilities to store the huge internal

information which is also monitoring and verifying with the help of activity control. It proceeds

in two ways such as data activity monitoring technique and file activity monitoring technique in

which steps are managing the unapproved information.

Data moving protection technique is used for protecting the moving information to the

public and private cloud network for getting the service models form the multiple resource

14

networks which is for deploying the data transmission process. It gives the full-fledged security

to the cloud data network in the form of convert the information to the cloud data providers,

convert the information from multiple instances to cloud network, convert the information to the

cloud data providers form the traditional data environment. For example, the permutations of

private cloud, public cloud respectively internal and external data into the cloud network.

(Carroll, Kotzé, & Merwe, 2012)

Cloud data protection mechanism, is used for protecting the large resource of data during

data transition process. Sometimes, the wide range network and long-distance network can use

heavy technology and applications for providing security control mechanism with the available

resources in the cloud environment. Meanwhile it can access the hidden information from the

database which can store the file, data and multiple texts. Some of the options are available in the

cloud infrastructure for the purpose of changing the security mechanism model for making the

content-oriented process. And also, there are some prevention technique models like content

delivery model in which can analyze the entire process and execute the tools among the

confidential data by the help of cloud data provider in cloud network. Hence, there is no

possibility to attacking the network by third parties and other unauthorized access from the

outside.

15

REFERENCES

Anthens, G. (2010). "Security in the cloud". Communications of the ACM. 53 (11): 16.

doi:10.1145/1839676.1839683 .

Bowen, J. A. (2011). Cloud Computing: Issues in Data Privacy/Security and Commercial

Considerations. Computer and Internet Lawyer Trade Journal. 28 (8), 8 .

Carroll, M., Kotzé, P., & Merwe, A. v. (2012). "Securing Virtual and Cloud Environments". In I.

Ivanov; et al. Cloud Computing and Services Science, Service Science: Research and

Innovations in the Service Economy. Springer Science+Business Media .

M Carroll, P. K. (2011). Secure virtualization: benefits, risks and constraints, 1st International

Conference on Cloud Computing and Services Science. Noordwijkerhout, The Netherlands, 7–9

May 2011 .

Zissis, D., & Lekkas. (2010). "Addressing cloud computing security issues". Future Generation

Computer Systems. 28 (3): 583. doi:10.1016/j.future.2010.12.006.