Cloud computing is a procedure, which is utilized to empower the organizations, receiving its administrations, the capacity to devour a registered asset like the virtual machine (VM), application or capacity. The report conducts an analysis of the risks involved with the migration of the existing database to the virtual servers using IaaS services. The analysis also includes the risks and security to be applied for the concerned process of migration.
Cloud computing is a procedure, which is utilized to empower the organizations, receiving its administrations, the capacity to devour a registered asset like the virtual machine (VM), application or capacity.
The migration of the database is being implemented by the organization to implement the activities of cloud computing. This section of the report discusses about the types of security to be applied to the cloud hosted database and the benefits that are to be achieved by such processes.
Types of security:
The first type of security process to be applied to the cloud-hosted database is the data leak protection and monitoring of use. IaaS services are useful because it provides the ability to monitor and track the analytics of usage. This is required for the administrative authorities to know the users who are accessing the cloud, their IP address and locations.
The next step that is referenced by the IaaS approaches is the authentication and authorization. These methods do not grant access to un-identified users (Garrison, Kim & Wakefield, 2012). The two-factor authentication or the multi factor method is one way of authentication to the service. In addition, the presence of tiering is also an effective way to give authorization. This process limits the access to the information system that is limited to the level of tiering.
In addition, the organizations with IaaS, both in the private and public cloud, needs exhaustive logging and revealing set up. With a specific end goal to monitor where the data is, who has access to it, the responsible machines for it, and storage computers in charge of it need logging and detailing arrangements as they will turn out to be more vital in case of a security break.
Moreover, the presence of the various technologies in the place is to be safely identified and updated to apply security benefits. The IaaS also allows the use of technologies that helps to update the security protocols in an offline model of the process (Hashizume et al., 2013). This system allows the implementation of better security rules and helps in testing the system security.
Lastly, IaaS as an administration process needs to exploit from end-to-end encryption. Ensuring the whole disk encryption including all the files present in the system guarantees encryption. In addition, the need for encrypting the connections to the system is also to be encrypted. This is possible over SSL/TLS or IPSec.
Benefits and issues of implementing cloud features:
The main benefits of the security procedures are the presence of enhanced security. This helps in providing a peace of mind to the administrator of the system as well as the organization head. These authentications and authorization processes help in the safety of the system and keep the system secure so that the business and their clients or customers are not affected.
The main risks to the system are the need for access to the system. It may happen sometimes that the administrator may forget the key needed for access and this may lead to disruption in the operation flow (Jadeja & Modi, 2012). In addition, thought the security features are being enhanced day by day, the skills of the attackers are also increasing at the same level. This creates a need for better security check in a frequent interval.
Risks in migration of the database:
This section of the report discusses about the various risks that applies to the database, the IaaS infrastructure and the network between the organization and the database.
his section of the report discusses about the various risks eminent during the cloud migration processes. In case of cloud migration, various application used by the system may have licensing problems due to the use of cloud technologies (Garrison, Kim & Wakefield, 2012). In addition, the transparency to the system is reduced as the vendor providing cloud structures are in charge of the administration process and any changes are to be referenced to these vendors as well.
Risks in IaaS infrastructure:
Various risks are evident in the IaaS infrastructure due to the presence of discrepancies to the system. They include the misconfiguration, vulnerabilities and shadow-IT.
Misconfiguration is the first risks that come in the IaaS infrastructure. The various options of detecting misconfiguration are to be followed to remove the presence of any problems in the system. The processes included in this section are the discovery of misconfiguration, which relies on the IaaS APIs to scan the whole database (Hashizume et al., 2013). In addition, fixing of these misconfiguration by the application of codes or APIs to compares it with pre-placed templates which is in compliance to the security standards is also include in this process. Lastly, the monitoring processes are also included, which test the presence of any detected errors in the newly made system.
Vulnerability in the system is also to be addressed by the clients and not the vendors. The vulnerability management includes the application of specific processes like automated scanning and more analysis to reference the various changes in the workload security.
Shadow-IT is another threat, which involves the presence of many features in the system that is left unused. This includes the ghost servers, orphan storage and dormant storage. The ghost servers are unused servers that are still operable and present in the system. Orphan storage is the presence of storage server in the system that is not used for a long time (Garrison, Kim & Wakefield, 2012). Dormant resources are the use of a new server in presence of the old server. All these problems pose a risk as it can be used by outsiders to get sensitive information from the old servers.
Risks in communication between the organization and database:
The various risks involved in the communication processes are the privacy concerns and the availability of data. Due to the provisions of the cloud solutions by third party vendors, the information that is stored by the organization regarding their aspects of business parameters is not very confidential as the vendors can look into them, which raise security, or privacy related concerns.
Another risk is the presence of internet access to the system. In case of facing any threats to the system, the organization needs to close the system to fight such procedure (Hashizume et al., 2013). This process requires the presence of internet for communication. In cases of absence of internet, the solution will not be addressed properly which can lead to grave impacts in the business.
Risks in data backup, storage and retrieval:
This section of the report discusses about the various risks associated with the backing up of data, storage of data and the retrieval of data using cloud technologies.
Data backup is the most required process for businesses implementing cloud features. However, the presence of risks in these processes can lead to problems in operations. The associated risks to the system include the unauthorized access, management of access and data loss.
In cases when the cloud solutions are provided from the vendors, the reliance of security can be weak depending on their adopted features (Kavis, 2014). If the adopted security measures are weak, then breaches can be possible which can lead in the halting of the business prospects. The need for encryption in the data that is being backed up is required to mitigate such risks.
The next risk is the requirement for management features in the system. The need for encryption of the backed up data is required along with the storage of the keys for access. These keys are to be stored using offline entries so that access is guaranteed always.
astly, the data loss is another risk that involves the replication of the data in backup process. During such processes, the newer data replaces the older data present in the cloud. However, during addressing requirements for the older data files, access can be impossible sometimes depending on the cloud feature. Thus, it is necessary to contact the vendors about their process of backup.
This section of the report discusses about the various risks involved in the storage of data. This includes the large backup windows, security and outage.
Backup of the data is done to store the information for safety measures. During the backup process, the information is to be transferred to the cloud. This information usually ranges to a very high size and the transfer using the normal LAN cables are a hindrance to the storage of the data as the system will take a huge amount of time.
In cases when the cloud solutions are provided from the vendors, the reliance of security can be weak depending on their adopted features. If the adopted security measures are weak, then breaches can be possible which can lead in the halting of the business prospects (Kavis, 2014). The need for encryption in the data that is being backed up is required to mitigate such risks.
Another risk is the presence of internet access to the system. In case of facing any threats to the system, the organization needs to close the system to fight such procedure. This process requires the presence of internet for communication. In cases of absence of internet during outage, the solution will not be addressed properly which can lead to grave impacts in the business.
This section discusses about the various risks associated with the retrieval of data. This includes the restore window and disappearances of the vendor.
The restore window is a much-discussed risk, which affects the retrieval of the data (Jadeja & Modi, 2012). In cases of huge data retrieval, the time required can range from days to months as this is usually done over the LAN cables.
The next risk is the disappearance of the vendor. In cases like these, the information that is required during retrieval can be lost leading to grave effects on the system.
Applications of cloud backup in the organization:
Many advantages can be utilized by this migration of the existing database. The organizational benefit is the reduction in the expenditure needed for effective processing and maintenance. Due to the existence of virtual systems, infrastructure requirements are also removed (Suo et al., 2013). This helps in faster deployment of their products, which also increases customer satisfaction.
In addition, in case of business expansion, the need for infrastructure expansion is reduced as the system allows remote access from anywhere on the world. This also reduces the storage requirements for maintaining such equipments.
Lastly, the backing up of data is much more effective than the traditional ways of database management. This also helps in addressing disaster mitigation process of the system.
Recommendations for access protection:
This section of the report focuses on the provisions of security access to Webb’s Store systems. The access to the IaaS infrastructure is done by physical access, internet access, web console and APIs. The physical access is provided by the cloud vendor. Their standards and protocols are complied for security and the organization is recommended to analyze these policies (Jadeja & Modi, 2012). The security in internet access is done by accepting solutions of other vendors like the Cloud Sigma. They make use of firewall techniques that could be setup by the organizations itself. In case of console usage and APIs, the organization also needs to apply tighter security features for access.
Ms SQL Server 2012 R2 cloud instance:
The access to the cloud instance can be provided by establishing a secure session using a secure access protocol such as SSHv2 or TLS/SSL. The access to VM instances will be done by using multi factor authentication with one of the authentication factors like a public key certificate. The enabling of privileged access to server instances from IaaS cloud consumer’s corporate network is to be recommended for the access protection.
The use of browsers to access the cloud must be minimized, as they are prone to injection attacks. The presence of security tools is needed in the VMs to enable information leak and back door intrusion (Suo et al., 2013). These antivirus tools must also be used to remove malware form the system.
Cloud backup and restore:
In cases when the cloud solutions are provided from the vendors, the reliance of security can be weak depending on their adopted features (Suo et al., 2013). If the adopted security measures are weak, then breaches can be possible which can lead in the halting of the business prospects. The need for encryption in the data that is being backed up is required to mitigate such risks and the vendor must apply strong authentication features.
Thus, it is concluded from the report that the cloud process is mainly concerned with the removal of physical levels of the infrastructure so that their existence is based on the cloud. After careful analysis of the various risks associated in all aspects of cloud features, it is recommended that the migration of the database by the Webb’s Store to be effectively done by considering the risks discussed.
Garrison, G., Kim, S., & Wakefield, R. L. (2012). Success factors for deploying cloud computing. Communications of the ACM, 55(9), 62-68.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1), 5.
Jadeja, Y., & Modi, K. (2012, March). Cloud computing-concepts, architecture and challenges. In Computing, Electronics and Electrical Technologies (ICCEET), 2012 International Conference on (pp. 877-880). IEEE.
Jula, A., Sundararajan, E., & Othman, Z. (2014). Cloud computing service composition: A systematic literature review. Expert Systems with Applications, 41(8), 3809-3824.
Kavis, M. J. (2014). Architecting the cloud: design decisions for cloud computing service models (SaaS, PaaS, and IaaS). John Wiley & Sons.
Khan, A. N., Kiah, M. M., Khan, S. U., & Madani, S. A. (2013). Towards secure mobile cloud computing: A survey. Future Generation Computer Systems, 29(5), 1278-1299.
Kumar, S., & Goudar, R. H. (2012). Cloud Computing-Research Issues, Challenges, Architecture, Platforms and Applications: A Survey. International Journal of Future Computer and Communication, 1(4), 356.
Li, J., Qiu, M., Ming, Z., Quan, G., Qin, X., & Gu, Z. (2012). Online optimization for scheduling preemptable tasks on IaaS cloud systems. Journal of Parallel and Distributed Computing, 72(5), 666-677.
Mauch, V., Kunze, M., & Hillenbrand, M. (2013). High performance cloud computing. Future Generation Computer Systems, 29(6), 1408-1416.
Sanaei, Z., Abolfazli, S., Gani, A., & Buyya, R. (2014). Heterogeneity in mobile cloud computing: taxonomy and open challenges. IEEE Communications Surveys & Tutorials, 16(1), 369-392.
Suo, H., Liu, Z., Wan, J., & Zhou, K. (2013, July). Security and privacy in mobile cloud computing. In Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International (pp. 655-659). IEEE.
Wei, L., Zhu, H., Cao, Z., Dong, X., Jia, W., Chen, Y., & Vasilakos, A. V. (2014). Security and privacy for storage and computation in cloud computing. Information Sciences, 258, 371-386.
Xu, X. (2012). From cloud computing to cloud manufacturing. Robotics and computer-integrated manufacturing, 28(1), 75-86.
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583-592.