Major Project

 

Cloud security

Cloud security, also known as cloud computing security, is the practice of protecting cloud-based data, applications and infrastructure from cyber attacks and cyber threats.

The goals of cloud security and cybersecurity as a whole are the same. Operators of cloud security must protect assets that are located within the infrastructure of a third-party service provider, which distinguishes it apart from traditional cybersecurity.

Why Cloud security is important?

Business-critical apps and data are moving to trustworthy third-party cloud service providers (CSPs) as enterprise cloud usage increases. The majority of major CSPs include standard cybersecurity instruments with monitoring and alerting features in their service offerings, but internal IT security staff may find that these tools don't cover all of the bases, indicating that there are cybersecurity gaps between what the CSP offers and what the enterprise needs. Data loss and theft are now more likely as a result.

Cloud computing operates in three main environments:

1.    Public cloud services: CSPs host the websites. SaaS (software as a service), PaaS (platform as a service), and IaaS (infrastructure as a service) are a few examples.

2.    Private clouds are hosted by or for a single organization.

3.    Hybrid clouds include a mix of public and private clouds.

The shared responsibility model, though not organised is a framework that specifies which security tasks are the responsibility of the CSP and which are the customer's.

How to secure data in the cloud

The procedures needed to protect data in the cloud differ. Considerations must be made concerning the nature and sensitivity of the data that needs to be safeguarded, cloud architecture, the availability of built-in and third-party solutions, and the quantity and classifications of people who are permitted access to the data.

These are the general best practices to secure business data in the cloud include the following:

·         Encrypt data at rest, in use and in motion.

·         Use two factor authentication or multifactor authentication to verify user identity before granting access.

·         Isolate cloud data edge backups to prevent ransomware threats.

·         Adopt cloud edge security protection, including firewalls and antimalware.

·         Ensure data location visibility and control to identify where data resides and to implement restrictions on weather data can be copied to other location inside or outside the cloud.

·         Log and monitor all aspect of data access, addition and changes.

Top cloud security challenges

·         insider threats

·         data loss

·         data breaches

·         IAM

·         key management

·         access control

·         phishing

·         malware

As for cloud security challenges specifically, administrators have to deal with issues that include the following

·         cloud account hijacking.

·         lack of cloud visibility and control.

·         working with cloud security tools that in-house administrators may be unfamiliar with.

·         tracking and monitoring where data is located both in transit and at rest.

·         misconfigurations.

·         weak cloud control plane.

·         challenges understanding the shared responsibility model.

·         nefarious use of cloud services (Froehlich, A., Shea, S. and Cole, B. 2021).

References:

Froehlich, A., Shea, S. and Cole, B. (2021) What is cloud security?, Security. Available at: https://www.techtarget.com/searchsecurity/definition/cloud-security (Accessed: 03 June 2023).

(No date) Cloud security issues - IEEE conference publication. Available at: https://ieeexplore.ieee.org/abstract/document/5283911/metrics (Accessed: 03 June 2023).

Author links open overlay panelAshish Singh et al. (2016) Cloud security issues and challenges: A survey, Journal of Network and Computer Applications. Available at: https://www.sciencedirect.com/science/article/pii/S1084804516302983 (Accessed: 03 June 2023).

Comments

Post a Comment

Popular posts from this blog

Academic Paper Summary

Image
 PAPER SUMMARY As businesses increasingly rely on cloud computing for storage, processing, and application deployment, cloud security is becoming a crucial concern in today's digital economy. Although cloud computing has many advantages, it also poses a special set of security problems and difficulties that must be resolved. A thorough and multi-layered approach is necessary for cloud security. To protect the privacy, integrity, and accessibility of data and applications in the cloud, a variety of technical controls, strong rules and processes, staff training and awareness, and ongoing monitoring are used. Organisations may take use of cloud computing's advantages while reducing potential security threats by being aware of and addressing these challenges. Paper link:  http://dx.doi.org/10.1016/j.jnca.2016.11.027 Reference: Ashish Singh⁎ , Kakali Chatterjee (2016) Cloud security issues and challenges: A survey , Journal of Network and Computer Applications . Available at: ...
Read more

Software (Example) ALTERYX

Image
 You will drop and connect several tools in the workspace to create your workflows, just as we did with our first workflow. By dragging, dropping, and connecting various tools into the workspace to process your data, all workflows are created in the same manner. We can instruct particular tools or even the workflow itself on how to act and handle our data through the Configuration Window. Any tool that is selected in a workflow will display its configuration window, allowing you to change any associated parameters. In this instance, the input tool from our initial process has been chosen, and several settings for our csv import, such as the file's delimiter, are displayed.( Alteryx designer interface  no date) References: Avidon, E. (2019) Alteryx analytics platform focuses on ease of use: TechTarget , Business Analytics . Available at: https://www.techtarget.com/searchbusinessanalytics/news/252474294/Alteryx-analytics-platform-focuses-on-ease-of-use (Accessed: 04 June 2023)....
Read more

Case Study (Conclusion)

  CONCLUSION In conclusion, the WhatsApp breach in May 2019 exposed the possible weaknesses in messaging apps by having a substantial impact on a particular population. Quick action was taken by WhatsApp to rectify the problem and put protective measures in place for its users. The event did, however, serve as a reminder of the difficulties that still exist in protecting the security and privacy of digital communications. 
Read more