Reference no: EM131053933

Cloud Computing Outline

ABSTRACT

Cloud computing is one of the biggest catchphrases in the Information Technology world. Virtualization is the core technology behind cloud resource sharing. The deployment strategy involved in a cloud environment includes the components of grid computing, parallel computing, and utility computing. This rapid transitioning into cloud computing has concerns over secure communication in information systems. Most IT people share different points of view on cloud computing (Marks & Lozano, 2010). Cloud computing vendors try to ensure the security of their product. This paper will investigate possible security issues, with cloud computing and solutions to those security challenges.

CHALLENGES

Whereas Cloud Computing has numerous benefits, it also has significant challenges regarding its adoption. Firstly, its adoption comes with security loopholes. Compliance is another issue. Privacy and legal considerations are bottlenecks as well. Since Cloud Computing is a comparatively novel computer model, considerable uncertainty exists at all levels such as its hosting, networking, data levels, and application (Tajts, 2012). Consequently, there is a need to address these issues too before or during the deployment of the Cloud Computing. The repercussion has been many company executives addressing data security as their foremost priority.

The fact that the valuable enterprise data will reside outside the corporate firewall raises serious concerns. Hacking and various attacks to cloud infrastructure would affect multiple clients even if only one site is attacked. These risks can be mitigated by using security applications, encrypted file systems, data loss software, and buying security hardware to track unusual behavior across servers. Phishing, fraud, and software exploits are still successful, and cloud services add a new dimension to the threat because attackers can eavesdrop on activities, manipulate transactions, and modify data. Attackers may also be able to use the cloud application to launch other attacks (Rashid, 2016).

Data breaches and other attacks frequently result from lax authentication, weak passwords, and poor key or certificate management. Organizations often struggle with identity management as they try to allocate permissions appropriate to the user's job role. More important, they sometimes forget to remove user access when a job function changes or a user leaves the organization (Rashid, 2016).

Safety aspects entail risk avenues comprising reliance on the "universal internet", external data storage, integration with local security, ineffective control, and multi-tenancy. In contrast to conventional technologies, the cloud has distinct features involving its large scale and the fact that resources within the cloud completely virtualized and heterogeneous (Tajts, 2012). With the evolution of clouds, security issues such as authentication, identity, and authorization are insufficient.  The security Cloud Computing security's controls are quite similar to security checks in any other IT environment. Due to different cloud models used such as technologies and operational models to make cloud services useful, Cloud Computing represent various risks to firms than the conventional IT solutions (Marks & Lozano, 2010). Regrettably, augmenting security into such solutions is always viewed as aggravating an already bad situation.

Transferring critical applications and sensitive data to universal cloud environments is of grave concern to firms that are going past data centers within their jurisdictions. To alleviate the concerns, cloud solution providers have to ensure that clients will always have the same privacy and security controls over their services and applications. Moreover, the providers must prove to the clientele that theirs is a secure organization and that they can fulfill their service level contracts and that they can offer proof to their auditors.

Another challenge to cloud computing is service quality. It is difficult to assess the costs involved due to the on-demand nature of the services. Budgeting and assessment of the cost will be very difficult unless the provider has some good and comparable benchmarks to offer. The service-level agreements (SLAs) of the provider are not adequate to guarantee the availability and scalability. Businesses will be reluctant to switch to cloud without a strong service quality guarantee. To ensure that companies can meet their SLAs, it's imperative to ask the right questions. Here are a few questions that should be asked about service quality (Casey, 2015):

1. What are your minimum service levels?
2. What remedies are in place when a failure occurs?
3. What disaster recovery and business continuity procedures are in place?
4. How quickly do you identify and solve problems?
5. What is your escalation process?
6. What is your exit strategy?
7. What is your termination process?

Reliability and Availability Cloud providers still lack round-the-clock service; this results in frequent outages. It is important to monitor the service being provided using internal or third-party tools. It is vital to have plans to supervise usage, SLAs, performance, robustness, and business dependency of these services. The challenge with the cloud is that the data is accessed via an internet connection rather than a local connection. So when the network or internet connection is down, it also means that cloud services are also down; thus data cannot be accessed.

Businesses can save money on hardware but they have to spend more for the bandwidth. This can be a low cost for smaller applications but can be significantly high for the data-intensive applications. Delivering intensive and complex data over the network requires sufficient bandwidth.  Because of this, many businesses are waiting for a reduced cost before switching to the cloud.

SOLUTIONS

Since cloud computing issues are mainly centered on preserving privacy and confidentiality of data, it necessary to protect the integrity of data and ensure that information does not get into the wrong hands. As such, data encryption and other protective measures have to be taken to ensure that authorized institutions and media do not have access to such data and information. The meaningful solutions for to the issues comprise tokenization and encryption of data that is the cloud stores. Due to technological advances, novel solutions have emerged to enhance data security and protect sensitive information and classified applications. Cloud Encryption Gateway is one such solution (Tajts, 2012). It enables enterprises to tackle security issues associated with cloud. The portal serves act as proxy "entry" to any applications compatible with the cloud. Because the sensitive information is still und corporate custody every time, firms can move to cloud confidently without worrying about security, privacy and regulatory issues of submitting sensitive data alongside external service providers.

CONCLUSION

With the advances in technology, considerable gains have been made regarding reducing the cost of communication between firms, employers, and employees. Cloud computing has been the greatest technological advancement. Whereas it has numerous benefits including lower cost and improved data accessibility, it also poses challenges to data security, privacy, and integrity.  This paper has looked at the loopholes the cloud creates such as the "universality" of data. It has looked at the tradeoffs between the benefits and challenges. Finally, it has suggested solutions such as cloud encryption to safeguard data privacy.