Assessing the Security Risks of Cloud Computing - 2893 Words

Research Publication Date: 3 June 2008 ID Number: G00157782 Assessing the Security Risks of Cloud Computing Jay Heiser, Mark Nicolett Organizations considering cloud-based services must understand the associated risks, defining acceptable use cases and necessary compensating controls before allowing them to be used for regulated or sensitive information. Cloud-computing environments have IT risks in common with any externally provided service. There are also some unique attributes that require risk assessment in areas such as data integrity, recovery and privacy, and an evaluation of legal issues in areas such as e-discovery, regulatory compliance and auditing. Key Findings †¢ †¢ The most practical way to evaluate the risks†¦show more content†¦All this makes it easier for them to keep their costs down and scale to meet changing customer demands, but it also makes it harder to assess the risk to your organization from using such a service. Organizations potentially can gain a competitive or cost advantage through selective adoption of cloud computing, but not without first taking a comprehensive look at the associated risks, ensuring that they are consistent with business goals, along with the expectations of regulators, auditors, shareholders and partners. It is especially challenging to understand the risks associated with cloud computing, and CIOs, chief information security officers, compliance and privacy officers, and line-of-business managers should be involved in the risk assessment of new cloud-based services. If a company is considering the use of an external service of any sort, then it needs to: †¢ †¢ †¢ â⠂¬ ¢ Assess the security, privacy and regulatory compliance risks Identify use cases that are inappropriate for this service delivery method, based on risk level and current controls Identify use cases that pose an acceptable level of risk for the service delivery method Choose and implement compensating controls before going fully operational What to Evaluate Privileged User Access When sensitive data is processed outside the enterprise, or by non-employees, it means that organizational managers are less immediately aware of the nature and level ofShow MoreRelatedSecure Data Access For Cloud Computing1229 Words   |  5 PagesSecure Data Access in Cloud Computing Author: Sunil Sanka, Chittaranjan Hota, Muttukrishnan Rajarajan, Computer Science and Information Systems Group, Birla Institute of Technology and Science-Pilani Published in IEEE Explore,2010 Student details: 11CO19 Asmita Gupta guptaasmita.ag@gmail.com 11CO35 Gaurangi Saxena saxenagaurangi94@gmail.com Abstract Cloud computing [1][2] is an evolving computing paradigm in which resources of the computing infrastructure are providedRead MoreCloud Computing Case Study1423 Words   |  6 PagesCloud computing is a computing model which is widely applied and is one of the most recent terms in the computing industry. The cloud allows for outsourcing of computing infrastructures for storing data and applications of which are remotely accessible by a server. Cloud computing can be referred to network-based hosting of programs in a way that users are not expected to update software/hardware or purchase updated versions. Clouds allow on-demand delivery of software, hardware and data servicesRead MoreResearch On Cloud Computing Risks And Risk Assessment Frameworks1296 Words   |  6 Pages Contents 1. Abstract 1 2. Introduction 1 3. Team structure work experience 2 3.1. Project #1: Data crunching using tableau 3 3.2. Project #2: Research on cloud computing risks and risk assessment frameworks 4 4. Learnings conclusion 7 1. Abstract This report describes the activities and tasks carried out during a 10 - week, full-time internship at the American International Group (AIG). The document contains information about AIG and the responsibilities performedRead MoreCloud Computing : Cloud Service Provider Security1520 Words   |  7 PagesCloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top securityRead MoreCloud Computing Security1256 Words   |  5 PagesCloud computing security or, more simply, cloud security is an evolving sub-domain of computer security, network security, and, more broadly, information security. It refers to a broad set of policies, technologies, and controls deployed to protect data, applications, and the associated infrastructure of cloud computing. Cloud security is not to be confused with security software offerings that are cloud-based such as security as a service. Issues in Security of Cloud Organizations use the CloudRead MoreCloud Computing Security : Context Essay1504 Words   |  7 PagesCloud Computing Security Context Everyone has an opinion on what is cloud computing. It can be the ability to rent a server or a thousand servers. It can be the ability to rent a virtual server, load software on it, turn it on and off at will. It can be storing and securing large amounts of data that is accessible only by authorized applications and users. Cloud computing can be the ability to use applications on the Internet that store and protect data while providing a service anything includingRead MoreThe Banking Industry And Cloud Computing Essay1701 Words   |  7 PagesBanking Industry and Cloud Computing Banks are facing increased pressure to streamline their current processes and trim operating costs, while also responding to more demanding, digitally connected customers (Adams, 2012). Many banks are even looking at new technologies and IT delivery models such as cloud computing to help address these issues. Banks have many reasons to like the cloud, such as cost efficiency, standardization and consistency (Dragon, 2013). Banks are embracing the cloud more and moreRead MoreHow Does A Cloud Service Is A Viable Option For Their Network Infrastructure1200 Words   |  5 Pageswith any external governmental laws and regulations that may be applicable to the organization s operations, so long as they do not conflict with U.S. law. Before an organization determines whether a cloud service is a viable option for their network infrastructure, they must analyze the below requirements in order to determine the impact on confidentiality, integrity, and availability of data and information on the current network. They must also examine the future auditing procedures that willRead MoreInformation Analysis And Systems Sep 20141184 Words   |  5 PagesGREG CRANITCH Disaster Recovery ACCT71-601 Information Analysis and Systems Sep 2014 JIANI HE 13221506 Table of Contents Introduction 3 Disaster Recovery 3 Cloud Services 4 Models 4 Public Cloud 4 Private Cloud 4 Community Cloud 4 Onsite backup and cloud resources 5 Threats and measures 5 Recommendations 5 Conclusion 5 References 5 â€Æ' Introduction It is not hard to see the rapid growth of computer technology and the common usage on internet services across different industriesRead MoreCloud Computing : A Modern Day Technological Innovation1621 Words   |  7 Pagesthreats to data security, many organizations seek alternative ways to safeguard highly confidential information (financial and non-financial) – apart from the regular backing up facilities available. With the introduction of cloud computing, the organizations were given an additional option to store all their complex information, behind the safe guards of this information system. This report aims to throw light on the transition of companies from traditional information systems to cloud based ones along