Cloud Computing (CC) is most used terminology in information and communication technology (ICT) in modern years. CC provides revolutionary paradigm of creating new business virtually with accessibility whenever and whatever place. CC utilizes exciting ICT inventions such as virtualized computing, internet and distributed computing, to provide powerfully integrated system. Goggle, Microsoft, IBM and AMAZON are some supplier of (CC) in the ICT business. According to Siclovan (2012), cloud computing is known as an ability to access resources (such as database and application) world widely through network with least time. Infrastructure as a service (IaaS), Platform as a service (PaaS) and Software as a service (SaaS) are the three classification of CC with regard to services. CC is also classified into three parts with regard to users: private CC (enterprise users), public CC (general users) and Hybrid CC (both public and private users). Many products of CC have been used by normal users such as Facebook, Dropbox and SkyDrive. There are some products also created for enterprises such as virtual storage, virtual operating system and SharePoint (email service). However, despite some limitations, cloud computing has great potentials as future framework for enterprise since it offers significant benefits to business owner. Cost saving, availability and flexibility are the main benefits of CC to enterprises but security requires to be guaranteed.
To begin with, enterprises ICT may consider cost saving as a huge benefit of CC. An enterprise depends on classic model of ICT , has many expenses such as of power consuming, hardware, software, maintenance , IT staffs and others; nevertheless, CC providers can supply ICT systems and appl...
... middle of paper ...
... responsible of CC security. In fact the same security issues may be found on traditional ICT also.
To sum up, the cloud computing has promised to be the future framework for enterprise ICT due the significant benefits offered, but there some limitation either. Cost saving, availability and flexibility are some of makeable benefits. Cost saving can be gained with regard to power saving, infrastructure and operations. CC offer flexible services with variety customized packed and with ability to upgrade, downgrade and quit. CC is designed to provide services with availability and accessibility without restriction of time of place. However, security is main issues to enterprise but responsibility is shared among CC provider, enterprise and third party. Some research indicates that by using private CC and applying some polices, this issue can be eliminated.
The use of cybersecurity policies within CSN is to provide security of the divisions assets. The written policies provide guidance on implementation, through references to applicable standards and statements of best practices (Booz Allen Hamilton, 2012). As stated by Control Data Corporation, there is no asset which can be 100% secure; network security is often times focused on strategic prevention or reactive procedures, rather than examination of the security policy and maintaining the operation of it (1999). Therefore analysis indicates that numerous breaches are often due to reoccurring weaknesses in the policy. “Even the most reliable, state-of-the-art technologies can be undermined or rendered ineffective by poor decisions, or by weak operational practices” (Control Data Corporation, 1999, p. 3).
As its core essences cloud computing is nothing but a specialized form of grid computing and distributing computing’s which various in terms of infrastructure , deployment, service and Geographic’s dispersion (Veeramachanenin, Sepetember 2015) the cloud enhance scalability, collaboration, availability , ability to adapt to fluctuation according to demand accelerate development work and provide optional for cost reduction and through efficient and optimized computing. (BH kawljeet, June 2015) cloud computing (CC) recently become as a new paradigm for the delivery and hosting of services our the internet. There are mainly three service delivery model Software as Service (SaaS) required software, operating system and network is provided or we can say in SaaS the customer can access the hosted software instead of installing it in local computer and the user can access these software through local computer internet browser (e.g web enabled E-mail ) the user only pay and the cloud service provider is responsible for management or control of mobile cloud infrastructure some of the company which provide such service are Google, Microsoft , Salesforce ,Facebook, etc…..Infrastructure as Service(IaaS)the cloud provider only provide some hardware resources such as network and virtualization is
It is best to prevent security incidents from occurring in the first place – therefore prevention should be a top priority for the IT staff at CEG. The National Institute of Standards and Technology (NIST) recommends five main categories of incident prevention; risk assessments, host security, network security, malware prevention, and user awareness training (Cichonski P., Grance T., Millar T., & Scarfone K., 2012 p.24). Risks of the various types of possible security incidents should be identified and prioritized based on likelihood and potential harm. Risk assessment should be periodic and ongoing. Host security is achieved by hardening each host on the network. Host hardening includes keeping current on the latest software patches, enabling and monitoring audit logs, and assigning permissions based on a system of least privilege. Network security is primarily concerned with securing the perimeter of the network to prevent unauthorized intrusion. This includes the use of firewalls, intrusion detection systems (IDS), securing VPN, and blocking unnecessary ports. All hosts on the network must run and regularly update malware protection software. And all employees should...
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
Cloud Computing is an exciting concept because it can do much more than just executing and streaming your data from one place to another. It is successful through its flexibility to meet each company's needs. Cloud Computing is generally broken into three main categories b...
The points of weakness identified in the hack on TJX included lack of encryption in processing, vulnerability to wireless attacks, vulnerable USB ports, lack of processing logs, weak compliance practices, and auditing failures. In order to minimize its risk to a hack, TJX should have followed the COBIT or COSO frameworks for cyber security. Both frameworks outline how to plan and organize company values, assess the risk, implement control activities, and maintain and monitor its system to make sure the company’s IT system is as secure as possible. Either framework would have identified the weakness TJX faced when leaving credit card information unencrypted for a time as well as storing unencrypted information. If credit cards could not be processed
With Cloud Computing continue to gain popularity, client and user are showing sign of over reliance to it. Hence, it is important to know these concerns and the inherent risks associated with it. The underlying risks exist in the area of security and privacy are loss of control over data and dependency on the service providers. These can lead to many legal and security concerns related to access/account control, integrity control, risk management, infrastructures, standardisation, code of conduct, sustainability and service provider insolvencie...
This paper outlines some considerations addressing a number of control objectives that is needed when designing an effective security program. The COBIT framework will be utilized to provide control objectives in IT and “Ensure Systems Security”, that covers many of the areas outlined in this paper. The PCS Security Program will adopt a risk management approach to information security. This requires the identification and mitigation of vulnerabilities and threats that can adversely impact PCS information assets. This Information Security Program Charter serves as the high point document for the PCS Information Security Program.
c. The Unknown Cyber Criminals Bank Robbers – This case was involved of the stolen of millions of dollars cross-border payments which ensures the abusing some of the major banks in the world. It was discovered with the single stolen of $81 millions from the Bangladeshi bank via its SWIFT system. This resulted in the implementation and help which SWIFT was seeking from IT security experts (Paul,
The cloud computing is the practice that enables access to the shared pool of configurable computing resources which can be dynamically provisioned. It refers to both the applications delivered as service as well as hardware and system software in the data centres that provide those services. The attractive features of cloud computing such as on-demand access, high scalability, reliability, cost savings, low maintenance and energy efficiency bring benefits to both cloud service consumers and providers.
Cloud computing facilitates sharing of computing and storage resources with the aim of reducing computing expenses in organizations. Moreover, cloud computing facilitates information sharing among individuals within a cloud. Despite being advantageous, data stored in a cloud is usually prone to hacking and other security issues. This paper addresses the various mitigation measures that organizations are using to ensure that data stored in the cloud is secure.
When they wanted to save photos online instead of on your personal computer, they are able to use “cloud computing” service. Cloud computing means that the transfer of computing data or information over the internet. Not just to keep data in your personal computer, they are able to save the data on internet server to open their data in any computer. In this report we will walk through about what is cloud computing, what kinds of model did cloud computing have, types of cloud computing, benefits of cloud computing, and security.
Computers; they are a part of or in millions of homes; they are an intricate part of just about every if not all successful businesses, the government, and the military. Computers have become common place in today’s society and the lives of the people who live in it. They have crossed every national, racial, cultural, educational, and financial barrier, which consequently ushered in the information age. A computer is a programmable electronic device that can store, retrieve and process data, and they come in all shapes, and sizes. They can be used for and in just about anything. As stated before, they are used in just about every aspect of modern society. They are so fundamental to modern society that it would be disastrous to society without them. As stated before, there are many areas in modern society that are run by computers. They play an intricate part of millions of homes in the world. Office workers in business, government and the military may use them to write letters, keep rosters, create budgets, find information, manage projects, communicate with workers, and so on. They are used in education, medicine, music, law enforcement, and unfortunately crime. Because computers have become such a part of the world and how it operates, there is a tremendous responsibility for those who are in control of these computers and the vital information that they carry, to manage and protect them properly. This is management and protection is vital because any loss or damage could be disastrous for the affected entity. For example, a mistake or intentional alteration of a personal credit file could affect ones ability to buy a car or home, or can lead to legal actions against the affected person until the mistake or intentional alteration has been corrected. Therefore, with the advent of computers in the information age, and all of the intentional and unintentional violations against them, comes the need to safeguard them and the information they carry with strong systems and policies of computer security.
...logies for security, as well as business, must come the downfalls. Now begins high-tech crime and problems with Internet, Information Technology, and E-commerce Security as well.
In cloud computing, the word cloud is used as a metaphor for “the internet”. So the cloud computing means “a type of internet-based computing”, where different services such as servers, storage and applications are delivered to an organization’s computers and devices through the internet.