WEIGHING also referred to as the “cloud.”WEIGHING also referred to as the “cloud.”

WEIGHING THE RISKS OF CLOUD
COMPUTING

BY

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

NICHOLAS NAMNAMA

 

 

 

 

 

 

 

 

Computer Security

 

Nicholas Namnama

TABLE OF CONTENTS

INTRODUCTION…………………..………………………………………………………3
MODELS OF CLOUD
COMPUTING……….…………………………………………3

                        Public
cloud

                        Private
Cloud

                        Hybrid Cloud

                        Community
Cloud

III.      CLOUD
COMPUTING SERVICES……………………………………………………5

                        Infrastructure-as-a-Service

                        Platform-as-a-Service

                        Software-as-a-Service

IV.       POSITIVES OF
CLOUD COMPUTING………………………………………………6

V.        CHALLENGES,
RISKS, AND THREATS OF CLOUD COMPUTING………….…7

VI.       ANALYSIS AND
SOLUTIONs………………………………………………………….8

VII. CONCLUSION…………………………………………………………………………..8

VIII. REFERENCES……………………………………………………………………….…10

 

 

 

 

 

 

 

I.        INTRODUCTION

Cloud computing is a relatively new
form of technology that allows for users to access computer services over the
internet, also referred to as the “cloud.” With the introduction of cloud
computing to the world of Internet Connected Devices (ICTs) and the Internet of
Things (IoT), it has allowed people to supplement technology into everyday
tasks such as storing data on social media applications to saving passwords for
accounts. Besides using it every day, cloud computing is a marvelous technology
that allows for people from around the world to communicate, interact with each
other in real time, share information, and work on projects together if they
have connection to the internet. As stated cloud computing is versatile in its
uses and due to that it also has numerous infrastructure models and various
services. This allows for customers to have more options in services and
service provides for their cloud space and saves them precious cash and time. When
buying into this system a person also gives away their sole possession of
information on the cloud, which can pose massive security risks. (Dikaiakos, Katsaros,
Mehra, Pallis, Vakali, 2009; Wink, 2012)

This paper will explore the
different models of cloud computing, the various strategies that companies
provide customers, the positives, versatility of the cloud, and the numerous
risk of using the cloud infrastructure.

II.      MODELS
OF CLOUD COMPUTING

These cloud models define how a
cloud environment is utilized by categorizing the service by who has access to
the information on the specific cloud and how people can access it in various
ways.

Public Cloud

In general terms, this model is the
entire internet. In this model, what you see is what you get, everyone gets the
same service. This model is when an organization hosts and provides their
proprietary software that anyone can use, also known as Software-as-a-Service,
or SaaS for short. This model is insecure as the other models and should be
avoided when hosting sensitive data. (Frantsvog 2012; Singd, 2017)

Private
Cloud

This is when a company will have a
private cloud computing service for their personal use. This model can be locally
hosted or not and the model’s main goal is to keep everything on the cloud as
private as can be. One major drawback to the private cloud is that integrating
and optimizing one of these systems can be costly and is not realistically
attainable by smaller organizations. (Frantsvog 2012)

Community

            If an
organization wants to have a private cloud for their use and cannot afford one
a community cloud can be used. As is suggested, a community of people will come
together to purchase or rent a private cloud service. This gives extra
protection than a public cloud and almost the same protection as a private
cloud. The reason why it is almost as good is that more than one organization can
access the server.

Hybrid Cloud

            A hybrid
cloud uses a combination of all the cloud models and placed them under one
service. This model outsources the infrastructure, and some other functions
while allowing an organization to have control over their sensitive
information. Overall this model is internally operated while it is using off
site infrastructure, thus not having to rely on third parties to function. Also,
due to it using public infrastructure, tasks can be transferred to the public
part of the cloud when traffic is high. (Singd, 2017)

III.     CLOUD COMPUTING SERVICES

Cloud computing defines how a could services are operated,
and the services that they provide. These services are categorized how
infrastructure, software, and services are all combined together to form one
cohesive services for individuals to use.

Infrastructure-as-a-Service
(IaaS)

Infrastructure-as-a-Service is a
model that is used and managed on the internet. A user will purchase a hosting
service to a cloud service provider, and the provider will host the user’s
purchased applications, software, and other services while they maintain the
upkeep and the hardware. Thus, allowing for a company to outsource hardware,
storage, and networking while being able to control and pick the components.
This is optimized for users who do not wish to purchase the hardware, software,
and the upkeep of their services. This is where system admins rain supreme in
their services. (Frantsvog, 2012; Singd, 2017)

 Platform-as-a-Service (PaaS)

            Platform-as-a-Service is similar to
a IaaS but allows for a user to customize the workspace. This allows companies
to use enterprise software, use building blocks of software to build their own,
or fully customize their own. This system allows for people to reduce time that
it takes for them to code an application and reduces the cost of purchasing the
hardware. PaaS also enables people to work on the same project at the same time
due to it being a shared space. In general, when developers need space this is
where they will work. (Frantsvog, 2012)

Software-as-Service
(SaaS)

            Software-as-a-Service is the largest
and most used service out of the there. This service allows people to interact
with an internet based software that is managed and operated by a commercial
party. This organization provides everything for the hosting hardware,
firewalls, and storage and allows people not to worry about any of the
underlying infrastructures. The purpose of this service is to eliminate the
need for local software and interact with applications on the web. This
includes things such as E-Mail, applications such as Google Docs, Yahoo! Mail,
and Outlook. (Note: Outlook also provides a local client too.) the average
consumer will be utilizing this service the most. (Singd 2017)

IV.     POSITIVES
OF CLOUD COMPUTING

            As stated
numerous time prior in the paper, cloud computing has a wide array of
positives. Being able to purchase services rather than the hardware and
software diminishes the barrier between large corporation’s information
technology and small organizations, allowing them to be more competitive in the
marketplace.  Using a cloud service
provider allows the clients not to have to worry about managing the
infrastructure either, and they don’t have to actively update and patch their
equipment, allowing them to save time and money. Having your own workspace on
the cloud allows people to work together on a project, or interact in general
in real time, enabling the company to grow at a faster rate due to more funds,
resources, and streamlined operations. Overall, purchasing these services allows
for companies and organization to get the most current software and services at
a fraction of a price rather than constantly upgrading their own.

            The
services of the cloud, and cloud computing, has allowed the world to grow at a
personal and enterprise scale. Could computing has an equally number of
downsides which some may see as a greater risk than the positives.

V.      CHALLENGES,
RISKS, AND THREATS OF CLOUD COMPUTING

            The first
problem is that there are various models, infrastructures, and cloud service
providers in the markets. Although competition is good when saving money for
the consumer, the variations pose a security risk. There are various service
providers that provide similar products and services, on different software and
hardware, for often varying prices. When dealing with so much different
hardware and software combinations, it often becomes a hassle, so companies
will limit their options of service so finding the beast kit for the consumer
is a little complex because no one knows what they need at the start of their
purchase. Although it easy to obtain more storage, it doesn’t make it cheap.
When purchasing cloud services consumers will often have to sign legal
agreements, whether Terms of Service or Service Level Agreements, which might
lock in a client for an extended period time. (Singd, 2017) The next issue is
what happens when a could service provider gets purchased by another company,
if a company changes ownership, if some hardware and software isn’t supported
anymore, and all the other little things that can happen. Although they might
not seem like much, little issues that rise in technology fueling a company’s
operations can cause a huge issue.

When a company uses their personal internal
system, they must purchase all the components of the cloud infrastructure and
upkeep the maintenance on the system compared to a cloud service where they
only must purchase the service. Although it may be cost saving for the
business, security may be a major issue. Once they put information on the cloud
they lose sole possession of the information. ((Dikaiakos, 2009) They must
trust that the service provider has enough security measures and systems in
place to keep their information secure like a high level proprietary system. The
company purchases a way that they must be dependent on another party for their
business operations. (Singd, 2017)

The biggest problem here is that
there are ever changing persistent threats in the cloud computing field. There
are many people in the world who are motivated to get into these systems,
disrupt the services, commit acts of fraud, steal information, extort the
companies whose information they stole, and sell the confidential data to
buyers.

VI.     ANALYSIS AND SOLOUTIONS

The only way to help limit these
risks, challenges, and treats of cloud computing it to combat the problems
before they arise. The first fix is something that the consumer has to do. A
consumer must perform an analysis of what they need, what they are protecting,
and what they are going to use the cloud space for. A consumer can then make an
educated purchase of services without being complete on the wrong side of a
contract.

The next solution to part of the
issue cannot be solved at the client level, it is something that cloud services
need to do to help secure clients information and their business operations. If
companies were to work together to actively share newly discovered threats on
systems then this will greatly improve security on the consumer level but also
the cloud service provider. This solution is refed to as information sharing,
and there has been a massive push lately in the government and the public to
work together and publish the information of the threats. (Johnson, Feldman,
White, 2017)

VI.     CONCLUSIONS

No matter how you look at it cloud computing is going to be
the new backbone of how organization run today. Being able to communicate
remotely if a person has an internet connection is undoubtedly worth the risks
at a certain level. As companies and organizations grow so does their
technological needs and their dependence. Which is why that the only way for an
organization to keep their information safe is for companies that host the
cloud services to be constantly upgrading them could security, and to improve
that at a better rate if for service providers to actively be looking for
vulnerabilities and then publishing that information.

           

 

 

 

 

 

REFERENCES

Beaty, Donald l, and Fellow Ashrae. “Cloud Computing
101.” Ashrae.org, Ashrae Journal, Oct. 2013.

Dikaiakos, M. D., Katsaros, D., Mehra, P., Pallis, G., &
Vakali, A. (2009). Cloud Computing: Distributed Internet Computing for IT and
Scientific Research. IEEE Internet Computing, 13(5),
10-13. doi:10.1109/mic.2009.103

Frantsvog,
Dean, et al. “Cloud Computing.” International Journal of Management
& Information Systems (IJMIS), vol. 16, no. 4, 2012, p. 317

Johnson, C., Feldman, L., & White, G. (2017, May). Cyber-threat intelligence and Information sharing.
Retrieved from
https://csrc.nist.gov/csrc/media/publications/shared/documents/itl-bulletin/itlbul2017-05.pdf

Mathkunti, Nivedita M. “Cloud Computing: Security
Issues.” International Journal of Computer and Communication
Engineering, vol. 3, no. 4, 2014, pp. 259–263.,

Singh, Sachin Kumar, and Devendra Kumar Singh. “Cloud
Computing: Security Issues. “International Journal of Advances in
Engineering & Technology, vol. 10, no. 3, June 2017, pp. 338–343.

Wink, D. M. (2012). Cloud Computing. Nurse Educator, 37(1),
3-5. doi:10.1097/nne.0b013e3182383371