1. Identify data security and privacy risks of adopting cloud computing
2. Write an abstract of cloud computing
3. Administer survey
4. Write analysis of the survey and other related survey
5. Describe the future of cloud computing
6. Conclusion
7. Recommendation
Tuesday, April 27, 2010
RECOMMENDATIONS
There is no doubt that cloud computing is the new era of computing technology which will create a disruption within the IT community. However, before adopting the cloud it is very important to
1. Streamline and identify the asset for the cloud deployment. This will allow you to make the decision if all of your data and application are to be deployed in the cloud or part.
2. Assurance from providers should also be considered when adopting the cloud. Customer should also examine the provider’s security policy before migrating into the cloud.
3. Providers should implement some form of mechanism that will prevent malicious access to such information to modify, use, or delete such data. Since providers have ultimate control of this data they should be strict enough to prevent all this for happening. Providers must enforce sufficient protection to prevent unauthorized access and manipulation or destruction of data.
4. legal recommendation should also be considered
5. It is also important to do some research on the cloud provider before migrating to the cloud
1. Streamline and identify the asset for the cloud deployment. This will allow you to make the decision if all of your data and application are to be deployed in the cloud or part.
2. Assurance from providers should also be considered when adopting the cloud. Customer should also examine the provider’s security policy before migrating into the cloud.
3. Providers should implement some form of mechanism that will prevent malicious access to such information to modify, use, or delete such data. Since providers have ultimate control of this data they should be strict enough to prevent all this for happening. Providers must enforce sufficient protection to prevent unauthorized access and manipulation or destruction of data.
4. legal recommendation should also be considered
5. It is also important to do some research on the cloud provider before migrating to the cloud
CONCLUSION
As mentioned earlier on, cloud computing have a potential to create a disruption in deployment of application and technology use in general. Cloud computing is the evolution of a variety of technologies that have come together to alter an organization’s approach to building out an IT infrastructure. The shift in this platform allow businesses and IT professional to deploy cheap, better and secure application through the internet without necessarily installing any applications on your physical PC. Adoption of cloud computing brings business agility, scalability of service, reduce cost, increase innovation and overall provide flexibility to business applications. Expert believe that, while cloud computing popularity and benefits continue to grow, recent survey shows that many business owners are gradually becoming skeptical of security issues especially with data security, privacy and integrity in the cloud. For instance in a survey conducted about data security and privacy in the cloud, it was discovered that the risk of cloud computing far out weigh its benefit for so many reason. It is true that there plenty of security question unanswered regarding cloud security within the cloud, however the publicity and the benefit it brings to business is unavoidable. Cloud application and infrastructure have finally caught the attention both the private and the public sector.
In summary, I can emphatically say that even though cloud computing have serious concerns in terms of security it is the next generation of technology to deploy application. It is cheap, affordable, flexible, scalable and accessible.
In summary, I can emphatically say that even though cloud computing have serious concerns in terms of security it is the next generation of technology to deploy application. It is cheap, affordable, flexible, scalable and accessible.
THE IMPACT OF CLOUD COMPUTING ON THE ROLE OF CORPORATE IT
Cloud computing could be defined as a disruptive technology which will bring both opportunity and crises depending on the business model and process of such individual or organization. Disruptive technology is a technological innovation which its existence displace exiting technology or intrduce some modification into an existing technology. It is not uncommon for companies to experience a brief fall in fortunes after the initial introduction of a disruptive technology. With the introduction of cloud computing, corporate IT role will be significantly affected, since the degree of change will affect IT governance and management.
The driving force of this technology dwells on the following:
1. cost reduction
2. flexibility
3. agility
4. innovation and
5. scalability
Cloud computing by far is cheaper. Majority of the IT department budget goes to infrastructural maintenance, application, and software upgrade. Initial migration of cloud will increase cost overtime, but being a disruptive technology, the innovation it bring will eliminate cost of upgrading existing servers, and infrastructural purchase. Companies which take advantage of this platform will position itself to compete with the big boys.
Not only this, the adoption of cloud will bring flexibility to business applications. Since cloud computing deliver applications, operating systems, servers and other software online flexibility of usage become more feasible. Braking away from in house software to online software create a strategic opportunity without necessary deepening your budget. The pay per use allows application to be delivered quickly without necessarily owning the application. It is for this reason that expert having predicted a sharp increase in the adoption of cloud.
There is no doubt about the cost effectiveness of cloud computing. However, security standard have not yet come to grips with the cloud platform. Data protection poses concern in the cloud. In some cases, it is difficult for customer to check on effectiveness of data handling practices of the cloud provider. This problem is even compounded when data is transferred in a federated cloud. Furthermore, since malicious employees and outsiders are constantly on their toes to break into system and still value information, it is important to have adequate security measures to secure data and privacy of information.
For cloud computing to achieve its full potential, it must also offer solid security policy to protect confidential data to ensure integrity.
Reference:
http://www.microsoft.com/presspass/features/2009/apr09/04-28cloudcomputingbenefits.mspx
http://www.sun.com/featured-articles/CloudComputing.pdf
The driving force of this technology dwells on the following:
1. cost reduction
2. flexibility
3. agility
4. innovation and
5. scalability
Cloud computing by far is cheaper. Majority of the IT department budget goes to infrastructural maintenance, application, and software upgrade. Initial migration of cloud will increase cost overtime, but being a disruptive technology, the innovation it bring will eliminate cost of upgrading existing servers, and infrastructural purchase. Companies which take advantage of this platform will position itself to compete with the big boys.
Not only this, the adoption of cloud will bring flexibility to business applications. Since cloud computing deliver applications, operating systems, servers and other software online flexibility of usage become more feasible. Braking away from in house software to online software create a strategic opportunity without necessary deepening your budget. The pay per use allows application to be delivered quickly without necessarily owning the application. It is for this reason that expert having predicted a sharp increase in the adoption of cloud.
There is no doubt about the cost effectiveness of cloud computing. However, security standard have not yet come to grips with the cloud platform. Data protection poses concern in the cloud. In some cases, it is difficult for customer to check on effectiveness of data handling practices of the cloud provider. This problem is even compounded when data is transferred in a federated cloud. Furthermore, since malicious employees and outsiders are constantly on their toes to break into system and still value information, it is important to have adequate security measures to secure data and privacy of information.
For cloud computing to achieve its full potential, it must also offer solid security policy to protect confidential data to ensure integrity.
Reference:
http://www.microsoft.com/presspass/features/2009/apr09/04-28cloudcomputingbenefits.mspx
http://www.sun.com/featured-articles/CloudComputing.pdf
ANALYSIS OF THE DATA
Businesses of today have increased their investment in information security for the fact that critical business system have moved into an increasingly volatile environment. As organizations embrace new technology such as cloud computing, confidentiality of data gradually found itself in a very risky environment as well. The deployment of applications through the internet is the latest platform which has attracted a lot more concern by privacy advocate and IT communities as a whole. In an every organization, all application and system infrastructure are deployed and manage by IT department. Access to the network systems and applications are secured through network security, and controlled by using education, software and physical control to prevent intrusion from the outside world. This system is more secured and takes into consideration standard and procedures in deploying and maintaining the infrastructure. Secondly, access to data, security of data, and privacy of data are all controlled by the IT staff.
However, the adoption of the cloud moves the control of data, network, infrastructure and physical architecture from the hands of the IT department to a vendor. That is data control, network, system security and applications are all controlled and managed by the cloud vendor or provider. One major challenge of transferring this data in the hands of a third party is will result in compliance issue.
Compliance is one of the major concern about cloud computing. Whilst other countries are much into compliance some countries do not comply and protect data the way it should be.
Broad spectrum of IT executive understands the issue of cloud and security in general, but the most pressing issue which is beyond the hands of the providers is data privacy and security. This issue is usually ignored for some reason. In spite of all these, firms and businesses have paid little attention to privacy and security and concentrating on cost reduction, innovation agility scalability and flexibility of the cloud environment. For business owners to achieve this in the long run there should be adequate mechanism in place to curtail this problem.
Reference:
1. Harold F Tipton, CISS, and Micki Krause, CISSP: Information Security Management Hand Book; Sixth Edition.
2. George Reese: Cloud Application Architectures; pp133
However, the adoption of the cloud moves the control of data, network, infrastructure and physical architecture from the hands of the IT department to a vendor. That is data control, network, system security and applications are all controlled and managed by the cloud vendor or provider. One major challenge of transferring this data in the hands of a third party is will result in compliance issue.
Compliance is one of the major concern about cloud computing. Whilst other countries are much into compliance some countries do not comply and protect data the way it should be.
Broad spectrum of IT executive understands the issue of cloud and security in general, but the most pressing issue which is beyond the hands of the providers is data privacy and security. This issue is usually ignored for some reason. In spite of all these, firms and businesses have paid little attention to privacy and security and concentrating on cost reduction, innovation agility scalability and flexibility of the cloud environment. For business owners to achieve this in the long run there should be adequate mechanism in place to curtail this problem.
Reference:
1. Harold F Tipton, CISS, and Micki Krause, CISSP: Information Security Management Hand Book; Sixth Edition.
2. George Reese: Cloud Application Architectures; pp133
RESEARCH FINDINGS
The key to strengthening the effectiveness of information security program lies in education, flexibility, fairness and monitoring. The survey indicated respondent or business owners knows data security and privacy risks of adopting cloud computing and the same time, they are under enormous pressure to reduce overhead cost of IT infrastructure and to streamline business operations. The survey findings show the following:
1. Majority of the IT professional believe the adoption of cloud computing bring business innovation, flexibility, agility and reduce cost. However, on the ratio of 6:4 believe there will be lack of compliance in the cloud.
2. Research also shows that 60% of IT professional know data security vulnerabilities on the cloud and could be devastating. The vast majority argue that, providers are not doing enough to curtail data integrity and security. Half of the people I spoke with indicated that, data can be inadvertently being exposed to unauthorized party regardless of which provider you choose. (SAAS or IAAS). This is as a result of shared infrastructure in the cloud.
3. 55% of the respondents are unwilling to adopt cloud application due to security threats and loss of control of company system and data.
4. 8 out of 10 people believe the internal IT system are too expensive, however, they are a bit skeptical about compliance in the cloud. Whilst in the United States of America, there are rule that govern data standard and procedure, the same does not apply to other jurisdiction such as China. Since cloud data centers are scattered around different geographical location and services are shared by different companies, it is real that data could be compromised without following procedural standards.
These findings indicates that, businesses are far more interested with the cloud platform but the fear of security breach is what keep them thinking everyday. It is obvious that the interest in the cloud is constantly growing; however, the security vulnerability on the cloud far out weighed its benefits at least for now.
Reference:
Harold F Tipton, CISSP. Micki Krause, CISSP: Information Security Management Hand Book; Sixth Edition.
http://avanade.dk/_uploaded/pdf/avanadethoughtleadershipcloudsurveyexecutivesummary833173.pdf
1. Majority of the IT professional believe the adoption of cloud computing bring business innovation, flexibility, agility and reduce cost. However, on the ratio of 6:4 believe there will be lack of compliance in the cloud.
2. Research also shows that 60% of IT professional know data security vulnerabilities on the cloud and could be devastating. The vast majority argue that, providers are not doing enough to curtail data integrity and security. Half of the people I spoke with indicated that, data can be inadvertently being exposed to unauthorized party regardless of which provider you choose. (SAAS or IAAS). This is as a result of shared infrastructure in the cloud.
3. 55% of the respondents are unwilling to adopt cloud application due to security threats and loss of control of company system and data.
4. 8 out of 10 people believe the internal IT system are too expensive, however, they are a bit skeptical about compliance in the cloud. Whilst in the United States of America, there are rule that govern data standard and procedure, the same does not apply to other jurisdiction such as China. Since cloud data centers are scattered around different geographical location and services are shared by different companies, it is real that data could be compromised without following procedural standards.
These findings indicates that, businesses are far more interested with the cloud platform but the fear of security breach is what keep them thinking everyday. It is obvious that the interest in the cloud is constantly growing; however, the security vulnerability on the cloud far out weighed its benefits at least for now.
Reference:
Harold F Tipton, CISSP. Micki Krause, CISSP: Information Security Management Hand Book; Sixth Edition.
http://avanade.dk/_uploaded/pdf/avanadethoughtleadershipcloudsurveyexecutivesummary833173.pdf
KEY RESEARCH QUESTION
“The rise of the cloud is more than just another platform shift that gets geeks excited. It will undoubtedly transform the information technology industry, but it will also profoundly change the way people work and companies operate” (Economist, 2008). However there are serious concerns about cloud security, but its popularity is growing every day. Skeptics argue that business owners are still in love with cloud despite warnings of security for the following reasons:
1. It reduces overhead cost of maintaining in house IT infrastructure,
2. Business agility
3. Flexibility and,
4. Innovation.
However, there are a growing number of concerns within the IT sector and business environment about the impact of cloud computing on privacy, data security and data integrity. That is, the question that is constantly as is how would cloud computing affect privacy, and data security. The main problem is that, deploying your applications on the cloud allows the vendor to have total control of your sensitive data. Dependence on any outside party is one of the troubles of Cloud Computing, irrespective of the providers. Since there are different law that governs privacy and data in different jurisdictions, it is very prudent to examine the impact of cloud computing on data security, privacy and confidentiality. That is how does cloud computing affect data security and privacy.
REFERENCES:
http://www.reuters.com/article/idUS125115292920100402
http://advice.cio.com/dominique_levin/security_in_the_cloud
http://www.hubspan.com/cloud-security/cloud-security-basics-disaster-recovery-and-audit-capabilities
1. It reduces overhead cost of maintaining in house IT infrastructure,
2. Business agility
3. Flexibility and,
4. Innovation.
However, there are a growing number of concerns within the IT sector and business environment about the impact of cloud computing on privacy, data security and data integrity. That is, the question that is constantly as is how would cloud computing affect privacy, and data security. The main problem is that, deploying your applications on the cloud allows the vendor to have total control of your sensitive data. Dependence on any outside party is one of the troubles of Cloud Computing, irrespective of the providers. Since there are different law that governs privacy and data in different jurisdictions, it is very prudent to examine the impact of cloud computing on data security, privacy and confidentiality. That is how does cloud computing affect data security and privacy.
REFERENCES:
http://www.reuters.com/article/idUS125115292920100402
http://advice.cio.com/dominique_levin/security_in_the_cloud
http://www.hubspan.com/cloud-security/cloud-security-basics-disaster-recovery-and-audit-capabilities
Subscribe to:
Posts (Atom)