Question

1. Explain the important areas that need to be considered for a migration of web or mail services to the cloud. Why are these areas important?

2. The cloud computing model can lead to privacy compliance concerns. Provide examples of these concerns, and an analysis of the types of actions that you might take to mitigate these concerns.


5. What cloud computing best practices would you propose adopting? Why?

Answer 1

1.

Reduced Cost

Switching to cloud helps companies lower their capital expenses, as they no longer need to

spend on hardware or the teams to maintain it. Additionally, in a cloud model you pay for

resources only when they are used, allowing you to save money during periods of low usage.

Higher Flexibility and Scalability
Gaining operational agility is one of the top reasons to adopt a cloud-based system. The potential
to easily scale capacity up or down on remote servers makes a cloud system the perfect choice
for companies with fluctuating bandwidth demands.

Enhanced Security
Cloud offers enhanced security against data theft and hacking. When data is stored off-site,
employees and visitors are physically separated from accessing it. Furthermore, Cloud service
providers monitor data 24/7 to protect it from threats and undergo thorough yearly audits,
providing more protection than what would be feasible for an on-site solution.

Better Disaster Recovery

A virtual, cloud-based server is completely hardware independent, meaning that all programs,

apps, patches and data are safely backed up. In the event of a disaster, all of that data can be

spun up onto a new system in a matter of minutes without losing any functionality.

Better Customer Reach

Migrating applications to the cloud enables organizations to reach more customers and expand

their geographical presence. Easy integration with social and mobile platforms help them reach

more people through different channels anytime and anywhere.

Increased Collaboration

A cloud system makes collaboration easy. Team members and colleagues can use collaborative

spaces to connect effortlessly, irrespective of their geographic location. They can share

information and work closely and securely across a cloud-based platform, improving employee

engagement.

Faster Time-to-Market
Moving to the cloud leads to faster time-to-market, whether you’re launching a new product,
reaching new markets, or making the most of deployed infrastructure. Having on-demand access
to computing power means faster

2..

Cloud Computing Models
There are three basic models introduced by cloud computing SAAS,
IAAS, and PAAS, SAAS stands for software as a service, IAAS stands for
infrastructure as a service and PAAS stands for platform as a service

Cloud Security Issues
There are many security issues in clouds as they provide hardware
and services over the internet [8].
Data breaches
Cloud providers are the attractive target for the hackers to attack
as massive data stored on the clouds. How much severe the attack is
depend upon the confidentiality of the data which will be exposed. The
information exposed may be financial or other will be important the
damage will be severe if the exposed information is personal related
to health information, trade secrets and intellectual property of a
person of an organization. This will produce a severe damage. When
data breached happened companies will be fined some lawsuits may
also occur against these companies and criminal charges also. Break
examinations and client warnings can pile on critical expenses.
Aberrant impacts, for example, mark harm and loss of business, can
affect associations for a considerable length of time. Cloud suppliers
commonly convey security controls to ensure their surroundings, in
any case, associations are in charge of ensuring their own information
in the cloud. The CSA has suggested associations utilize multifaceted
confirmation and encryption to ensure against information ruptures
[9].
Network security
Security data will be taken from enterprise in Saas and processes
and stored by the Saas provides. To avoid the leakage of the confidential
information Data all over the internet must be secured. Strong network
traffic encryption will be involved to secure the network for traffic.
Data locality
Consumer’s uses Saas applications in the Saas environment
provided them by the Saas providers and also processing of their data.
In this case users or clients of clouds are unaware of the fact that where
their data is getting stored. Data locality is much important in May of
the countries laws and policies regarding the locality of data are strict.
Data access
Data on clouds must be accessible from anywhere anytime and
from any system. Cloud storages have some issues regarding the access
of the data from any device [10]. Information breaks and different sorts
of assaults flourish in situations with poor client verification and frail
passwords. Take a gander at the genuine assault on Sony that happened
only a few years back. They are as yet feeling the budgetary and social
impacts of the hack, which to a great extent succeeded on account of
administrators utilizing feeble passwords. The cloud is a particularly
appealing target since it exhibits a concentrated information store
containing high-esteem information and brought together client get
to. Utilize enter administration frameworks in your cloud condition,
and be sure that the encryption keys can't without much of a stretch be
discovered on the web. Require solid passwords and place teeth in the
prerequisite via consequently turning passwords and different methods
for client ID. To wrap things up, utilize multi-figure validation.
DoS attacks
One cannot stop the denial of service attacks because it is not
possible one can mitigate the effect of these attacks but cannot stop these
attacks. DoS assaults overpower resources of a cloud service so clients
can't get to information or applications. Politically roused assaults get
the front features, however programmers are similarly prone to dispatch
DoS assaults for pernicious goal including extortion. What's more,
when the DoS assault happens in a distributed computing condition,
process burn charges experience the rooftop. The cloud supplier ought
to invert the charges, yet consulting over what was an assault and what
wasn't will take extra time and irritation. Most cloud suppliers are set
up to deny DoS assaults, which takes consistent observing and moment
alleviation.
System vulnerabilities
Vulnerabilities of the system are exploitable program bugs in
the OS that programmers intentionally use to control or invade a
PC framework. Fortunately, essential IT cleanliness goes far towards
shielding you from this sort of genuine assault. Since machines exist
in your cloud supplier's server farms, be sure that your supplier hones
normal weakness examining alongside convenient security fixes and
overhauls.

Account hijacking

You may have seen an email that looks true legitimate. You tap on

a connection, and soon thereafter sirens blast and cautioning lights

streak as your antivirus program goes to fight. Or, then again you may

have been genuinely unfortunate and had no clue that you were recently

the casualty of a phishing assault. At the point when a client picks a

powerless secret key, or taps on a connection in a phishing endeavor,

they are at genuine danger of turning into the channel for genuine risk

to information. Cloud-based records are no special case. Foundation

solid two variable validation and computerize solid passwords and

watchword cycling to help secure yourself against this sort of digital

assault.

Malicious insiders

Most information loss or harm happening inside an association is

human mistake. noxious insiders do exist and they do much of harm.

A malicious insider may be a present or previous worker, contractual

worker, or accomplice who has the accreditations to get to organization

information and intentionally uses, takes, or harms that information.

Resistance fixates on secure procedures, for example, solid get to

control, and always screen forms and explore activities that lie outside

the limits of adequate capacities.

The APT parasite

Additionally called APTs, programmers plan these long term

cyber-attacks to give them continuous access into a system. Cases of

section focuses incorporate phishing, introducing assault codes by

means of USB gadgets, and interruption by means of unreliable system

get to focuses. Once in, the interruption shows up as ordinary system

movement and the aggressors are allowed to act. Mindful clients and

solid get to controls are the lines of best safeguard against this kind of

assault.

Permanent data loss

Any information destruction or loss can be a permanent harm to

the business. Cloud information is liable to an indistinguishable dangers

from is on premise information: unintentional cancellation by clients

or staff of providers, natural loss or damage, or psychological militant

assault. It is the cloud supplier's obligation to make preparations for

human mistake and to fabricate strong physical server farms. In any

case, IT should likewise secure against cloud information misfortune by

setting up SLAs that incorporate incessant and obvious reinforcement

to remote locales, and encoding records in the event of inadvertent

information introduction [11].

Shared technology, shared dangers

Cloud suppliers allow administrations to thousands to a huge

number of occupants. Administrations run from cloud reinforcement

to whole framework, stage, and applications as an administration.

The supplier ought to plan their engineering for solid separation in

multitenant designs: a fruitful assault on one client is sufficiently

terrible. A multitenant assault that spreads from one client to thousands

is a debacle. When you take a gander at cloud supplier and multitenant

administrations, ensure that they have executed multifaceted validation

on all server has and work present day interruption location frameworks.

Compromised credentials and broken authentication

Many cloud applications are equipped towards client collaboration,

however free programming trials and join openings open cloud

administrations to pernicious clients. A few genuine assault sorts

can ride in on a download or sign in: DoS assaults, email spam,

computerized click extortion, and pilfered substance are only a couple

of them. Your cloud supplier is in charge of solid episode reaction

structures to distinguish and remediate this wellspring of assault. IT

is in charge of checking the quality of that structure and for observing

their own cloud condition for manhandle of resources.

Hacked interfaces and APIs

APIs and UIs are the backbone of cloud computing connections and

integration amongst clients and distributed computing. Cloud APIs'

IP addresses uncover the association amongst clients and the cloud,

so securing APIs from irruption or human mistake is basic to cloud

security. Work with your cloud supplier and application merchants to

construct information streams that don't open APIs to simple assault.

Put resources into applications that model dangers in a live situation,

and practice visit entrance testing.

Solution to Security Issues

There are many security issues in the security of cloud computing

which are need to be resolved in order to make clouds more secure to

check the security of a cloud the following areas must be consulted with

the cloud service providers.

Written security policies plan

If the cloud service providers have a written security plan of policies

then the security of the data will be guaranteed, if the cloud service

provider do not have a security policies written plan then the cloud

is not safe and security of the data cannot be guaranteed as they do

not have a written plan of security policies. This means that their data

security program development. Organizations that have not formalized

their security strategies cannot be trusted with your touchy corporate/

client information. Strategies shape the system and establishment and

without security is just an idea in retrospect

Multifactor authentication

If the cloud providers provide the multifactor authentication for

example one time password and mobile [3] code then the security of

the data will be more tight as it will be protected by multi factors. If

someone try to unlock the data through password one time wrong

password will be sent to the data owner at his or her mobile so that he

can authenticate the login to the data [12]. Multifactor authentication

make the level of protection of data more high.

Access to data

Data of enterprise must be accessed and seen by the administration

not by the users. This access will provide the enhance security to the data

over the cloud. Many cloud applications are equipped towards client

collaboration, however free programming trials and join openings

open cloud administrations to pernicious clients. A few genuine assault

sorts can ride in on a download or sign in DoS attacks, email spam,

computerized click extortion, and pilfered substance are only a couple

of them. Your cloud supplier is in charge of solid episode reaction

structures to distinguish and remediate this wellspring of assault. IT

is in charge of checking the quality of that structure and for observing

their own cloud condition for manhandle of resources.

Appropriate cloud model for business

Appropriate cloud model for business will be private cloud. Private

cloud are more costly than public clouds but more secure. As they

are costly they are more secure. Private clouds are only used by only

one organization and security level is higher than the public cloud. As

business contains confidential information and financial transactions

and business secrets more security is needed hence private clouds are

safer than public clouds.

3....

Self-service on demand
A customer can independently arrangement, figuring limits, for
instance, server time and framework or system stockpiling, as required
therefore without requiring human coordinated effort with every
master association.
Pooling of resources
The supplier's processing assets are pooled to serve different
customers using, a multi occupant demonstrate with different physical
and virtual assets effectively doled out and reassigned by shopper ask.
There is a sentiment territory self-rule in that the customer generally
has no control or data over the right region of the given assets yet may
have the ability to decide region at a more hoisted measure of thought.
Instances of benefits consolidate stockpiling, taking care of, memory
and framework transmission limit.
Broad network access
Capacities are available over the structure and access to through
standard methodology or instrument that actuate use by heterogeneous
thin or thick client stages (e.g., cell phones, tablets, adaptable PCs and
workstations) (Figure 1).
Rapid elasticity
Capacities can be adaptably provisioned, and discharged some of
the time consequently, relative rapidly outward and inside comparable
with demand. For the customer, the capacities available for provisioning
much of the time radiate an impression of being limitless and can be
appropriated in any sum at whatever point.
Measured service
Cloud frameworks automatically control and upgrade, cloud
resource use by utilizing a metering ability at the level of abstraction
suitable to the kind of administration (e.g., stockpiling, planning,
exchange speed and dynamic customer accounts). Resource use can
be observed, controlled and revealed, giving straightforwardness to the
supplier and customer.