Security Management And Migration Platformsâ€Myassignmenthelp.Com

Question: Discuss About The Security Management And Migration Platforms? Answer: Introducation Most modern IaaS infrastructure will offer adequate security features, however, the leasing organization (like Webb) should enforce them in their own resources rather than expect the service providers to do so. Nevertheless, there are key types of security measures to implement: Data encryption its outlined as the main and most important methods of protecting data as it meticulously manages security systems including the access keys as they are thoroughly encrypted. Network encryption most cloud service providers (CSP) will empathize on the encryption of the communication channel to deter interception threats that prey on the vulnerabilities of data transportation. Access control to create accountability, Webbs Stores, must know the people accessing their critical database hosted in the IaaS resources. This accountability is enforced using access control measures that manage users activities. Finally, a security access brokers known as CASBs, these are tools that help administrators to identify and locate risks within the database thus providing a high-end level encryption (Walker, 2015). Benefits and issues of the security features Benefits: First, protection against attacks more so, denial of service attacks that intercept cloud services. Security of the data the features would protect the critical database and its data. Flexibility with good security the users do not worry about server crashes or excessive down time due to traffic congestion. Regulatory compliance these features would ensure Webbs Stores meet the regulatory requirements for financial and personal data (Walker, 2015). Issues: Data privacy most of these procedures would require the users to surrender their personal data which could infringe on their personal and privacy rights. Ambiguity in security roles challenges may arise between the CSP and the store because of the considerations of access control and data ownership. Conflict of security features some security measures may identify others as intrusion thus may regularly disable or slow the entire IaaS infrastructure (Mehtra, 2014). Risks of cloud migration Database risks Security although most CSPs will have better security features than in-house facilities, migrating an entire database to a foreign infrastructure raises the concerns of its security. Furthermore, the database will operate in a different environment where the physical accountability is non-existence on behalf of the owner (leasing party, Webbs Stores). Migration moving an entire database resource to the cloud is a daunting task that requires project-like considerations. Therefore, it requires implementation procedures that might fail. Advanced change the database will have many changes that may affect its functionalities more so, to the end users (Healy, 2015). IaaS infrastructure Security problems IaaS offers excessive control to the user who may fail to implement the necessary security features thus expose the entire structure to attacks. For one, access may be given to unknown and unverifiable parties. Control having excessive control does not necessarily guarantee complete control and thus the subscriber may lose control over the resources hosted in the cloud infrastructure. Downtime when all is said and done, the IaaS platform will require IT resources to operate more so the internet which may fail or have downtime periods. Therefore, it will subject the infrastructure to delays and downtime periods (Healy, 2015). Communication between IaaS (CSP) and Webbs Stores Data security any communication conducted between the IaaS resource and the store may be intercepted through various attack methods such as malware intrusions. Therefore, the subscriber must be aware of this risk and apply the necessary solutions. Data privacy having hosted the data online, the communication between the two parties will mostly involve the access of confidential information stored in the cloud resource. Moreover, the subscriber will regularly update this resource with confidential information which is a serious risk. Record retention the communications are subject to retention requirements which can also be used to compromise the infrastructure if they fell into the wrong hands as they may contain sensitive data including access procedures (Romes, 2013). Backup and archival of records Risks of cloud backups Backing up data Large backup window on-premise backups take shorter windows as the process is conducted using LAN speeds. In fact, the only limitation is on the tapes throughput, however, cloud backups are limited by the internet resources i.e. speeds, bandwidth, and throughput. Therefore, congestions and delays will put the backup procedures at risk particularly when faced by a time sensitive scenario. Small restoration window consequently, when faced with a disaster, the subscribing organization will require all its data at once, an outcome that will be delayed by the access factors i.e. speeds, throughput and bandwidth. Loss of data with the onsite resource (tapes) the user can backup data based on a certain framework e.g. weekly, monthly and yearly. This outcome can help retrieve certain archives based on the users needs, however, with cloud resources, backups overwrite the previous versions. Therefore, older versions of data cannot be accessed if needed (Manes, 2012). Storage of data in the cloud Access risk with on-site resources, storage is closely monitored which ensure the right personnel accesses it. However, with cloud storage, the subscribers depends on the CSP to ensure the data is secure and that the storage is only accessed by them. Storage management consider the number of subscribers supported by a single CSP. Now, due to the number of subscribers, the CSP may fail to isolate the data properly thus leak information from one subscriber to another. Moreover, misconfiguration is a notable risk that may expose the storage facilities to the public at large. System outage unlike in-house resources, a subscriber storage resource is usually subject to downtimes and outages just like any other online resource. Therefore, despite the advantages offered by cloud storage, there is always the possibility of losing access to the data. This outcome can be caused by many factors including the existence of system breaking bugs (Healy, 2015). Retrieval of data Retrieval time the critical concern as the retrieval process may be time sensitive thus delay the application of the said data. While using the cloud resource, the subscribers retrieval process is subject to the factors of accessing online resources which are quite extensive. Cybercrime several serious attacks have occurred in the recent past which outline the risk of using cloud infrastructures. Now, while retrieving data from a compromised cloud facility, the process can be tracked back to the subscriber to infect the in-house facilities. Therefore, a subscriber can deliberately grant access to intruders while having the false assumption that they are retrieving their original data (Sovetkin, 2017). How DR plan is affected by the cloud resource In general, the DR plan considered by Webbs Stores will change into a cloud DR having a virtualization approach. In this approach, the entire server which includes the operating systems, Softwares and system patches will be combined to form a single virtualised structure. Therefore, in case of a disaster, the entire copy including the data lost will be required in a matter of minutes if the single virtual structure is physically acquired from the CSP. This outcome will drastically affect the companys DR plan as it will use fewer resources while meeting the same objectives. Moreover, the virtualization tools and resources will be independent of the hardware resources. Therefore, the software resources such as OS, applications and patches will be transferred from one data centre to another without reloading each and every operational component. Again, this outcome will reduce the overall recovery time used to restore resources in case of disasters. In all, with cloud resources, Webbs backup and restoration strategy will become more cost effective while having a better recovery time. These outcomes will be facilitated by the benefits outlined above and also by the ability to tune the performance of the cloud resources based on the immediate needs (tech, 2017). Cloud access protection IaaS infrastructure AAA strategy IaaS offers excessive control to the user which means there are a lot of resources disposed to the subscriber. The AAA strategy would require the authentication, authorization and accountability of resources. This can be done using verifiable all-inclusive tools available in the market including some that are provided by CSPs. Resource management the organization should monitor all the resources exchanged between them and the CSP in order to verify the security of the IaaS structure. In essence, the resource should not alter in operation (Mehtra, 2014). Ms SQL cloud server instance SQL authentication when the logical server is created for the SQL instance, specific access resources are given including username and passwords. Now, these resources should me made using the best security procedures, for instance, they should be unique having strong and undetectable characters. Firewall this security feature will manage the access given to the cloud instance. This process will be conducted using the access information presented by the users more so, the IP addresses (Microsoft, 2017). Cloud network structure Network management intrusion detection systems should be used to monitor the services offered by the cloud infrastructure. These systems would alert the administration of any access problems/threats thus help mitigate them before they cause any substantial damage. Firewalls similar to the cloud instance, the network structure should only be accessed by verifiable members. This consideration would be made using the firewalls which would also manage the data streams based on a verifiable checklist (Microsoft, 2017). Cloud back-up and restoration structure CASB backup and restoration procedures will involve two different systems and in this case, two different parties will be used. Now, the CASB as outlined before will offer end to end access protection based on the user's considerations. Furthermore, this platform will offer endpoint protection using proxies and verifiable APIs. Encryption also known as tokenization, encryption would ensure that the backup procedures are conducted safely despite that nature of the channels used. Cloud resources will operate within the online platform where security is never guaranteed. Therefore, by tokenizing the backup and restoration data, the integrity and authenticity of the resources are maintained more so after the occurrence of a disaster (Symantec, 2017). References Healy, R. (2015). The Top 5 Risks of Moving to the Cloud. Retrieved 09 September, 2017, from: https://www.annese.com/blog/top-5-risks-of-moving-to-the-cloud. Manes, C. (2012). What are the risks of backing up your business data in the cloud? Disaster recover journal , Retrieved 09 September, 2017, from: https://www.drj.com/articles/online-exclusive/what-are-the-risks-of-backing-up-your-business-data-in-the-cloud.html. Mehtra, H. (2014). Issues and Standards in Cloud Security. Retrieved 09 September, 2017, from: https://www.cse.wustl.edu/~jain/cse571-14/ftp/cloud_security/index.html. Microsoft. (2017). Azure SQL Database access control. Microsoft Azure, Retrieved 09 September, 2017, from: https://docs.microsoft.com/en-us/azure/sql-database/sql-database-control-access. Romes, R. (2013). The Benefits and Risks of Cloud Computing. Cla connect, Retrieved 09 September, 2017, from: https://www.claconnect.com/resources/articles/the-benefits-and-risks-of-cloud-computing. Sovetkin, M. (2017). IaaS Security: Threats and Protection Methodologies. eSecurity planet, Retrieved 09 September, 2017, from: https://www.esecurityplanet.com/network-security/iaas-security-threats-and-protection-methodologies.html. Symantec. (2017). Symantec Cloud Data Protection Security. Symantec, Retrieved 09 September, 2017, from: https://www.symantec.com/products/cloud-data-protection-security. tech, O. (2017). Benefits of Disaster Recovery in Cloud Computing. Retrieved 09 September, 2017, from: https://www.onlinetech.com/resources/references/benefits-of-disaster-recovery-in-cloud-computing. Walker, S. (2015). 5 Benefits of a Cloud Computing Security Solution. TBCONSULTING, Retrieved 09, September, 2017, from: https://www.tbconsulting.com/blog/5-benefits-of-a-cloud-computing-security-solution/.