Information Security and Assurance - Essay Example

Cloud Security Issues By This paper presents a detailed analysis of cloud computing related security issues. In the past few years, the cloud computing has emerged an attractive platform which provides on-demand, reliable and expandable (as these services can be reduced or expanded depending on the organization’s needs) computing power to organizations. The basic ides idea of cloud computing is to allow the companies to get charged for only the services and time they have used a particular service, which is a source of attraction for a large number of business organizations.

It is an admitted fact that cloud computing has emerged as one of the most attractive and modern technologies to outsourcing data storage and processing capabilities. With the adoption of cloud computing the business organizations are able to get a large number of advantages such as utility computing, Virtualization, scalability, the ability to outsource data and processes, pay-per-use services and access to almost infinite computing resources (Aleem & Sprott, 2013; Dahbur et al., 2011; Hudic et al., 2013). In addition, this wide variety of affordable and consistent services have caught the attention of a large number of business organizations, which have decided to shift their business data, application or major operations of it into the cloud.

In fact, the recent studies and researches conducted to determine the impact of cloud computing on business organizations show a beyond belief expansion; on behalf of more than 16% of the world software sales with a market of more than $46 billion. In fact, for the majority of business organizations cloud computing is believed to be an affordable, helpful and an appropriate choice for the reason that the adoption of cloud computing allows them to diminish the total expenditure of technology ownership.

Without a doubt, cloud computing model provides a wide variety of tools and techniques to improve business productivity, however, there are certain security issues connected with the use of cloud computing. In order to take benefit of cloud computing a business organization must effectively deal with these issues (Aleem & Sprott, 2013; Dahbur et al., 2011; Hudic et al., 2013). As mentioned above, cloud computing presents a large number of advantages to business organizations, at the same time as there are different security issues especially with regard to off-site storage of customer and business applications and data.

As business data or applications are stored in the cloud, hence business organizations lose control over their data and applications. In fact, the use of the excellent security technology would not ensure fruitful results if a cloud service provider starts selling customer data to third parties (competitors of client organization). Although the client organization fully trusts their cloud service provider, but there is no surety that their data will be protected against a malicious internal/curious organization’s worker getting access to unencrypted customer files (Hudic et al.

, 2013; Kandukuri et al., 2009). Additionally, along with the likelihood that data will be misused by internal entities, in many cases there is the risk of external security attacks. In the past few years, a large number of cases of data theft have been exposed, comprising customer records, credit card numbers and other personal data, which clearly demonstrate that not even large firms are exception to security attacks. In addition, there are a large number of problems and issues that pretense critical and possible challenges for data and information security in cloud computing, comprising domain-specific restrictions, place limitations, technological or legal limitations, effectiveness of data management, various security metrics supported by cloud security providers, inappropriate implementation of sufficient security mechanisms, service-level security issues and the aggregation of data (Hudic et al.

, 2013; Kandukuri et al., 2009). In addition, there is another critical issue in ensuring data and applications confidentiality is how and where the data and applications are stored, which consists of the security of the operating system, data storage application, and any other software applications and tools that are being installed and run on the same system and the actual physical location where data and applications are stored. It is suggested that location where data and applications are physically stored must be effectively secured with adequately implemented security measures and normal backups in case of hardware or system crash.

In this scenario, business customers are expected to be familiar with the actual mechanisms used for physical data storage and how the cloud service providers have ensured the security of data backups. Moreover, along with an insufficiently secured physical storage location or inadequate security measures, ineffective use of encryption techniques can also pretense a substantial risk to business data and application confidentiality, as can functional, validation as well as authorization failures, which can cause an illegal person removing or making changes to data, which can harshly have an effect on customers' privacy (Hudic et al.

, 2013; Kandukuri et al., 2009; Yang, 2012). References Aleem, A. & Sprott, C.R., 2013. Let me in the cloud: analysis of the benefit and risk assessment of cloud platform. Journal of Financial Crime, 20(1), pp.6-24. Dahbur, K., Mohammad, B. & Tarakji, A.B., 2011. A survey of risks, threats and vulnerabilities in cloud computing. In ISWSA '11 Proceedings of the 2011 International Conference on Intelligent Semantic Web-Services and Applications., 2011. ACM New York, USA. Hudic, A. et al., 2013. confidentiality using fragmentation in cloud computing.

International Journal of Pervasive Computing and Communications, 9(1), pp.37-51. Kandukuri, B.R., V., R.P. & Rakshit, A., 2009. Cloud Security Issues. In SCC '09 Proceedings of the 2009 IEEE International Conference on Services Computing., 2009. IEEE Computer Society Washington, DC, USA. Yang, S.Q., 2012. Move into the Cloud, shall we? Library Hi Tech News, 29(1), pp.4-7.