Covid-19 Update: We've taken precautionary measures to enable all staff to work away from the office. These changes have already rolled out with no interruptions, and will allow us to continue offering the same great service at your busiest time in the year.

Pros and Cons of Cloud Computing Security

3220 words (13 pages) Essay in Information Technology

18/05/20 Information Technology Reference this

Disclaimer: This work has been submitted by a student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.

Abstract

 Securing the ever-evolving world of cloud computing is an ongoing saga and a resource which is undoubtedly in high demand across the information technology (IT) field.  Essentially this brand of security enables system and network administrators a chance to do away with the amount of hardware that had been required historically and in order to focus and streamline the procedures that have been implemented for an agency’s current Information Technology security posture in order to change how their information system is administered, deployed and accessed. Which entails the safeguarding of sensitive data from unauthorized access, classification misuse or spillages, data corruption and or data unsanctioned data purging.  Securing a cloud environment presents various challenges but is very similar to how a system or network administrators would conduct normal day to day business practices but drastically reducing the information technology hardware footprint in your local server farm. The luxury of computing virtually or “in the cloud”, decreases or completely removes the need for your information technology staff to physically track, upgrade and replace network and system devices which saves your organization money and allows those saved funds to be used on to further enhance the information system in question. This technology comes with “bells and whistles” that continues to prove that no matter the size of your agency or organization, deciding to do one’s computing via the cloud is very enticing.  Though this may seem reassuring, do you know how your resources in the cloud are being safeguarded and who’s responsibility it is to protect this data? Hopefully after reading research paper you have a better understanding of the many “pros” of computing virtually via the cloud and also the pitfalls and “cons” of this very in demand technology.

Introduction

 Conducting one’s business in the cloud can be a bit of an adjustment.  Just as it is with the traditional securing of an information system environment, there are some adversities that must overcome, avoided completely or down right accepted.  Adversities such as what is offered and the best course of action going forward in regards to cloud computing for your organization.  Avoidance in the form of giving some or all your administration power over to your cloud provider.  Lastly, the conceding or rebelling against the fact that securing your environment, data and overall resources will be a shared responsibility.  In every cloud service—from software-as-a-service for example (Microsoft Office 365) to infrastructure-as-a-service (like Amazon Web Services or even the International Business Machines company) the cloud computing customer is always responsible for protecting their data from security threats and controlling access to it unless otherwise determined in the service level agreement (SLA).  Each user’s data can be secured in a number of different ways and this all depends on the individual needs of each cloud consumer.  Speaking geographically, if the organization is large enough to need access to the resources in question globally there are certain regulatory hurdles that must be complied with all depending what corner of the world your data may be residing. 

One of the benefits of doing your computing in the “cloud” is that you can operate at full mission capacity having the same expectations as you would when resources such as; routers, switches, servers and storage area networks were housed locally or on premise.  As stated previously in this research paper the goal is still very much the same in regards to having a good security posture and/or plan, then actually implementing said plan.  The main thing that changes in most solutions for customers computing via the cloud is not who the owner of the data is but who is the owner of the data at rest.  This essentially raises the question of, “if I own the data, why would I not own the device on which the data rests”?  So, securing your resources in my opinion, is not the issue at hand but, the number of hands responsible for conducting and achieving this very important task has grown and depending on how much of your network is virtualized and moved to the cloud determines how many more hands there will be “stirring the pot”.  Moving your data to the cloud also gives your company’s network and system administrators the ability to perform their security practices and maintenance in a more malleable manner.

 The National Institute of Standards and Technology or (NIST) defines cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models” (Mell & Grance, 2011).  These essential characteristics are categorized as On-demand self-service, Broad network access, resource pooling, rapid elasticity and measured service.  I will try and give a brief description of these five characteristics to provide a more practical approach and understanding for you. 

Essential Characteristics

 

On-demand self-service – I feel is rather self-explanatory.  This is where your resources that are housed in the cloud can be manipulated, changed, configured, altered and provisioned from an account (with the correct permissions) automatically not needing input from a non-machine entity.

Broad network access – This characteristic speaks to the where, how and when of the resources in question.  Essentially, it doesn’t, or should I say it shouldn’t matter what nomenclature, platform, version, flavor or what have you…it is all the same.   This is the beauty and the robustness of cloud computing…essentially if you can “get there” you have the potential ability to gain access.

Resource pooling – As with any system…virtualized or physical, the demands on resources play a critical role on the success or demise of the resource.  Much like the pros and cons of having Random-access Memorial (RAM) in a system is how I like to think of the area.  Depending on the size of the environment in question is how cloud providers justify or determine the amount of resources needed to properly, effectively and efficiently meet the business expectations of every organization or agency.

Rapid elasticity – I like to refer to his characteristic as the “learning function” for the simple fact that if your network needs more of something this feature monitors and intuits the needed or desired resource and creates more of it.  This obviously goes both ways so if there is a resource that is underutilizing its resources, rapid elasticity shrinks or reduces the resource and stores it for use in other areas that may need it.  For anyone who has experience with virtual machines of any kind, this feature reminds me of dynamic RAM…you don’t know how much memory a particular server may need so you allow the virtual device to determine how much resources it may need.

Measured service – This is also an area that I would say that is self-explanatory because anytime you are providing a service you want to see the amount of bandwidth and who, what and where the virtualization services are being utilized.  The tracking and monitoring of these services provide the best overall high-level picture that can tangibly be presented to your organization’s Information Technology Leadership, business stakeholders and financial decision makers.

Now I will explain the three different service models and the advantages and disadvantages for each.

Service Models

 

Software as a Service (SaaS) – If this service is chosen it enables the ability to connect to agency application on a number of different virtual desktop interfaces using any operating system set that is selected by the customer.  This means that if the agency currently uses a Windows 8 operating system and wants to utilize the same platform to make the experience seamless to the users of a particular network, this would be the service to choose.  This cloud implementation would provide the same resources that users would currently have in a traditional office/work center setting with the only change being how they actually gain access to said resources.  In my experience, the easiest way to implement in the user’s office location is to install thin clients that have been pre-configured to point to a website where the user would utilize their logon credentials or smart cards and authenticate as they would if they were using an agency desktop or laptop.  After successful logon, the user would be brought to a common operating environment where they can navigate to their resource of choice ie: network drives, email and the internet.  Sadly, though, these permissions are administered via the cloud provider and the altering of network permissions for this service are not handled locally taking ability to perform remedial tasks such as; adding user’s permissions to a new or existing network out of hands of your local information system staff.  In other words, this service is geared towards small business or large business that do not need on the spot changes and whom can await the requested changes to be made and applied.  Though this process does not take very long, the ability of making these changes is not possible without the assistance of the cloud provider and this must be explained and acknowledged by the company’s leadership so that expectations can be set.

Platform as a Service (PaaS) – With this flavor of service model, it is very much like Software as a service but with a caveat.  The service provider takes care of everything with the exception to the applications and resources advertised.  In Software as a service, the idea is to essentially “set it and forget it” giving the users resources and not worrying too much about making any “sudden” or on the spot changes.  With Platform as a service, the onsite administrators have the ability to make alterations to ONLY the applications agreed upon in the memorandum of agreement (MOA) or service level agreement (SLA) which identifies what services are conducted by each party (consumer and cloud service provider).  

Infrastructure as a Service (IaaS) – Now the third and final type of service is called Infrastructure as a Service.  This iteration encompasses the first two (Software and Platform as a service.  In this instance the cloud provider allows more administration power to the consumer system administrators.  With Infrastructure as a service the cloud provider handles the “infrastructure” the how get there, what it’s running on and how it is being protected (logically and physically) and allows the consumer administrators to handle the rest.  This means core services such as email, internet, storage, application and active directory administration.  In my opinion, this is the best of both worlds for a system administrator but it lacks the appeal when presented to a network engineer.  In this model the lines of separation are absolutely clear.  This two tiered approach of defending an information system can definitely be a strength for some organizations and on the other hand can be a nightmare for others.  The main goal is to tailor the virtualization of a network to the needs and overall mission of the agency looking to benefit from moving to computing via the cloud.

Deployment Models

 

Private cloud – This explanation is exactly as the title suggests.  This space is bought for and exclusively utilized by the purchasing consumer agency.  This allocated space is not shared, advertised or administered by any personnel outside of the consumer agency.  Depending on the agreement this space is also completely configured by the consumer unless other arrangements are made.

Community cloud – In this deployment model, I would like to suggest this as a model of reciprocity.  The clearest example would be something like the intelligence community where there are distinct areas that make each organization or agency their own entity but all benefit from the collaboration of shared resources.  So in such a cloud community, only members of the community are able to create, access, modify and ultimately share resources.  In this model administration can be conducted by a single or multiple agencies and can be housed on location or via the cloud.

Public cloud – The next type of deployment, as the name suggests, is open to the public and can be overseen and maintained by any business, corporation, agency or higher learning institute (which are commonly seen).  To provide the greatest chance for scalability, accessibility and portability for anyone of the public who is interested, the responsibility of major administration is conducted by the cloud provider. 

Hybrid cloud – This instance of deployment is the combination of any of the three aforementioned deployment types and allows them to share resources.  For example, if there were 20 tenants in a 100 room apartment building and they all decided to purchase the entire building.  This would suggest that there would be approximately 80 rooms that were not being utilized.  Between the 20 members they would draw up an agreement to how and under what circumstances the extra rooms could and would be used in.  Whether it be using it for building functions such as; meeting, financial gain or even storage, the space would belong to and used only by the tenants of the apartment.

As one begins to learn how cloud computing is comprised, what features if offer and in the ways it can be deployed, the question or who is actually responsible for securing any one asset that can be accessed via the cloud.  Thus far in the reading it could have been determined that depending on what service a consumer decides will truly pinpoint who in fact is responsible for security the data, the access and the overall environment.  Migrating to computing via the cloud is a big decision not only for those supporting the network but also for the personnel that have the final consideration and authorization to either make this transition or not.  There are so many added benefits of decreasing locally in order to move to the cloud such as; a decreased electrical bill for the organization or the added benefit of remote access and mobility which in turn adds to the ability to telework.  Cloud computing can ultimately enhance the quality of life for employees and produces an enjoyable work atmosphere?  As wonderful as this may sound to some, there is caution on the hearts and minds of others.  Depending what is important to the company or business making the decision or move to the cloud, the high value asset of the company may be things that do not transition such as standalone systems and data that must be kept “close to the breast”.  In situations such as this so it would in fact matter where the data is “at rest” and who has access to this data.  In these cases, you would definitely see hesitation with paying for a service that you do not completely own nor control.  But you may then ask, “well Melvin I thought you stated that there is a deployment type that allows to the organization the ability to privately purchase cloud space and utilize it as they wish, exclusively?  Which, I would respond…why yes there is and that is how I truly understand it and this would be perfect option for any information system that needs that type exclusivity but at the end of the day, this would defeat one of the greatest benefits of virtualizing your information system and moving to the cloud.  I say this because the only way you can truly ensure that your data and cloud instance is truly “your own” is to own it completely (purchase the cloud environment) along with maintenance, upgrades, upkeep and replacement of the components that will run this environment. 

So in conclusion, referring back to the thought that I began with, the task of securing the ever-evolving world of cloud computing is an ongoing saga and a resource which is undoubtedly in high demand across the information technology field.  Though there are many advantages dealing with cloud computing, the ultimate concern is and will continue to be how to consistently and successfully secure your resources in the cloud. The luxury of computing virtually or “in the cloud”, decreases or completely removes the need for your information technology staff to physically track, upgrade and replace network and system devices which saves your organization money and allows those saved funds to be used on to further enhance the information system in question. This technology comes with “bells and whistles” that continues to prove that no matter the size of your agency or organization, deciding to do one’s computing via the cloud is very enticing.  Though this may seem reassuring, do you know how your resources in the cloud are being safeguarded and who’s responsibility it is to protect this data? Hopefully after reading research paper you have a better understanding of the many “pros” of computing virtually via the cloud and also the pitfalls and “cons” of this very in demand technology.  Thank you for taking the time to read this research paper.

  • Arasaratnam, O. (2011). Introduction to Cloud Computing. Auditing Cloud Computing,1-13. doi:10.1002/9781118269091.ch1
  • Cloud Computing Security Issues and Solutions. (2019, August 5). Retrieved from https://www.mcafee.com/enterprise/en-us/security-awareness/cloud/security-issues-in-cloud-computing.html
  • Mather, T. (2017). Privacy Protection Techniques in Mobile Cloud Computing. Mobile Cloud Computing,179-200. doi:10.1201/9781315156088-9
  • Mather, T. (2017). Privacy Protection Techniques in Mobile Cloud Computing. Mobile Cloud Computing,179-200. doi:10.1201/9781315156088-9
  • Mell, P., & Grance, T. (2011, September). The NIST definition of cloud computing. Retrieved August 5, 2019, from https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
  • Patrizio, A. (2019, March 27). Data Security in Cloud Computing: 8 Key Concepts. Retrieved August 5, 2019, from https://www.datamation.com/cloud-computing/data-security-in-cloud-computing.html
  • Popović, K., & Hocenski, Ž. (2010, May 28). Retrieved August 5, 2019, from https://ieeexplore.ieee.org/abstract/document/5533317
  • What is Cloud Security? (2019, June 13). Retrieved August 5, 2019, from https://www.forcepoint.com/cyber-edu/cloud-security
  • Zhang, H. (2019, January 02). How secure is your data when it’s stored in the cloud? Retrieved August 5, 2019, from http://theconversation.com/how-secure-is-your-data-when-its-stored-in-the-cloud-90000
  • Zissis, D., & Lekkas, D. (2010, December 22). Addressing cloud computing security issues. Retrieved August 5, 2019, from https://www.sciencedirect.com/science/article/pii/S0167739X10002554
Get Help With Your Essay

If you need assistance with writing your essay, our professional essay writing service is here to help!

Find out more

Cite This Work

To export a reference to this article please select a referencing style below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please:

Related Lectures

Study for free with our range of university lectures!