NETWORK SECURITY AND CLOUD COMPUTING
Ways to Enhance Network Security
1. Create a Security Culture: Instilling a security culture that is integrated into the daily work of all employees. Culture starts at the top, and leadership committed to security is imperative. It’s not just a way to operate an organization, it’s a mindset.
2. Implement Network Security Policy: Network security policy is a written document customized to a particular business. The document outlines the rules and procedures relevant to Information
Technology assets. This exercise help to determine the use of these assets, the information that is shared and who has access to it. The key to the success of a network policy is to provide training to all employees on every aspect of security. Training will help preserve the confidentiality, availability and integrity of technology systems and data.
3. Keep Network Updated: Given the pace at which technology changes today, keeping current with security takes constant monitoring. It involves keeping tabs on what the hackers are doing, apply the appropriate security software updates and patches to keep secure the business data, customers’ and suppliers’ data too.
4. Have a Secure Back-up Plan: A data back-up plan protect valuable data in the event of a server failure, accidental deletion or outside hacker attack. Back-up solution is dependent upon risk tolerance in a company. Minimum back up is daily with full back up weekly. Periodically testing back-up process and ability to restore data. Better is to store copies off-site. Security can further be increase by using removable data storage media that can be stored separate from the system.
5. Consider Third-Party Services: An added level of security, especially for small to mid-sized businesses, is to outsource data storage. A third-party provider already has technology that may be out of reach of your company’s budget. State-of-the-art (the most recent stage in the development of a product, incorporating the newest ideas and features) products and technologies through a third party can help ensure your business recovers from a data breach or loss of data. An off-site copy of data can help to quickly recover and keep business.
The term Cloud refers to a Network or Internet. In other words, we can say that Cloud is something, which is present at remote location. Cloud can provide services over public and private networks, i.e., WAN, LAN or VPN.
Applications such as e-mail, web conferencing, customer relationship management (CRM) execute on
Cloud Computing refers to manipulating, configuring, and accessing the hardware and software resources remotely. It offers online data storage, infrastructure, and application.
There are certain services and models working behind the scene making the cloud computing feasible and accessible to end users. Following are the working models for cloud computing:
• Deployment Models
• Service Models
1. Deployment Models
Deployment models define the type of access to the cloud, i.e., how the cloud is located? Cloud can have any of the four types of access: Public, Private, Hybrid, and Community.
i. Public Cloud
The public cloud allows systems and services to be easily accessible to the general public. Public cloud may be less secure because of its openness.
ii. Private Cloud
The private cloud allows systems and services to be accessible within an organization. It is more secured because of its private nature.
iii. Community Cloud
The community cloud allows systems and services to be accessible by a group of organizations.
iv. Hybrid Cloud
The hybrid cloud is a mixture of public and private cloud, in which the critical activities are
performed using private cloud while the non-critical activities are performed using public cloud.
2. Service Models
Cloud computing is based on service models. These are categorized into three basic service models which
• Infrastructure-as–a-Service (IaaS)
• Platform-as-a-Service (PaaS)
• Software-as-a-Service (SaaS)
Benefits of Cloud Computing
Cloud Computing has numerous advantages. Some of them are listed below –
• One can access applications as utilities, over the Internet.
• One can manipulate and configure the applications online at any time.
• It does not require installing software to access or manipulating cloud application.
• Cloud Computing offers online development and deployment tools, programming runtime environment through PaaS model.
• Cloud resources are available over the network in a manner that provide platform independent access to any type of clients.
• Cloud Computing offers on-demand self-service. The resources can be used without interaction with cloud service provider.
• Cloud Computing is highly cost effective because it operates at high efficiency with optimum utilization. It just requires an Internet connection
• Cloud Computing offers load balancing that makes it more reliable.
Risks related to Cloud Computing
Although cloud Computing is a promising innovation with various benefits in the world of computing, it comes with risks. Some of them are discussed below:
A. Security and Privacy: It is the biggest concern about cloud computing. Since data management and infrastructure management in cloud is provided by third-party, it is always a risk to handover the sensitive information to cloud service providers.
Although the cloud computing vendors ensure highly secured password protected accounts, any sign of security breach may result in loss of customers and businesses.
B. Lock In: It is very difficult for the customers to switch from one Cloud Service Provider (CSP) to another. It results in dependency on a particular CSP for service.
C. Isolation Failure: This risk involves the failure of isolation mechanism that separates storage, memory, and routing between the different tenants.
D. Management Interface Compromise: In case of public cloud provider, the customer management interfaces are accessible through the Internet.
E. Insecure or Incomplete Data Deletion: It is possible that the data requested for deletion may not get deleted. It happens because either of the following reasons
Extra copies of data are stored but are not available at the time of deletion
• Disk that stores data of multiple tenants is destroyed
Characteristics of Cloud Computing
There are four key characteristics of cloud computing.
1. On Demand Self Service: Cloud Computing allows the users to use web services and resources on demand. One can logon to a website at any time and use them.
2. Broad Network Access: Since cloud computing is completely web based, it can be accessed from anywhere and at any time.
3. Resource Pooling: Cloud computing allows multiple tenants to share a pool of resources. One can share single physical instance of hardware, database and basic infrastructure.
4. Rapid Elasticity: It is very easy to scale the resources vertically or horizontally at any time. Scaling
of resources means the ability of resources to deal with increasing or decreasing demand. The
resources being used by customers at any given point of time are automatically monitored.
5. Measured Service: In this service cloud provider controls and monitors all the aspects of cloud
service. Resource optimization, billing, and capacity planning etc. depend on it.
Before deploying applications to cloud, it is necessary to consider the business requirements. Following are the issues one must consider:
• Data Security and Privacy Requirement
• Budget Requirements
• Type of cloud – public, private or hybrid
• Data backup requirements
• Training requirements
• Dashboard and reporting requirements
• Client access requirements
• Data export requirements