Studyspark Study Document

Cloud Computing and Computing Thesis

Pages:25 (7745 words)

Sources:25

Document Type:Thesis

Document:#96684540


Risk, Risk Management Strategies, and Benefits in Cloud Computing

SITUATIONAL ANALYSIS

PREMISE STATEMENT

KEY DEFINITIONS

SERVICE AND DEPLOYMENT MODELS

BENEFITS OF CLOUD COMPUTING

SECURITY ASPECTS

Storage

Reliability

Virtualization

Trust

Physical Security

Legal Compliance

CLOUD COMPUTING RISKS

RISK Management STRATEGIES

Vendor Evaluation

Centralized Information Governance

Other Organization-Level Measures

Individual-Level Security Measures

Cloud computing model

Cloud computing service and deployment models

ISO/IEC broad categories

The emergence of cloud computing has tremendously transformed the world of computing. Today, individuals, organizations, and government agencies can access computing resources provided by a vendor on an on-demand basis. This provides convenience, flexibility, and substantial cost savings. It also provides a more efficient way of planning disaster recovery and overcoming fluctuations in the demand for computing resources. In spite of the benefits it offers, cloud computing presents significant security concerns, which users must clearly understand and put strong measures in place to address them. Users are particularly concerned about the privacy and confidentiality of their information as well as the integrity and capacity of the vendor. Cloud computing may increase the risk of data leakage and data loss, which may result in dire consequences for users and the cloud provider. However, with extensive vendor evaluation and centralized governance of confidential information, these concerns can be put to rest. Awareness and training as well as regular audit of risk management procedures are also important for addressing these concerns. If properly governed, cloud computing can deliver considerable benefits to users.

Running head: CLOUD COMPUTING 1

CLOUD COMPUTING 2

1. SITUATIONAL ANALYSIS

The world of information technology (IT) has experienced a rapid evolution in the last one and a half decades (Denning & Frailey, 2011). Cloud computing is an invention that has taken internet-based computing to a level never imagined a few decades ago. As of 2012, the cloud computing market was worth approximately $150 billion, an increase of more than 160% compared to 2009 (Budriene & Zalieckaite, 2012). In today's world, cloud computing provides an unprecedented solution for data storage, data access, data processing, and information sharing. Organizations are increasingly turning to scalable, pay-per-service cloud-based computing applications such as Amazon Web Services (AWS) and Google Cloud Services to process data efficiently while achieving cost savings (Srinivasan, 2012). With cloud computing, organizations may not need to invest in expensive information technology (IT) infrastructure (Alijani et al., 2014). Thus, cloud computing has helped reduce the cost of acquiring and maintaining IT systems substantially. In addition to cost savings, cloud computing provides flexibility and convenience (Srinivasan, 2013). With the emergence of powerful web-enabled mobile devices such as smartphones and tablets, data can now be accessed at the user's convenient time and location (Markovic et al., 2014).

The use of cloud computing has gained popularity not only amongst organizations, but also individuals (Markovic et al., 2014). Today, individuals increasingly rely on cloud-based services to store photos and other personal data such as documents, bill payments, and financial information. Popular cloud storage platforms include Google Drive, Google Docs, Drop Box, iCloud, and Amazon Drive. These platforms enable users to access their data from any geographical location with an internet connection. This avoids or minimizes the necessity of conventional, 'hard' storage media such as compact disks and flash drives.

Whereas cloud computing offers cheaper and convenient data storage and access, it presents significant security concerns. Privacy breach, loss of data, hacking, identity theft, and other forms of cybercrimes have become major concerns in the wake of increased cloud computing applications, acceptance, and usage (Budriene & Zalieckaite, 2012; Gold, 2012; Abiodun, 2013; Srinivasan, 2013; Neumann, 2014; Ismail, Golamdin & Shahzad, 2016; Rittle, Czerwinski & Sullivan, 2016). Hackers and other online criminals have become increasingly intrusive. Without robust security measures, malicious individuals can access crucial and confidential information, resulting in disastrous consequences for individuals and organizations.

On its part, the Department of Defense (DOD) acknowledges the risks and security concerns posed by cloud computing. As per the department's Risk Management Strategy (RMS), cloud computing activities must be conducted in accordance with department-wide and federal-level IT security requirements, notably the Federal Risk and Authorization Management Program (Fedramp) as well as the Cloud Computing Security Requirements Guide (SRG). Adherence to these guidelines is crucial for safeguarding sensitive information as well as guaranteeing operational efficiency and mission success.

2. PREMISE STATEMENT

Though cloud computing offers a powerful tool for DOD, commercial, and public use, it carries substantial security risks that all users must understand, and which must be addressed via a comprehensive risk management strategy. This paper identifies the benefits and risks associated with the use of cloud computing by the government (particularly the DOD), commercial entities, and individuals; as well as the strategies that can be used to manage the risks. The remainder of the paper is organized into six major sections. In section 3, a definition of cloud computing is provided. Section 4 provides a description of cloud computing service and deployment models, while section 5 highlights the benefits of cloud computing. Attention is then paid to the security concerns raised by cloud computing in section 6, with specific consideration to aspects such as access, storage, trust, and legal compliance. Section 7 focuses on the risks associated with cloud computing. Risk management strategies are discussed in section 8.

3. KEY DEFINITIONS

Whereas there is no universally agreed definition, the term cloud computing generally refers to IT infrastructure and services that enable on-demand access to computing resources such as servers, network, operating systems, and applications (Srinivasan, 2013). Typically, the provider owns and controls the computing infrastructure and services. Customers can access the computing infrastructure and services via the internet at their time and location of convenience based on a pay-per-use or pay-as-you-go model (Jiang & Wu, 2016). This eliminates the need to own and maintain costly computing infrastructure, as well as locate data and applications in the user's hardware and servers (Markovic et al., 2014). It is important to note that customers in this case denote users of cloud computing services, who include individuals and organizations (Johnston, Loot & Esterhuyse, 2016).

On-demand access and resource pooling are the two main features that distinguish cloud computing from traditional computing (Alijani et al., 2014). On-demand access essentially means that users pay for the service based on their demand, just as they pay for ordinary utilities such as gas and electricity (Jolfaie et al., 2007). The aspect of resource pooling means that a pool of computing resources owned and controlled by the provider is shared by multiple tenants. These two features ensure a more efficient and cost-effective utilization of computing resources. In simpler terms, cloud computing entails outsourcing IT services (Budriene & Zalieckaite, 2012; Gonzalez & Smith, 2014). It "is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources" (Mitchell & Meggison, 2014, p. 1). Figure 1 below provides a simple representation of cloud computing.

Figure 1: Cloud computing model (CR -- computing resources; DW -- data warehouse)

Source: Budriene & Zalieckaite (2012, p. 123)

Although cloud computing became popular in the beginning of the 21st century, it is not really a new practice. Discourses and practices relating to cloud computing date as early as the mid-20th century (Budriene & Zalieckaite, 2012). For instance, organizations have hosted software and hardware externally as well as outsourced IT services for decades. Nevertheless, with the emergence of broadband internet, virtual solutions, and other powerful supportive technologies in the 1990s and 2000s, the notion of cloud computing has gone a notch higher (Budriene & Zalieckaite, 2012; Alali & Yeh, 2012).

4. SERVICE AND DEPLOYMENT MODELS

Cloud computing services are offered in three basic forms: software as a service (Saas), platform as a service (Paas), and infrastructure as a service (Iaas) (Srinivasan, 2013). Saas is the least complicated and most common of the three (Budriene & Zalieckaite, 2012). It offers hardware and software to the user without the complexities associated with running an IT system. The cloud provider fully controls the computing infrastructure, including servers, network and operating systems. Based on economies of scale, the provider is able to offer shared computing resources to a large number of users, most of whom are small and medium enterprises (SMEs) (Srinivasan, 2013). The users sign up for their desired computing resources -- data storage, memory volume, CPU capacity, and so forth (Budriene & Zalieckaite, 2012). A company email is an ideal example of Saas. Popular Saas products include Amazon's AWS, IBM's Cloudburst, Apple's iCloud, as well as Google's Gmail and Google Docs. In spite of its simplicity, Saas may not be appropriate for applications that require exceptionally fast processing of data (Markovic et al., 2014).

PaaS provides the user a platform with the basic capacity to run the user's applications (Srinivasan, 2013). The platform may involve an operating system, for instance. This service is mostly utilized by programmers and system developers. The service provides all the tools and resources for developing, testing, deploying, and hosting applications (Markovic et al., 2014). Paas has a built-in flexibility; though the cloud provider controls the…


Sample Source(s) Used

REFERENCES

Abiodun, A. (2013). A framework for implementation of risk management system in third party managed cloud. Journal of Information Technology & Economic Development, 4(2), 19-30.

Ahmed, N., & Abraham, A. (2013). Modeling security risk factors in a cloud computing environment. Journal of Information Assurance and Security, 8, 279-289.

Alali, F., & Yeh, C. (2012). Cloud computing: overview and risk analysis. Journal of Information Systems, 26(2), 13-33.

Alijani, G., Fulk, H., Omar, A., & Tulsi, R. (2014). Cloud computing effects on small business. Entrepreneurial Executive, 19, 35-45.

Cite this Document

Join thousands of other students and "spark your studies."

Sign Up for FREE
Related Documents

Studyspark Study Document

Cloud Computing As an Enterprise Application Service

Pages: 10 (2648 words) Sources: 15 Subject: Education - Computers Document: #96142868

Cloud Computing as an Enterprise Application Service Reordering the economics of software, cloud computing is alleviating many of the capital expenses (CAPEX), inflexibility of previous-generation software platforms, and inability of on-premise applications to be customized on an ongoing basis to evolving customer needs. These are the three top factors of many that are driving the adoption of cloud computing technologies in enterprises today. Implicit in the entire series of critical success

Studyspark Study Document

Cloud Computing Assessing the Risks of Cloud

Pages: 4 (1163 words) Sources: 4 Subject: Education - Computers Document: #70192550

Cloud Computing Assessing the Risks of Cloud Computing Despite the many economic advantages of cloud computing, there are just as many risks, both at the information technologies (IT) and strategic level for any enterprise looking to integrate them into their operations. The intent of this analysis is to evaluate three of the top risks of cloud computing and provide prescriptive analysis and insight into how best to manage each. Despite widespread skepticism

Studyspark Study Document

Cloud Computing Strategy Cloud Computing Is Becoming

Pages: 5 (1567 words) Sources: 1 Subject: Government Document: #67172191

Cloud Computing Strategy Cloud computing is becoming big now, because it is easy to see how this kind of computing can be beneficial to all different types of businesses. Because of the value of cloud computing, the federal government is considering moving much of their information technology workload to the "cloud." In other words, much of the information would be stored in a way that would make access to it -

Studyspark Study Document

Cloud Computing Many Businesses Are Experimenting and

Pages: 3 (1041 words) Sources: 2 Subject: Education - Computers Document: #6145721

Cloud Computing Many businesses are experimenting and slowly embracing the concept of cloud computing and Web2.0 .organizations choosing projects which can reap full benefits from cloud computing and Web2.0.this evolution has began as organizations are now taking a crawl, walk run approach which is building towards an eventual implementation of cloud and Web2.0 implementation. Organizations are now following the pragmatic path towards cloud computing and Web2.0 through the adoption of new

Studyspark Study Document

Cloud Computing and Web 2.0 the Objective

Pages: 3 (885 words) Sources: 2 Subject: Education - Computers Document: #52866341

Cloud Computing and Web 2.0 The objective of this study is to explain the business uses of cloud computing and Web 2.0 and to explain how organization use these tools, the technology required to use these tools, the benefits of cloud computing and Web 2.0 and the limitations of each. Web 2.0 is reported as being "primarily associated with websites and web tools that promote interactive collaboration such as Wikipedia, Google Apps,

Studyspark Study Document

Cloud Computing Today's and Tomorrow's Technologies and

Pages: 5 (1676 words) Sources: 7 Subject: Education - Computers Document: #30906378

Cloud Computing Today's and tomorrow's technologies and their impact on society has been brought by the development of a new technology which is referred as cloud computing. Cloud computing are techniques and common technologies that are used in Information Technology. It means data which are hosted in a given area (center) then it is dismissed without knowing the design of hosting known as utility computing which tends to permits near real

Join thousands of other students and

"spark your studies".