Chat with us, powered by LiveChat What baseline security requirements t should be applied to the design and implementation of applications, databases, systems, network infrastructure, and information processing when conside - Writingforyou

What baseline security requirements t should be applied to the design and implementation of applications, databases, systems, network infrastructure, and information processing when conside

 What baseline security requirements t should be applied to the design and implementation of applications, databases, systems, network infrastructure, and information processing when considering cloud computing within an enterprise risk management frameworks ?Your paper should meet the following requirements:

  • Be approximately four to six pages long, not including the required cover and reference pages.
  • Follow APA7 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.
  • Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The school Library is a great place to find resources.
  • Use excellent grammar and style techniques to be clear and well-written, concise, and logical. You are being graded in part on the quality of your writing.
USEFUL NOTES FOR:

What baseline security requirements t should be applied to the design and implementation of applications, databases, systems, network infrastructure, and information processing when considering cloud computing within an enterprise risk management frameworks

Introduction

Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This has resulted in the new model for IT called IaaS (Infrastructure as a Service) where companies lease their own infrastructure but still need to pay for it.[9][10] A major trend in cloud computing is the shift from using physical hardware to virtual machines (VMs) providing increased flexibility and cost savings through automation of use.[11] In this model, users have their data stored in virtual machines instead of on physical computers.[12] It allows enterprises to boot up new applications quickly without having to buy equipment beforehand;[13] it also makes its deployment faster because there are no installation procedures required prior[14].

Identity and access management (IAM)

Identity and access management (IAM) is a set of policies, processes and technologies that control how identities are created, accessed and used within an organization. It is a key component of the identity and access management lifecycle.

In this section we will focus on how IAM can be applied to cloud computing environments.

Data security and privacy.

Data security and privacy are fundamental to the cloud computing architecture, with data protection a shared responsibility between the enterprise and its service provider. It is critical that organizations have clearly defined policies in place that ensure data integrity, confidentiality, availability and quality of service (QoS).

The long-term viability of cloud computing depends on these two components being implemented properly from an organizational perspective as well as from a technical perspective.

Infrastructure security.

Your organization needs to establish a baseline security requirement for each of the following areas:

Cloud infrastructure security – You need a strategy for securing the cloud infrastructure. This includes protecting against threats such as viruses, malware, social engineering attacks and other vulnerabilities that can be introduced into your environment by third parties (e.g., vendors). It also includes protecting against insider threats when employees use their own credentials to access sensitive information or perform administrative tasks without authorization. The goal here is to prevent unauthorized access to critical applications, data and network resources while still allowing employees access when needed for legitimate purposes like testing or troubleshooting issues with applications or systems deployed in production environments;

Cloud provider’s data centers – You should have processes in place so that you can detect when there are issues with these facilities’ physical security controls as well as any potential vulnerabilities associated with them (e.g., water intrusion);

Cloud provider’s network infrastructure – You should identify any potential risks involved with using public networks where users could be exposed through open ports on their laptops/desktops etc.;

Interoperability and portability.

Interoperability and portability are two important concepts that need to be considered when evaluating the security of a cloud computing system. It refers to the ability of cloud computing systems to exchange data and interoperate with other cloud computing systems, both within the same cloud service provider and across different cloud service providers.

When we talk about interoperability in relation to security, we mean it’s possible for an application or system running on one platform (e.g., Amazon Web Services) to communicate with another application or system running on another platform (e.g., Microsoft Azure). This could happen if an organization has multiple applications using different technologies but still needs them all connected together through some kind of middleware infrastructure like MQTT or Kafka; this type of integration requires high levels of interoperation between different services so they can work together without any problems later down the road when something changes in either one area causing issues elsewhere within your overall architecture design – which leads us back again into our previous definition: “interoperability refers specifically toward communication between 2 components across private networks where there exists no third party involved.”

Security of public cloud services .

Public cloud services are typically hosted in the private space of a data center, often with physical access controls and security policies. In contrast, hybrid cloud services are provided by a third party via the internet or other network infrastructure. The security of public clouds is generally less stringent than that for private data centers because there is no control over who can access them—only that they be accessible via some form of network connection. However, due to their shared nature (i.e., both public and private), hybrid clouds have similar challenges as those faced by traditional enterprise applications when deployed on-premises:

Security as a shared responsibility.

Cloud providers, cloud users and organizations will all be responsible for securing their respective parts of the infrastructure. This includes:

Cloud providers will be responsible for securing their own infrastructure, including firewalls, intrusion detection systems and other security controls that are applied during network operations.

Cloud users will be responsible for ensuring that applications run on top of the cloud platform can meet the security requirements set forth by the organization’s information assurance (IA) team. For example, if you have an application that uses social media data from Twitter or Facebook as a source of information about your customers’ interests then you’re probably going to want it to come with some basic privacy protections built in so users aren’t exposed when sharing this information publicly – like not posting personal details online without permission first!

Cloud computing security or, more simply, cloud security refers to a broad set of policies, technologies, applications and controls utilized to protect virtualized IP, data, applications, services and the associated infrastructure of cloud computing. It is a sub-domain of computer security typically dealing with main concerns around data security, authorization, validation & identity management, authentication and audit tracking within the cloud computing framework.[1][2] Cloud computing is shared pools of configurable computer system resources and higher-level services that can be rapidly provisioned with minimal management effort, often over the Internet.[3] Cloud computing relies on sharing of resources to achieve coherence and economies of scale similar to a utility (like the electricity grid) over an electricity network.[4] Advocates claim that cloud computing allows companies to avoid upfront infrastructure costs (e.g., purchasing servers). Proponents also claim that cloud computing allows enterprises to get their applications up and running faster, with improved manageability and less maintenance, and enables IT teams to more rapidly adjust resources to meet fluctuating and unpredictable business demand.[5][6][7] Cloud providers typically use a “pay as you go” model. This will lead to unexpectedly high charges if administrators do not adapt to the cloud pricing model.[8]

 

Conclusion

Cloud computing security is a complex topic that requires a solid understanding of the risks involved with cloud computing and its associated key components. We hope our blog post has helped to inform you on how to implement cloud based technology within your enterprise, but please do not hesitate to contact us if you have any questions or need further assistance!