• No results found

The Risks of Cloud Computing:

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "The Risks of Cloud Computing:"

Copied!
16
0
0

Loading.... (view fulltext now)

Download now ( 16 Page )

Full text

(1)

The Risks of Cloud

Computing:

Understanding the inherent risks form cloud

computing and cloud technologies

K AT I E WO O D

SE NIO R L E CT U R E I NF O R MATIO NS S YST E MS DE PA R T MENT U NIVERSITY OF WOLVER HAMPTON

(2)

Areas to

consider

Security

Privacy – user rights

Role of the provider

Control Issues

Regulatory compliance

Data location and geo-redundancy

(3)

Are you already

using Cloud?

Email (e.g., Gmail, Hotmail)

• Websites (e.g., official company web portals(

Social media (e.g., Facebook)

Online productivity tools (e.g., Office 365 )

• Online storage and backup services (e.g.,

Dropbox, Google Drive)

• As an end user are you interested if your system is part of a cloud or not?

(4)

Current Stage

Still evolving and challenges remain in regards to security, availability, reliability, pricing models, legal, jurisdiction and forms of CSP

(5)

Current Situation

• Major Security Issues with Cloud Computing Being Ignored (Jan 2013) http://www.ibtimes.co.uk

• 76% of businesses had to deal with distributed denial-of-service

(DDoS) attacks on their customers

• 43% had partial or total

infrastructure outages due to DDoS (Jan 2013)

en.chinasourcing.org

• 83% of large enterprises

acknowledge problems with unauthorized cloud

deployments.(Feb 17 2013) www.bsiness2community.com

• Internet access is down; what's your backup? (16 Feb 2013) www.rgi.com

• Amazon Web Services Hit By

Slowdown (September 13, 2013 )

(6)

• Reports suggest one of the top five IT security spending priorities over the next 12 to 24 months was 'cloud security;'

(7)

Components of Information Security

Management of Information Security, 3rd Edition Source: Course Technology/Cengage Learning

(8)

• Service Level Agreement (SLAs)

• Monitoring/ backups

• Track record as well as long term viability of the service provider (for example how long do they keep copy of your data after

contract ends)

• Clouds ‘disappear’ – what happens?

• Cloud Migration

• Policies/Standards

(9)

Regulatory compliance :Current Concerns

• EU favours very strict protection of privacy, while in US there tend to be a more relaxed approach to privacy legislation.

• EU deeming the US as unsafe and lacks the necessary privacy protection standard they expect

• Some countries within the Middle East region have established legislation on data protection and privacy which is now enforced as they have started to acknowledge the need for privacy and data protection legislation – but is not at the ‘level’ we have in the EU

• Asia, Pacific and African is more problematic due to differences within economies and cultures

(10)

• Cloud Computing Strategy EU

• New guidelines: PCI Data Security Standard (Feb 2013) support to regulated businesses

• The Idaho House Revenue and Taxation Committee has agreed to introduce legislation to clarify that cloud computing services delivered over the

Internet aren't tangible goods subject to sales tax. "This tax has caused a lot of people to consider moving their operations out of the state so they would not have to pay that tax,"

(11)

• 69% of respondents believed that the risks of using the cloud

outweigh the benefits. (http://www.forbes.com) – Why? Can it be measured?

(12)

Extent of knowledge: Level of understanding of cloud computing?

Perception of risks: How would you rank risk?

Perception of benefits: How would you rank the importance/ the

benefits?

Actual experience: what experience? Any?

(13)

What you can do to help your business enjoy the

benefits of e cloud

• What does your business really need?: – write a list – critical, functional and non functional, would like

• Make a decision: - based on the above, costing, future plans of the business. Have you consider alternative solutions?

• Plan B: – what happens when things go wrong? What type of cloud are you considering? What type of data will be stored in a cloud?

• Continue communication and awareness: - be aware of what is

happening in the cloud commituity and with your CSP – new systems, changes

(14)

Increasing Awareness

• Increasing awareness of privacy risks in using cloud systems will provide users with a better insight into the environment they are considering using to store their personal and sensitive date before a final decision is made.

• Do researchers have a role in this?

• Providers will only tell you what you ‘want to hear’ unless you ask them

(15)

Increase Awareness

• There is the possibility that increase risk of privacy and security attacks will undermine the success of cloud

• Will there ever be a regulatory framework be developed? - European Cloud Partnership

• Data safety, encryption and segregation be enforced

(16)

Further Support/Advice – Agile Office

Project

http://www.it-futures.com/agile/

• facilitate the collaboration between the University of

Wolverhampton and SME’s within the West Midlands region and to provide them with the opportunity to learn about these latest technologies through access to specialised consultants and a state

of the art demonstrator centre.

• The project can provide a free 2 day consultancy* to companies who may be looking to adopt these technologies and along with a tour of the demonstrator centre where visitors will have the opportunity to use

References

Download now ( PDF - 16 Page - 530.40 KB )

Related documents

Operating Instructions

bath Insulation heating elements time-symbol delay-symbol (delayed switch-on) hold-symbol (hold time) alarm-symbol SET key monitor temperature indication temperature

City of Los Angeles California

The amount of density of access points to provide adequate coverage for both personal computers, laptops and mobile devices at that time was estimated at 30 access points per

Ethics and Epistemic Hopelessness

Though there is no noteworthy pattern of moral pressure in favor of regarding particular people as epistemically hopeless, there is a noteworthy family of cases in

STETSON HATTER INVITATIONAL CROSS COUNTRY OCTOBER 14,2005 SPERLING COMPLEX-DELAND,FLORIDA

STETSON HATTER INVITATIONAL CROSS COUNTRY OCTOBER 14,2005 SPERLING COMPLEX-DELAND,FLORIDA. TEAM RESULTS ALL

L1 (PROJECT MANAGEMENT FRAMEWORK)

 Project are divided into phases to provide better management control with appropriate links to the ongoing operations of the performing organization.. 

Introduction. Welcome to the Orthopaedic Outpatients Department at the Hartshill Orthopaedic and Surgical Unit.

It is our normal level of care to discharge you back to your own home as soon as it is reasonable to do so, usually 3 days after surgery and to provide you with the support you

Measuring Consumer Preferences for Sales Promotion Schemes through Conjoint Design in FMCG Sector

[r]

Ecological Urbanism | Design Strategies for Bridging the Social Gap in Kolkata

one of the most important cultural centers in country, exemplifies many issues that are related to overpopulation, weak enforcement of planning regulations, informal housing,