Wednesday, December 11, 2019
IT Risk Assessment for Cloud Computing at Aztec
Question: Discuss about theIT Risk Assessment for Cloud Computing at Aztec. Answer: Introduction The cloud computing has been clarified as the web based virtual stockpiling for the data and information. The technology has been useful for advancement in numerous associations. The essential advantage for utilization of cloud computing incorporates the advancement of the remote organization of the data. The cloud computing is the web based implicit stockpiling for the data and information and the technology is useful for advancement of numerous associations (Agudelo et al., 2016). The essential advantage for the utilization of distributed computing incorporates the advancement of the remote organization of the data and information. The distributed computing gives the advantage of conveying speedier information gets to and bolster for the business association. According to Garcia et al. (2014), the advancement of the distributed computing had additionally given the expanding of hazard elements and their effect on the improvement of operations at Aztec. The cloud relocation can bring about diminishing the expert and verification of information and data. The report has been made on the examination of hazard elements that the business association has been confronting subsequent to actualizing the cloud framework. The relocation of cloud at Aztec has started for enhancing the operations of business association. The accompanying report has evaluated the audit of project for moving the present database to cloud by Aztec. The hazard and dangers appraisal had given a diagram of the different sorts of hazard and dangers that the association needs to confront for relocating to the cloud benefit. The suggestions for the hazard evaluation comprise of hazard alleviation techniques for Aztec. and information. The distributed computing gives the advantage of conveying speedier information gets to and bolster for the business association. The advancement of the distributed computing had additionally given the expanding of hazard elements and their effect on the improvement of operations at Aztec. The cloud relocation can bring about diminishing th e expert and verification of information and data. Project Review for Finance Services Cloud computing gives the most reasonable advantage of information fetching and administration for business associations (Bello, 2015). The utilization of distributed computing has helped in encouraging the speedier information exchange and adaptable stockpiling. In any case, the specialized prerequisites of the distributed computing have made it evitable for a few issues and imperfections. Business associations like Aztec have utilized the distributed computing for enhancing their operations. It has brought about some budgetary issues like administration of records information, legitimate commitments, and vital hazard (He et al., 2015). These hazard variables have serious effect on the improvement of secured data preparing and exchange for the business association. Operational advantages and control: The money related information and value-based data like record holder name, individual data, deals amount, sums got, and rebate attained (Pahl, 2015). This information is extremely urgent for any business association. The business associations keep the data protected from any outside invasion and infiltration. The improvement and ramifications for cloud computing in Aztec could help in keeping the data storage in the cloud system in terms of remote area access. The cloud computing framework gives the simplicity of information processing from wherever. In special case, the plan and structure of the distributed computing framework is subject to the specialized techniques utilized for building the framework (Brodin et al., 2015). The cloud seller is likewise in control of the information put away over the cloud organizing. The information and data can be adjusted or analyzed from the wellspring of cloud seller. Specialized Risk: The different programmers and digital offenders can utilize the created innovation for hacking and exploiting the system arrangement of Aztec. The information stolen about the exchanges and bank synopsis of Aztec can be utilized for hurting the organization monetarily. These assaults have affected the organization's economy as the organization may lose their potential customers because of abuse of the stolen information (Chance Brooks, 2015). It would bring about diminishing the conviction of the operations incorporated into the cloud framework operations. The specialized blunders and configuration blemishes of the framework have brought about decreasing information get to effectiveness and obstruct the procedure of information stream (Cole et al., 2013). Aztec would need to manage the issue of process end and it would bring about conveying monetary misfortune to the organization. System Risk: The procedure chance for the distributed computing comprise of disappointments of the executing procedure. The sending of cloud can be founded on three sorts of utilization and they are data, stage, and programming (Ghosh et al., 2013). Aztec can choose any one from the three administrations. Be that as it may, because of disappointment in suggestion, the cloud administration would not have the capacity to work legitimately. The wrong choice of the administration would likewise bring about deferring the administrations that would bring about diminishing the income of the association. Henceforth the venture of relocating to cloud benefit must be finished with legitimate care and assessment of above said issues. The distributed computing gives boundless usefulness to the information put away and it can be scaled up or down according to prerequisites. Project Review for Security The project of relocation of the information to cloud administrations would give the advantage of adaptable security capacities, distinctive need of data, time powerful, and asset focus (Keyes, 2013). It would upgrade the control over the information and give the advantage of speedier information get to and alteration. The advantages of cloud relocation for Aztec have been clarified underneath, Versatile security works: The security capacities and procedures of the distributed computing have been useful for giving the advantage of the adaptability for the operations of business association (Lobelo et al., 2016). The adaptable security capacities would be useful for giving the simplicity of operations with secured information exchange. The security capacities would help in shaping the restricted access to the information and data put away over the distributed storage. The capacity of the distributed computing for Aztec is versatile and can give the security to every one of the information put away in the cloud organize. Aztec could consider the improvement of the noticeable security capacities at the business association. Priority matrix of the security risks: The cloud computing technology had been helpful for providing the benefit of the wireless data access (Mitrovic et al., 2014). However, the wireless data access has resulted in security risks and threats. The risk prioritization has helped in systematically classifying the risk in terms of the affect. The security has not been limited to the development of the cloud computing technology. The classification of the risk in terms of their impact would help in making more effective system development and rollout. Time efficient: The cloud computing had been helpful for providing the effective performance of operations. The complete deliverance of the system results in increasing the timely effective operations (Mohsir et al., 2014). The time consumed for processing the data and information is reduced and it provides the organizations with the benefit of the faster operations and better outcomes. The organization utilizing the factors of the cloud computing deployment has focused on the enrollment for improved efficiency and better performance. Benefit of focus: The cloud computing is helpful for providing the benefits of systematic development and outstanding personification of data management process (Moyer, 2013). The use of cloud computing would help the managers and employees of Aztec to view the classified data in terms of needs. The cloud computing has also helped in focusing the development of concise operations and functions in Aztec. It would help in keeping the focus of the operations on the main goals and objectives of the organization. In any case, the distributed computing has brought a few issues and issues for information security and data protection for Aztec, for example, reliant on the merchant, hacking strategies accessible, and trade off of information. The issues are examined beneath, Reliability upon vendor: The most significant problem of the cloud computing deployment is the dependence on the cloud service provider (Niesen et al., 2016). The users of cloud computing has to depend on the vendor for the cloud services. The cloud service provision had been initiated and provided from the vendor. The complete access and modification of the cloud services are under the vendor. Hence, the entire access from the finish of cloud merchant would bring about security imperfections. The merchant end can be altered for adjusting or getting to the information of Aztec. Techniques for hacking: Computer programmers and digital hoodlums have established numerous courses for harming the cloud framework inadequate and moderate (Ogie, 2016). This extraction and adjustment of data and information by using unauthorized access has resulted in harming the organization severely. The various techniques of hacking include DoS, malware threat, and virus injection. These technologies can be used for compromising the system and security of the cloud database. Compromise of Information and data: The storage of the cloud system is wirelessly accessed (Rampini Viswanathan, 2016). The wireless access had made the cloud structure prone to several attacks and infiltration. Cloud computing had brought about trading off the information put away over the distributed computing structure (Sadgrove, 2016). Aztec would need to manage the information trade off and loss of client's data. The different advantages and issues of the distributed computing that has been expressed above are in charge of the blended responses of the general population for utilizing the distributed computing in the Aztec association. Risk and Threats Assessment in Developed System This segment manages a review of the effect of the danger of distributed computing movement and creating procedures for managing these hazard components (Samaras et al., 2014). The hazard alleviation techniques have been assessed by the utilization of quantitative information investigation and even minded research handle. Aztec would need to ensure that the information and data could be kept secured from penetration and dangers. Impact of Risks and Hazards at Aztec The improvement of innovation has brought about expanding the productivity of the distributed operations of cloud computing in business association (Sansurooh Williams, 2014). Be that as it may, a number of issues of cloud computing relocation at Aztec that have developed with the improvement of cloud computing. The two essential dangers of relocating to cloud benefits in Aztec are overall failure of control on information and reliability of the vendors of cloud services. The loss of control on information has been witnessed because of the execution of the distributed computing process (Seigneur et al., 2013). The information put away over the cloud can be gotten to from any area with earlier approval and confirmation. The cloud specialist co-op seller has the total access on the information and data put away over the cloud arrange. The different digital offenders are utilizing the entrance of the cloud seller for getting into the framework and separating data from that point. Absence of straightforwardness: The individuals utilizing the distributed computing administrations would need to manage the straightforwardness problem of the distributed computing framework (Song Lee, 2014). The cloud computing doesnt support the direct association of the project operations. The use of cloud computing requires formation of the system for wireless data transfer. The use of the cloud computing in Aztec would result in dividing the control of data among the users and the vendor. The direct storage and access is not possible in cloud computing technology. It is important for making the data storage in the cloud computing technology more sufficient and compatible for the data transfer. Affectability of information: The information put away in the distributed computing is helpful for getting to the information remotely from any source. The distributed storage is exceptionally touchy information stockpiling as there is no substantial type of security accessible to actualize any impediments. The web-based social networking locales and applications are inconspicuous for sharing the individual data, for example, private photographs (Spears San Nicolas-Rocc, 2016). The use of cloud computing is technologically incompatible for information processing under direct supervision. The wireless access has made the system prone to superficial information overlapping. The cloud computing can be wireless infiltrated for harming the authenticity and privacy of the information stored. Issues in enactment: The legal compliances and laws have been used for forming the security of cloud computing at Aztec (Tu et al., 2015). The digital storage of the information can be brought about to improve the performance of the operations. The use of the cloud computing would be helpful for providing the benefits of the system development and faster data processing. The issues in performance have been resulted due to the simpler issues of the performance (Sadiku et al., 2014). The delay in operations due to network error or any other problem has resulted in causing hindrance to the operations of the Aztec. The operations of the cloud computing would become sluggish and result in harming the business processes of the organization. Risk Mitigation Getting Ready for Distributed Computing in Aztec The hazard moderation systems comprises of making an arrangement and actualizing it for managing the reasons for hazard considers and limiting their impact on the procedures included. The arranging procedure of hazard moderation comprises of four procedures as shown in the diagram below Figure: Risk Mitigation Planning (Source: Brodin, 2015, pp-161) Risk Management: The risk management is the process of minimizing the factors of risk and deployment of the proper strategies for the risk mitigation (Yang et al., 2013). The risk mitigation consists of developing some ways and forming strategies for the management of the risk factors and their effect in cloud system deployment at Aztec. The risk mitigation incurred some policies and procedures for the deployment of planning process for the development of risk management in cloud computing process (Weeger Gewald, 2014). The risk planning consists of analyzing, planning, implementing, and evaluating processes. The process of analyzing consists of evaluating the risk factors and their impact on the cloud service deployment. It would help in narrowing the impact of the cloud computing for the business organizations. The second phase of planning consists of developing the plan for the risk mitigation (Sharma Santharam, 2013). In the process, the cloud computing deployment can be treate d with systematic tools and options for the development of the risk mitigation strategies. The deployment of the cloud computing can be eased with the implementation of the risk management process. According to Erl et al. (2013), the development of the cloud computing has been easily managed and maintained by the implementation of the risk mitigation strategies. Recommendations for Hazard Administration at Aztec The deployment of the risk mitigation planning can be used for dealing with the risk and threats to the cloud system migration. Some suggestions for the risk management has been given below: SLA agreement for cloud services: A strong specifying of the administration level understanding (SLA) in the agreement is critical on the grounds that the control comes completely from the inward IT and security groups. On the off chance that any foundation inaccessibilities, appropriated foreswearing of-administration (DDoS) assaults, vulnerabilities or other security episodes are not built up in the agreement, you won't have the capacity to legitimately avoid punishments and fines on account of a security occurrence. Vendor Security functions: The provider may not really need to advise the producer, but rather it must guarantee there are viewpoints, for example, firewall isolating situations (Internet, operation, card information, and so on), antivirus arrangements and interruption discovery arrangements. Authorization permission: It is essential to adjust to the supplier to permit access to the earth log. It is important to see the entire traceability administration of clients and get to profiles. This incorporates the creation, adjustment and avoidance of profiles and secret word changes notwithstanding enrolling who is playing out certain outrageous exchanges. Data Security Risks at Aztec The different information security dangers would bring about preventing the procedure of information spillage and abuse. The different information security dangers for Aztec cloud relocation venture are: Absence of protection of data because of outsider impediment: According to Lee and Still (2015), it is the most ruinous data wellbeing endeavors required inside the structure plan of the affiliation. Nonattendance of care among the agents causes the data theft or data manhandle by the untouchable inside the affiliation. The cloud computing has to face improper infiltration and unauthorized access. The wireless system and absence of scope for physical security options had resulted in bringing external access in the system. The deployment of the cloud computing had resulted in bringing the scope of network infiltration for extracting information from the system. The data stored in the network is prone to such infiltration and access. Dangers of helpless remote gadget: It is another risk factor that has to be considered for deploying the cloud computing as it brings about expanding the event of the cloud services inside the system outline of the affiliation (Lobelo et al., 2016). Versatile applications are to a great degree loaded with feeling for the definitive data. The developer viably gets to the data over the definitive framework in order to get the mystery information from the various leveled framework. The system implementation of the cloud has resulted in causing the dangers of the wireless unauthenticated intrusion in the cloud computing system. The use of the cloud computing has resulted in making accounts, data, and information at security risk. The remote access in the cloud computing network not only has helped the users, but also the hackers for getting access. They use cloud system and their errors for getting the access to infiltrate the information system. It would harm Aztec in terms of financial , commercial, and market growth. Challenges in following data: It is another basic risk that impacts the various leveled information security plan of Aztec (Mitrovic et al., 2014). Additionally, the use of cloud organizations and compact stockpiling of data are growing the data shortcoming inside the affiliation. The affiliation does not have any technique to track the legitimate characterized data inside it. The vast storage of the cloud system makes it extremely difficult for tracking the data and information. The deployment of the cloud system has helped in causing problems of the accessibility in case of system failure or network error. Hence, the information security at Aztec must be executed with appropriate arranging and security for managing the security dangers. Conclusion The cloud computing technology has been useful for advancement in numerous associations and it incorporates the advancement of the remote organization of the data. The cloud relocation can bring about diminishing the expert and verification of information and data. Cloud computing gives the most reasonable advantage of information fetching and administration for business associations. Some other features of cloud computing includes operational advantages and control, specialized risk, and system risk. The report has helped in developing some recommendations for the deployment of the risk mitigation planning can be used for dealing with the risk and threats to the cloud system migration. The use of a strong specifying of the administration level understanding (SLA) in the agreement had been critical on the grounds that the control comes completely from the inward IT and security groups. It had been mentioned in the report that the provider may not really need to advise the producer, b ut rather it must guarantee the security and functionality of the cloud vendor. It is essential to adjust to the supplier to permit access to the earth log. It is important to see the entire traceability administration of clients and get to profiles. References Agudelo, C. A., Bosua, R., Ahmad, A., Maynard, S. B. (2016). Understanding Knowledge Leakage BYOD (Bring Your Own Device): A Mobile Worker Perspective.arXiv preprint arXiv:1606.01450. Bello, A. G. (2015).A Framework for Investigating, Assessing, Understanding, and Controlling the Information Security and Privacy Risks in BYOD Environments. Bessis, J., O'Kelly, B. (2015).Risk management in banking. John Wiley Sons. Brodin, M. (2015). Combining ISMS with strategic management: The case of BYOD. In8th IADIS International Conference on Information Systems 2015, 1416 March, Madeira, Portugal(pp. 161-168). IADIS Press. Brodin, M., Rose, J., hlfeldt, R. M. (2015). Management issues for Bring Your Own Device. InEuropean, Mediterranean Middle Eastern Conference on Information Systems 2015 (EMCIS2015). Chance, D. M., Brooks, R. (2015).Introduction to derivatives and risk management. Cengage Learning. Cole, S., Gin, X., Tobacman, J., Topalova, P., Townsend, R., Vickery, J. (2013). Barriers to household risk management: Evidence from India.American Economic Journal: Applied Economics,5(1), 104-135. Erl, T., Puttini, R., Mahmood, Z. (2013).Cloud computing: concepts, technology, architecture. Pearson Education. Garca, A. G., Espert, I. B., Garca, V. H. (2014). SLA-driven dynamic cloud resource management.Future Generation Computer Systems,31, 1-11. Ghosh, A., Gajar, P. K., Rai, S. (2013). Bring your own device (BYOD): Security risks and mitigating strategies.Journal of Global Research in Computer Science,4(4), 62-70. He, P., Wang, P., Gao, J., Tang, B. (2015). City-Wide Smart Healthcare Appointment Systems Based on Cloud Data Virtualization PaaS.International Journal of Multimedia and Ubiquitous Engineering,10(2), 371-382. Keyes, J. (2013).Bring your own devices (BYOD) survival guide. CRC press. Lee, L., Still, J. D. (2015, August). Re-designing Permission Requirements to Encourage BYOD Policy Adherence. InInternational Conference on Human Aspects of Information Security, Privacy, and Trust(pp. 369-378). Springer International Publishing. Lobelo, F., Kelli, H. M., Tejedor, S. C., Pratt, M., McConnell, M. V., Martin, S. S., Welk, G. J. (2016). The Wild Wild West: A Framework to Integrate mHealth Software Applications and Wearables to Support Physical Activity Assessment, Counseling and Interventions for Cardiovascular Disease Risk Reduction.Progress in cardiovascular diseases,58(6), 584-594. Mitrovic, Z., Veljkovic, I., Whyte, G., Thompson, K. (2014, November). Introducing BYOD in an organisation: the risk and customer services view points. InThe 1st Namibia Customer Service Awards Conference(pp. 1-26). Morad, S. (2012). Amazon Virtual Private Cloud Connectivity Options.White Paper, October. Moshir, S., Moshir, K. K., Khanban, A. A., Mashatian, S. (2014).U.S. Patent Application No. 14/170,449. Moyer, J. E. (2013). Managing mobile devices in hospitals: A literature review of BYOD policies and usage.Journal of Hospital Librarianship,13(3), 197-208. Niesen, T., Houy, C., Fettke, P., Loos, P. (2016, January). Towards an Integrative Big Data Analysis Framework for Data-Driven Risk Management in Industry 4.0. In2016 49th Hawaii International Conference on System Sciences (HICSS)(pp. 5065-5074). IEEE. Ogie, R. (2016). Bring Your Own Device: An overview of risk assessment.IEEE Consumer Electronics Magazine,5(1), 114-119. Pahl, C. (2015). Containerisation and the PaaS cloud.IEEE Cloud Computing,2(3), 24-31. Rampini, A. A., Viswanathan, S. (2016).Household risk management(No. w22293). National Bureau of Economic Research. Sadgrove, K. (2016).The complete guide to business risk management. Routledge. Sadiku, M. N., Musa, S. M., Momoh, O. D. (2014). Cloud computing: opportunities and challenges.IEEE potentials,33(1), 34-36. Samaras, V., Daskapan, S., Ahmad, R., Ray, S. K. (2014, November). An enterprise security architecture for accessing SaaS cloud services with BYOD. InTelecommunication Networks and Applications Conference (ATNAC), 2014 Australasian(pp. 129-134). IEEE. Sansurooh, K., Williams, P. A. (2014). BYOD in ehealth: Herding cats and stable doors, or a catastrophe waiting to happen?. Seigneur, J. M., Klndorfer, P., Busch, M., Hochleitner, C. (2013). A Survey of Trust and Risk Metrics for a BYOD Mobile Worker World: Third International Conference on Social Eco-Informatics. Sharma, V. S., Santharam, A. (2013, December). Implementing a Resilient Application Architecture for State Management on a PaaS Cloud. InCloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on(Vol. 1, pp. 142-147). IEEE. Song, M., Lee, K. (2014). Proposal of MDM management framework for BYOD use of large companies.International Journal of Smart Home,8(1), 123-128. Spears, J. L., San Nicolas-Rocca, T. (2016, January). Information Security Capacity Building in Community-Based Organizations: Examining the Effects of Knowledge Transfer. In2016 49th Hawaii International Conference on System Sciences (HICSS)(pp. 4011-4020). IEEE. Tu, Z., Turel, O., Yuan, Y., Archer, N. (2015). Learning to cope with information security risks regarding mobile device loss or theft: An empirical examination.Information Management,52(4), 506-517. Verissimo, P., Bessani, A., Pasin, M. (2012, June). The TClouds architecture: Open and resilient cloud-of-clouds computing. InIEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN 2012)(pp. 1-6). IEEE. Vora, S. B. (2015). DATA BACKUP ON: CLOUD COMPUTING TECHNOLOGY IN DIGITAL LIBRARIES PERSPECTIVE.Journal of Global Research in Computer Science,5(12), 12-16. Webb, J., Ahmad, A., Maynard, S. B., Shanks, G. (2014). A situation awareness model for information security risk management.Computers security,44, 1-15. Weeger, A., Gewald, H. (2014). Factors Influencing Future Employees Decision-Making to Participate in a BYOD Program: Does Risk Matter?. Yang, T. A., Vlas, R., Yang, A., Vlas, C. (2013, September). Risk Management in the Era of BYOD: The Quintet of Technology Adoption, Controls, Liabilities, User Perception, and User Behavior. InSocial Computing (SocialCom), 2013 International Conference on(pp. 411-416). IEEE.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.