Tuesday, May 5, 2020
Security Step and Control for Securing Hybrid Cloud - Free Samples
Question: What Security Step and Control for Securing Hybrid Cloud? Answer: Introduction At present, information security is one of the important factors to an organization in order to protect information as well as conduct their business. Present report deals with the cloud architectures employed in SoftArc Engineering. Risks in hybrid cloud strategy and security steps to control and secure hybrid cloud are discussed in the present report. Moreover, requirements for remote server administration and steps to migrate from SQL server 2012 database to AWS cloud along with critical issues involved with migration are explained in the report. Cloud architectures to help SoftArc Engineering Rittinghouse and Ransome (2016) stated that cloud computing architecture is referred as one of the vital elements as well as sub elements needed for cloud computing. The elements include a front end platform like fat client, mobile device and thin client. In addition, back end platforms such as servers, storage and cloud strategy as well as network like internet and inter-cloud are included in cloud architecture. There are different types of cloud architectures such as software as a service, development as a service, data as a service and platform as a service as well as infrastructure as a service. Neary and Shaw (2015) mentioned that the software a service model includes cloud provider by installing as well as maintaining software in cloud as well as users running software from the client of cloud over internet. The client machine of user needs any need of installation of application specific software in the organization. On the other hand, development as a service is web based and community shared development tools that are equivalent to the locally installed tools for development in non-cloud delivery for development tools (Dsouza, Ahn Taguinod, 2014). On the other hand, platform as a service is one of the cloud computing services that provide users application platforms as well as databases as service. On the other hand, infrastructure as a service has physical hardware and virtual servers as well as networks along with system management for the organization. On the other hand, AWS Architecture Center has been designed in order to provide essential guidance as well as appl ication architecture to have the best practices for using AWS cloud. Reasons for deploying cloud architecture Almorsy, Grundy and Mller (2016) mentioned that there are several cloud architecture are available that provides supports and benefits to the organization. For examples, infrastructure as a service runs on virtual servers, networks and storage from cloud. It helps SoftArc Engineering to mitigate data center and maintain hardware at local level. On the other hand, platform as a service is helpful for providing a platform that is compatible for multi language. In addition, Data as a service is considered as specialized subset of software as a service (Michalas, Paladi Gehrmann, 2014). On contrary, software as a service architecture is helpful for an organization for fulfilling common approaches like single instance, multi instance, and multi-tenant and flex tenancy. However, adoption of AWS architecture is highly scalable as well as reliable applications in AWS cloud. The resources help to understand AWS platform along with its services and architectures (Zureik Salter, 2013). In addition, the services as well as feature provide architectural guidance in order to design and implement system of SoftArc Engineering for designing as well as implementing the system that can run on AWS infrastructure. Benefits and issues of the architectures Ferris (2015) commented that deploying infrastructure as a service can be beneficial for the organization. SoftArc Engineering can upgrade the software with its own responsibility. Maintenance as well as upgrades of tools and database systems along with underlying infrastructure is included in the responsibility of the organization. On the other hand, the architecture can allow the pricing models that can be used in the organization (Islam et al. 2016). It also allows utilizing sophisticated development software. However, as the organization is only responsible for upgrade and maintenance of tool and database system, this is considered as disadvantage for the organization. Moreover, there are various legal reasons that may preclude the utilization off-premise data storage. Risks in Hybrid Cloud Strategy Hybrid cloud structure is becoming the biggest trend of present decade. As per the report published by RightScale 2015, there are 82 % of the surveyed organizations are running hybrid surveyed organizations that are running hybrid cloud strategy (Boutaba, Zhang Zhani, 2013). However, several risks are involved with adopting hybrid cloud strategy. Loss of control is one of the major risks involved with adopting hybrid cloud strategy in the organization. Applications change and upgrade the sudden software update. In addition, inherent risks and security are concerned for adoption of the strategy. There are few security challenges faced by the organization, which can deploy hybrid cloud strategy. It Includes security management as well as poorly constructed service level agreements. Hence, managing the kinds of deployment is complicated for the organization. On contrary, compliance is a challenge for the organization for adopting hybrid cloud strategy in SoftArc Engineering. This is an issue crucial for ensuring data travelling between private as well as public environment. Security steps and controls for securing Hybrid Cloud As stated by Warner and Afifi (2014), deploying hybrid cloud in the organization generates security issues in SoftArc Engineering. Hence, it is important to take security steps that can be able to minimize the security issues and enable control over the hybrid cloud. Lack of skills: The security team of SoftArc Engineering has lack of strong cloud computing skill. Hence, it is required to fulfill the gaps. In addition, they need to follow the steps according to the guidelines of cyber security professional. Cloud automation and orchestration: The particular techniques are considered as antithetical to the security. Cloud computing has tendency to go hand-in-hand with the agile development and DevOps orchestration (Feng Harwood, 2015). On the other hand, the step is designed in order to accelerate delivery of application and maximizing the performance of design rather than give enough security protection along with oversight. Non alignment with platforms of cloud: The traditional security needs to monitor and control aligned with SDDC as well as cloud (Andersson, 2016). The controls are designed for residing on the networks as well as servers in order to investigate packets ad identify anomalous activities along with blocking actions based upon the set of rules. Recommendation to SoftArc Engineerings BCP It is important to provide recommendations for SoftArc Engineering. Some steps need to be taken by the organization. Hybrid cloud security issue like lack of data redundancy needs to overcome by the organization. The private cloud providers give important resources in order to ensure the infrastructure available as well as accessible during requirements (Bigo, 2016). Hence, it is required to take appropriate actions that can be helpful to overcome the issue. Compliance is one of the major issues faced by the organization. Therefore, maintaining and demonstrating compliance need to be effective and make easy in the organization. Demonstrating internal systems and cloud provider are required to be compliant with the Payment Card Data Security Standard. Scheel and Ratfisch (2014) stated that poorly construction of SLAs need to be overcome by the organization. Detailed service level agreement can be live up with same SLA. The organization needs to be more focused on risk management process. Information security is one of the managing risks included in the recommendation plan for the organization. Moreover, complicated network configuration needs to be simplified with minimizing the threats responsible for risks in the organization. Requirements for remote server administration It is important to have adequate information regarding adoption of remote server administration. The Remote Server Administration Tools pack is one of the features that are available in Windows Server 2008. It enables the remote management of the Windows Server 2008 of SoftArc Engineering from computer running server Windows Server 2008. The management tools include Windows Server 2008 R2 (Barthel Isendahl, 2013). In addition, Remote Sever Administration Tools are default secured. The configuration opens the ports as well as enables the services needed for remote management. Active Directory Certificate Service Tools includes the Certification Authority, templates of certificate and online responder management snap-ins (Considine et al. 2015). In addition, Active Directory Domain Services are required for remote server administration process of SoftArc Engineering. On the other hand, Active Directory Domains and Trusts and Directory Administrative Center along with Server for NIS to ols as well as Active Directory Windows PowerShell are required for this process (Hashizume et al. 2013). In addition, Active Directory Rights for Management Services is one of the major requirements for remote server administration. Moreover, DHCP Server Tools, Fax Server Tools, File Service Tools and Hyper V Tools are included in the requirements for Remote Server Administration along with Windows Deployment Service Tools. Steps for moving SQL server database to AWS service Haikney, Mullen and Walker (2016) stated that Amazon RDS is one of the major web services, which offers cloud database functionalities for the developers to have cost-effective as well as simple way in order to manage databases. There are several steps to move from SQL server database to AWS service that can be followed as listed. At first, it is required to takea snapshot of the sources of RDSinstance. After that, disabling the automatic backups on origin of RDS instance is required for the migration. Creation of the targetdatabase through disabling each of the foreign key constraints as well as triggers is required to do at third stage. After that, importing all logins into the specific destination database is needed to achieve. Geiger (2016) asserted that the next step is creation of schema DDL with generating as well as publishing Scripts Wizard in the SSMS. After completing fifth stage, execution of SQL commands on the target databasein order to create schema is required in the migration step. Using bulk copy command as well as Importing or exporting the Wizard in SSMS for migration of data from origin database to the target database is achieved in the step. Cleaning up the target database through re-enabling foreign key constraints as well as triggers are achieved in the eighth step. After the step, it is required to re-enable automatic backups on source of RDS instance is needed to achieve for migration. Critical points and issues in the steps of migration It is important to identify the issues for migration plan. SoftArc Engineering may face issues in instance selection procedure and instances of provisioning elastic compute cloud. In addition, type of storage required for migration may be the issue for staffs of SoftArc Engineering. In addition, admin can rapidly remediate the problems of imperfect provisioning utilizing the capacity of AWS along with toolsets is the major issues and points might be faced by the organization. On the other hand, networking error can bring the procedure of migration as well as user access procedure to halt (Yang, Wei, 2013). Moreover, it is required to identify the performance issues and carrying financial impact. However, it is not easy to adopt the function and steps for migration plan. On the other hand, Texas based clear measurement is one of the main critical points needs to be overcome by the organization in order to get expected outcome as well as fulfill its organization target. Conclusion From the above discussion it concludes that, security management and migration acts a vital role for an organization in order to safely restore its database and backups. Moreover, information security is protection of information as well as system used by the organization. Information security can perform for secured migration of an organization. Hence, migrating to AWS database would be helpful for the organization as it has several advantages over SQL databases. In addition, it is important to find the factors responsible for generating risks in the organization. Proper following of migration steps and recommendation for overcoming the risks would be helpful for the organization in order to successful migration to the service. References Almorsy, M., Grundy, J., Mller, I. (2016). An analysis of the cloud computing security problem.arXiv preprint arXiv:1609.01107. Andersson, R. (2016). Hardwiring the frontier? The politics of security technology in Europes fight against illegal migration.Security dialogue,47(1), 22-39. Barthel, S., Isendahl, C. (2013). Urban gardens, agriculture, and water management: Sources of resilience for long-term food security in cities.Ecological Economics,86, 224-234. Bigo, D. (2016). Frontiers of fear: immigration and insecurity in the United States and Europe. Boutaba, R., Zhang, Q., Zhani, M. F. (2013). Virtual machine migration in cloud computing environments: Benefits, challenges, and approaches.Communication Infrastructures for Cloud Computing, 383-408. Considine, J. F., Curtis, P. M., Dixit, S. G., Oliveira, F., Rousseau, J. R., Whitney, J. N. (2015).U.S. Patent No. 9,189,294. Washington, DC: U.S. Patent and Trademark Office. Dsouza, C., Ahn, G. J., Taguinod, M. (2014, August). Policy-driven security management for fog computing: Preliminary framework and a case study. InInformation Reuse and Integration (IRI), 2014 IEEE 15th International Conference on(pp. 16-23). IEEE. Feng, J., Harwood, A. (2015, May). BrowserCloud: A Personal Cloud for Browser Session Migration and Management. InProceedings of the 24th International Conference on World Wide Web(pp. 1491-1496). ACM. Ferris, J. M. (2015).U.S. Patent No. 9,052,939. Washington, DC: U.S. Patent and Trademark Office. Geiger, M. (2016). Identity Check: Smart Borders and Migration Management as Touchstones for EU-Readiness and-Belonging. InAn Anthology of Migration and Social Transformation(pp. 135-149). Springer International Publishing. Haikney, D., Mullen, S. P., Walker, J. W. (2016).U.S. Patent No. 9,251,349. Washington, DC: U.S. Patent and Trademark Office. Hashizume, K., Rosado, D. G., Fernndez-Medina, E., Fernandez, E. B. (2013). An analysis of security issues for cloud computing.Journal of Internet Services and Applications,4(1), 5. Islam, S., Fenz, S., Weippl, E., Kalloniatis, C. (2016). Migration Goals and Risk Management in Cloud Computing: A Review of State of the Art and Survey Results on Practitioners.International Journal of Secure Software Engineering (IJSSE),7(3), 44-73. Michalas, A., Paladi, N., Gehrmann, C. (2014, October). Security aspects of e-health systems migration to the cloud. Ine-Health Networking, Applications and Services (Healthcom), 2014 IEEE 16th International Conference on(pp. 212-218). IEEE. Neary, P. P., Shaw, T. B. (2015).U.S. Patent No. 9,104,461. Washington, DC: U.S. Patent and Trademark Office. Rittinghouse, J. W., Ransome, J. F. (2016).Cloud computing: implementation, management, and security. CRC press. Scheel, S., Ratfisch, P. (2014). Refugee protection meets migration management: UNHCR as a global police of populations.Journal of Ethnic and Migration Studies,40(6), 924-941. Warner, K., Afifi, T. (2014). Where the rain falls: Evidence from 8 countries on how vulnerable households use migration to manage the risk of rainfall variability and food insecurity.Climate and Development,6(1), 1-17. Yang, C. C., Wei, H. H. (2013). The effect of supply chain security management on security performance in container shipping operations.Supply Chain Management: An International Journal,18(1), 74-85. Zureik, E., Salter, M. (Eds.). (2013).Global surveillance and policing. Routledge
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.