Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Published byPeregrine Dean Modified over 8 years ago

Similar presentations

Presentation on theme: "Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science."— Presentation transcript:

1 Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science

2 Outline Introduction Cloud diagram Types of Clouds Benefits of Clouds Security Issues of the Cloud Cloud data center Security Cloud security control Can cloud computing be secure?

3 Introduction Cloud Computing is an extreme form of outsourcing delivering hosted services via the internet. The Cloud acts as a virtual server that users can access via the internet on an as needed basis. Cloud Computing includes any subscription-based or pay-per-use service extending IT capabilities and allowing users to access stored information remotely.

4 Cloud diagram

5 Types of Clouds Public cloud  Sells services to anyone on the internet o Currently Amazon Web Services is the largest public cloud provider Private cloud  A proprietary network or a data center that supplies hosted services to a limited number of people

6 Public Cloud VS Private Cloud

7 Benefits of Cloud Computing Reduced costs  Provider saves money due to economies of scale  Resources are contracted and the cost is predictable, simplifies budgeting Safer data  High level of physical protection  Cloud providers use redundancy  Anytime/Anywhere data access  Give the customers contract access requirements Increased storage capacity  Easy to upgrade when needed Worry-free maintenance  Always have the latest and most security technology

8 Security Issues of Cloud Computing Location  Where the data is actually stored Data segregation  How vendors keep a certain degree of separation between one customers data and another's Recoverability  How quickly and effectively can information be recovered after a large disaster Hacking  This is the most daunting issue for most users, what if someone hacks into my information and shares it with the world?

9 Security in Cloud Data Centers The data center you choose should offer some protection measures:  Physical Security  Logical Security

10 Physical Security Redundant power supplies  Backup power supplies needed Redundant Internet connections  Several internet connections should run in the same time Redundant hardware  Multiple hard drives should be prepared Fire and flood  Data should be replicated in multiple locations Theft  Servers should not be easily accessible

11 Logical Security Logical Security covers the software side of the data center o Firewalls  Act as an electronic barrier between the data center & internet o Anti-virus detection software  Detect and remove any viruses o Data encryption software  Encrypts data as travels between firm and data center o Administrative controls  Govern access to application and data o Security audits  Conduct regular third party intrusion detection audit

12 Cloud security controls Deterrent controls  Honeypot/net used to attract and monitor hackers.  Tracking users Preventative controls  Implement Best practices:  Install OS and Application updates regularly  Physical security, CCTV, logging, automated alerts, etc  Firewalls, encryption, multi-level authentication

13 Cloud security controls Corrective controls  Disabling compromised open ports  IP and MAC filtering Detective controls  Snort  Tripwire  Logging and alert systems

14 Can cloud computing be secure? Summary: ways to reduce risk and protect data  Logging all network and system activity  Automated alerts when baseline parameters are outside the accepted range  Deploy IDS tools like Tripwire & Snort  Implement and maintain an effective network firewall  Implement a sophisticated access control model like RBAC (Role Based Access Controls)  Implement best practices for updates to the OS and all other applications

15 Can cloud computing be secure? Summary: ways to reduce risk and protect data  Disable/decommission outdated, unused software and hardware  Security awareness Training for employees: helpdesk staff, SAs, management, support staff, contractors, consultants, etc.  Require an AUP for all system users before granting access  Provide an SLA to all customers describing security expectations.  Backup & Restore capability

16 Question?

Download ppt "Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.

Pros and Cons of Cloud Computing Professor Kam-Fai Wong Faculty of Engineering The Chinese University of Hong Kong.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Project Management Methodology Procurement management.

Project Management Methodology Procurement management.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
Separate Domains of IT Infrastructure

Separate Domains of IT Infrastructure
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.
Network Security Overview Tales from the trenches.

Network Security Overview Tales from the trenches.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Factors to be taken into account when designing ICT Security Policies

Factors to be taken into account when designing ICT Security Policies
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.

Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.

University of Missouri System 1 Security – Defending your Customers from Themselves StateNets Annual Meeting February, 2004.
Open Cloud Sunil Kumar Balaganchi Thammaiah Internet and Web Systems 2, Spring 2012 Department of Computer Science University of Massachusetts Lowell.

Open Cloud Sunil Kumar Balaganchi Thammaiah Internet and Web Systems 2, Spring 2012 Department of Computer Science University of Massachusetts Lowell.

Similar presentations

Ads by Google