Cloud Computing Essay

Federal organizations are moving their services to the cloud to minimize their software and infrastructure footprint and to save money, time, and resources. As cloud service providers (CSPs) are becoming prevalent, we must analyze the security of these services to ensure compliance with standards and laws that protect customers, citizens, and information. Therefore, this paper analyzes a new federal cloud compliance program called the Federal Risk and Authorization Management Program (FedRAMP). This paper also establishes that FedRAMP can indirectly aid federal government organizations to be compliant with the following laws: Health Insurance Portability and Accountability Act of 1996 (HIPAA); the Family Educational Rights and Privacy Act (FERPA); the International Traffic in Arms Regulations (ITAR); and the Payment Card Industry Data Security Standard (PCI DSS). This paper will briefly explain these four laws and cloud computing discussions regarding these laws. This paper will also explain FedRAMP and the way it can help federal organizations to be complaint with these laws.

Cloud computing has set a trend in the information technology arena that has sparked the interest of all who utilize the internet on purpose and unsuspectingly. Initially, the primary purpose of cloud computing was to provide a centralized data bank that organizations could use for quick data access. Its use has been quickly adapted, however, beyond business use to become the first option for personal use. The advantages and disadvantages of implementing such a shift from business to personal are varied, yet, statistically, according to the CISCO Global Cloud Index: Forecast and Methodology, 2014-2019 White Paper, its public use is on the rise. The report notes that “by 2019, 56 percent of the cloud workloads will be in public cloud data centers, up from 30 percent in 2014 and by 2019, 44 percent of the cloud workloads will be in private cloud data centers, down from 70 percent in 2014”. Though disadvantages with regard to data security is prominent, users have deemed that its implementation will still promote greater benefits than loss.

Usage of remote servers via internet to store, manage and process data instead of using a personal computer is known as Cloud computing. It’s a set of Information Technology services with the ability to scale up or down their service requirements. Most of the cloud services are provided by a third party service provider. In cloud computing, organizations can utilize IT services without in advance investment. Despite its benefits obtained from the cloud computing, the organizations are slow in accepting it due to security issues and challenges. Security is one of the major problems which hinder the growth of cloud. It’s not wise to handing over the important data to another company; such that clients need to be vigilant in understanding the risks of data infringement in this new environment. This paper discusses a detailed analysis of the cloud computing security issues and challenges. (Ayoleke)

Therefore, while moving to any kind of cloud solution, it is imperative to work with experienced SaaS vendors, who can set up the authentication processes and the security firewalls. All clouds should provide data encryption. Even public clouds should provide certain levels of data

Cloud computing is the service in the internet which can be accessible with web browser. The most of the business nowadays shifted toward the cloud computing which will decreased the overload data store problem and increased the security. Cloud computing cut the cost of the business and will increase the efficiencies. In the recent years there is the significant transitions in the business by the use of the cloud computing from desktop based to the software as a service (SaaS). There are many benefits from using the cloud computing in the business but there is always serval question arise regarding the legal practitioners and security when we compared it with the traditional way.

The majority of us have been found out about the most cloud security disappointments in which all the cloud innovation organizations are kept on developing, despite everything they endure a similar kind of issues in-house infrastructure's. Distributed computing has turned into a greatest market in the present innovation. In a report of 2016, experts at Gartner anticipated that exchanging to cloud will influence $1 Trillion in Information innovation in the following five years. Cloud administrations showcase has developed to a degree level that it was not a striking level of aggregate it is spending, which was creating new innovations and new businesses which are conceived in the cloud. At the point when cloud administrations are going

The public cloud is a deployment model where cloud services are provided over a public network, such as the internet, by a third-party provider. Examples of public cloud services include Dropbox, Gmail and Twitter. By definition, most SaaS applications operate under the public cloud deployment model. One of the primary advantages of public cloud is its attractive pricing model. The organisation is typically charged a subscription fee for access to the cloud services, paying only for the number of users required, this removes the need for business to manage software licences (Savvas [Online], 2014). However, security conscious organisations requiring a SaaS solution may opt for a private cloud segregated from public networks. There are obvious security concerns involved in exposing a SaaS application to a public network. However, there are concrete steps an organisation can take to reduce the risk incurred with public cloud deployments. Many public cloud SaaS providers offer two-factor authentication, requiring an additional level of verification before the user’s credentials are accepted. This is typically achieved using an authentication code in the form of a text message sent to the user’s registered mobile number. Furthermore, organisations should develop and maintain a culture of cyber security, enforce best practices such as creating strong passwords and training staff in phishing awareness.

The first scenario that will be examined is looking at Cloud Computing from the perspective of security. Many small and medium sized businesses utilize the internet and Cloud Computing to conduct business and transfer money from system to system as well as report on financial accounting data. With that being the case, it is crucial that whatever system the business is working with pays very close attention to security needs to ensure that this data is protected from unauthorized sources viewing or manipulating it.

The public cloud is a deployment model where cloud services are provided over a public network, such as the internet, by a third-party provider. Examples of public cloud services include Dropbox, Gmail and Twitter. By definition, most SaaS applications operate under the public cloud deployment model. One of the primary advantages of public cloud is its attractive pricing model. The organisation is typically charged a subscription fee for access to the cloud services, paying only for the number of users required, this removes the need for business to manage software licences (Savvas [Online], 2014). However, security conscious organisations requiring a SaaS solution may opt for a private cloud segregated from public networks. There are obvious security concerns involved in exposing a SaaS application to a public network. However, there are concrete steps an organisation can take to reduce the risk incurred with public cloud deployments. Many public cloud SaaS providers offer two-factor authentication, requiring an additional level of verification before the user’s credentials are accepted. This is typically achieved using an authentication code in the form of a text message sent to the user’s registered mobile number. Furthermore, organisations should develop and maintain a culture of cyber security, enforce best practices such as creating strong passwords and training staff in phishing awareness.

With knowing the need for better delivery models for the customers, the success of implementing a cloud computing environment depends on the existence of a service-oriented architecture at the level of the institution that offers the necessary infrastructure for cloud implementation (Choubey, Rajnish, Dubey, and Bhattacharjee, 2011). In developing cloud computing strategy and infrastructure, it is important to keep security in mind. There must be understanding as to which delivery models are appropriate based on security and trust requirements within the connecting systems. By assessing the security requirements for banking industries such as: governance, architecture, applications, and assurance are needed to develop the cloud computing framework and is an important consideration in this research (Erl, Puttini, &

To understand the public cloud computing environment that is being offered by the cloud providers. The responsibilities of an organization and the cloud providers vary depending on the service model. Any organization should understand and organize the process of consuming the cloud services and also keep an eye on the delineation responsibilities over the computing environment and implicate security and privacy. Assurances or certification and compliance review entity paid by the cloud providers to support security or privacy should be well verified time to time by organization through independent

We assume that the public cloud infrastructure provides proper security and data backup solutions with a Service Level Agreement (SLA) and mechanisms to fairly share its virtual resources among all its running VMs. The last few years have witnessed the emergence of cloud computing as a rapid, limitlessly scalable, and cost-efficient alternative in contrast to the in-house data centers. The IaaS model delegates more control to the customers over the provisioned resources. Hosting Internet applications in the IaaS environment is an efficient way to start a new and a sustainable business that expands the IT infrastructure gradually with the business growth.

When approaching a cloud agreement, the customer’s mindset should be to protect oneself, but it is more easily

The main purpose of this paper is to research requirements for a Cloud Computing Security Policy and to develop a draft policy for the non-profit organization, SNPO-MC which will provide guidance to managers, executives, and cloud computing service providers.

Representatives of most IT companies, particularly call centers, use cloud computing software to allow connectivity and sharing of resources in company data centers (Beverakis, Dick, & Cecez-Kecmanovic, 2009). Cloud computing software is an advanced tool used in outsourcing, particularly for communications, because of the capacity to collect and access massive amounts of data. This software is commonly operated in a data center, which allows access to associated data in a variety of ways (Anthes, 2010). Because most call centers operate using cloud computing, third-party IT contracting security is a primary concern (Anthes, 2010; Gatewood, 2009).