1.Do some Internet research to identify businesses who have suffered because of cloud security weaknesses or failures. What can companies who are contemplating cloud computing services learn from the negative experiences of these businesses?
The internet is full of examples of businesses who have suffered because of cloud security weaknesses or failures. Readers can find a short list with nine major cloud computing outages on InformationWeek in a top published by Andrew Froehlich (2015). All nine breakdowns had two things in common: great financial losXXX XXX a XXXXX PR challenge XXXXX. XXXXXXXXX contemplating cloud XXXXXXXXX XXXXXXXX should XXXXX that like any other business operation, XXXXXXXX can XXXXXX. XX XXXX failures XXXXXX, XXX companies XXXXXX already have a "damage XXXXXXX" XXX "XXXX XXXXXXXXXXXX" XXXXXXXXX XXXXXXXX. This XXXXXXXXX should include the XX strategy XXXX for addressing XXX concerned business XXXXXXXX (XXXXXXXXXX XXX customers) XXX XXX backup XXXX XXXX XX temporary re-XXXXXXXXX XXX services XX least XXXXXXXXX. In practice, XXXXXXXXX XXXXXX periodically XXXXXXXX an XXXXXX XXX XXXX how everyone XXXXXXXX. When XXXXXXXXX XXX XXXXX service XXXXXXXX, XXX companies should XXXXXX one that is XXXXXXX of providing XXX XXXXXXXX measures XXXXXXXXXXX by XXXX. XXX basic XXXXXXXX measures should XX data XXXXXXXXXX, XXXXXXXXXXX redundancy mechanisms, and a XXXXXX XXXX XXXXXXXXXXXXXX process. Also, XXX organizations should XXXXXXXX XXXX on many XXXXXXXXX, the XXXXX XXXXXXXX are XXXXXXXXXX among many providers. XXX main provider could XXXXX XXX XXXXXXXX interface, XXXXXXX would ensure the security XXXXXXX while XXXXX could provide XXX XXXXXXX space. Each XXXXXXXX XXXXXX either have strong customer reviews or well-known XXXXXXXX XXXXXXXXX implemented.
X. Do some XXXXXXXX XXXXXXXX XX security mechanisms XXXXXXXXXX XXXX virtualization. How can XXXXXXXXXXXXXX be used XX XXXXX service XXXXXXXXX XX protect XXXXXXXXXX XXXX?
XXX security XXXXX XXXXXXXXXX XXXX XXXXXXXXXXXXXX can XX classified XXXX XXXXX XXXX categories: XXXXXXXXXXXXX, XXXXXXXXXX software and configuration (XXXXX Security Alliance, XXXX). The virtualization services depend on XXXX XXXXXXXXX. The XXXXXXXXXXXXX XXXXXXXXX XX XXX link between the XXXXXXXX XXX the XXXXXXXXXXX systems. XXX hypervisor XX XXX master XXXXXXXX program XXXXXXX the XXXXXXXXXXXXXX process XXX applications. XXX configuration is XXX design XX XXX virtualized applications. Cloud XXXXXXX XXXXXXXXX XXX XXX virtualization to protect subscriber data by XXXXXXXXXX XXX data available at XXX XXXXX of access, develop XXXXXXXX to restrict XXXX&XXXXX data access XXX XXXXXX XXX XXXXXXXXX. XXXXXXXXXX XXX XXXX XX also an effective XXX. A permanent XXXXXXXXXX system should XXXXXXX an XXXXX XXXXX so that every user accessing the data will leave permanent XXXXXX. In XXXXXXXX, XXXXX XXXXXXXXX XXX XXX XXXXXXXXXXXXXX to XXXXXXX XXX XXXXXXXX XXXX XXX assign multiple virtual XXXXXXXX on XXX XXXX XXXXXXXX hardware. XXX multiple XXXXXX XX XXXXXXX XXXXXXXX (XXXXXX by XXX hypervisor) XXXX XXXX a security XXXXXX almost impossible. XXXXXXX XXXX XX XX create a dedicated XXXXXXX XXXXXXXXXXX XXX every customer or XXXXXXX, XXXXXXXX with XXX security measures mentioned XXXXX.
X. Choose XXX of XXX following XXXXX services XXXXXXXXXX: XXXX, IaaS, XXXX. XX XXXX Internet research XXXX focuses the security issues associated XXXX XXX XXXXXXXX cloud service category. XXXXXXXXX the XXXXX XXXXXXXX risks associated with the XXXXX service XXXXXXXX XXX XXXXXXXX mechanisms XXXX XXX be used XX XXXXXXX these XXXXX.
XXXX services are XXXXXXXXXX to XXX (XXXXXX of service attacks), XXXX a XXXXXXXXX for “fast XXXX” hacking XXXXXX (XXXXXXXXXX). Also, XXX XXXXXXXXX XXX become “captive” to one major supplier: For example Google Play XXXXXXXX for XXXXXXX. Saas providers XXX not XXXXXX transparent about the XXXX location, ownership, and XXXX XXXXXXXXXX XXXXXXXX. XX XXXXXXXX, XXXX XXXXXXXXX use XXX XXXX tools and applications XXX XXXX customer XXX to XXXX XXXXXXX. As a XXXXXXXXXXX, a XXXXXXXX XXXXXX for one component XXX one customer XXX XXXXXX XX XXX XXXXXXXXX XXXXX the XXXX XXXXXXX.The best XXXXXXXX for XXXXX security threats XXXXX XX a single XXXXXXXX XXXXXXXX. All XXXXX XXXXXXXXX XXXXXX offer a basic XXXXX of XXXXXXXXXX XXX security measures XXX everyone. In detail, XXXX providers could expand XXX XXXXXXXX of virtualization by XXXXXXXX duplicate XXXXXXXXXXXX for each customer or XXXXX of customers. XXXX customer should XXXX XXXXX XXX how the XXXX XX XXXXXX.
References:
Cloud XXXXXXXX Alliance, (XXXX),XXXX Practices for Mitigating Risks in XXXXXXXXXXX XXXXXXXXXXXX,XXXXXXXXX XXXX XXXXXXXXX.XXXXXXXXXXXXXXXXXXXXX.XXX/XXXXXXXXXXX/Best_Practices_for%XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-X-15_GLM5.pdf
XXXXXXXXX A. (XXXX), Nine Spectacular XXXXX Computing Fails, XXXXXXXXX XX July 15, XXXX, in InformationWeek XXX retrieved XXXX XXXXXXXXXXXXXXX.XXX/XXXXX/X-XXXXXXXXXXX-cloud-XXXXXXXXX-XXXXX
XXXXXXXXXX,Cloud XXXXXXXX: Evaluating Risks XXXXXX IAAS/XXXX/XXXX,retrieved XXXX http://XXX.XXXXXXXXX.com/XXXXXXXXXXXXXX/downloads/XXXXXXXXXXXXXXXXX%20Security-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.pdf
">