Security and Privacy Issues in Cloud Computing †MyAssignmenthelp

Question: Discuss about the Security and Privacy Issues in Cloud Computing. Answer: Introduction The purpose of this paper is to develop a report highlighting various information and network security issues which can hamper the businesses of several organisations. In present scenario, there is a huge emphasis laid upon such cyber security and network issues because of the privacy concerns of the customers. It is becoming difficult for the organisations to retain the customers due to the privacy and security issues. The report will be prepared in respect with a small scale organisation that develops applications in-house and customise off-the shelf software in agreement with larger vendors (Liyanage, et al., 2016). The organisation is planning to diversify its business by offering ongoing information and network security services to businesses management that have an online presence. And there is a need to effectively manage the online security of those organisations, including their websites and client databases. The objective of this report is to analyse the various possible so lutions which can be taken use by the organisation in respect with overcoming from all such issues. There will be provided a few recommendations which can help the company to expand and diversify its business in the coming five years and to offer the customers with secured are protected services without any kind of network and security breaches. The key emphasis is led more upon the bottom line concerns i.e. the economic aspects as the organisation is small scale and has a limited capital to invest on to save the business processes from such issues (Bohli, Langendrfer and Skarmeta, 2013). Network Security and its need for global businesses There is increasing reliant upon the increasing and continuous use of internet in such a digitalised global environment. Most of the work of both the small scale as well as large scale organisations are now dependent upon internet and advanced technologies. Because of such increasing reliant, it is essential to have adequate safeguards for protecting the businesses transacting in the digitalised age (Khan, et al., 2016). The primary reason behind the initiatives taken towards the networking and security is the rising threats and risks of cyber-attacks. And this occurred as a strategic challenge for the organisations and the managers to take use of the benefits of digital age and technological advancements but with sustaining the threat of security issues and cyber-attacks (Stallings and Tahiliani, 2014). It has been seen that there is an increasing misuse of the technological advancements and the internet is posing a great threat to cyber and network security and privacy of the users and thus the companies are taking innovative steps to overcome these risks. It is also necessary for the organisation to identify as well as mitigate the risks of networking issues and cyber-attacks and take adequate steps for minimizing these risks (Spiekermann, et al., 2015). Before understanding and analysing the various ways by which the organisation can successfully expand its business overcoming the risks of network security, cyber security and privacy issue, it is essential to under the relevance of the aspect of cyber security in the business operations. Network security can be understand as the field of internet security where the main concentration is on maintaining peace within the castle rather than focusing more upon the risks which are present outside the castle (Roman, Zhou and Lopez, 2013). The key focus is on safeguarding against the networking issues and risks which could take place inside the business operations and breach the security. There is a big emphasis led upon securing the internal information of the organisation by having an effective monitoring the networks as well as the employees in an adequate manner. The companies install software of network security for protecting the business operations, applications and processes managem ent from the cyber theft and privacy breach. There are hackers that tricked the network security of the organisations by injecting the data, personal information and codes as well as overtake the physical access to the software and hardware by different hacking techniques (Sadeghi, Wachsmann and Waidner, 2015). And therefore, it has become one of the top most issues in the globalised business world which is some or the other way deteriorating the benefits of digital age and internet based technologies. There has been raised vital significance of network security as the global businesses have to face a high cost because of any kind of breach of network security and privacy breach. If the organisational data is sold off in the markets, secretly monitored, misrepresented and have taken misused then it can cost huge for the companies and specifically for the ones who are well recognized in the market (Liang, et al., 2014). Many a times because of the network and security breaches there is leaked down of the companys confidential data, alteration of the organisations finances, taken negative use of the users private data and locking out of the systems of the organisations so that even the personnel do not have a right to open them. Such network attacks are taken used by the various cyber hackers comprising phishing, tampering, spoofing and click jacking. And thus, it became extremely essential to save the organisations from these network security issues and privacy breaches (Xiao and Xiao, 2013). Developments, practices and applications in the field of network and information security There are several best practices and developments that have been taken sue by number of companies and organisation in the technology industry to overcome the threat of privacy breach and security issues. Following is the description of such practices, developments and applications which have been used by several big and small organisations for securing themselves, their business processes and the users from the network-attacks and privacy breaches. The firewalls are considered as the top most priority of the businesses management taking use of internet as the primary line of defence from such issues. It is advisable for the organisation to set up firewall so that it could help the organisation is acting as great barricade between the hackers and the confidential data and information of the organisation. These firewall must be installed both internally as well as externally that there can be attained additional safety guard from the network and security challenges. It is also essential that the employees who will be working from their homes must have a fixed installation of firewall on their home too (Phillips and Sianjina, 2013). This will help in filling the gap and saving those employees also from getting hacked and thus this application of the firewalls will help the company to expand its business and diversify its portfolio by managing all these issues of network-attacks (Wang, et al., 2016). It is extremely essential that the various protocols regarding the network security are appropriately documented. At the businesses where a protection plan is not applied in a proper way, there can be breach of the safety precautions. Thus, it makes important for the organisation to have an adequate documentation of the network security policy. There is not only saving of data through thee network security policies but also retainment of the valuable human resources and financial resources (Bayuk, Healey and Rohmeyer, 2012). The various actions that the employees undertake both internally as well as externally have a direct impact upon the business sustainability. And thus, even the actions and activities of an individual employee could result in breach of privacy of the confidential data of the organisation that comprises of user/customer information, ranging from personal details, to financial records, commercial transactions, sensitive information and other online login details. T here is required to have application of the detailed toolkits as used by other organisations which can support in determining and documenting the policies of network security (Sicari, 2015). Applications for backing up data Even the business organisations deploy a number of resources; there are still some loopholes which can give a chance to the hackers to attack the network security and privacy of the users. Thus, it is necessary that there must be effective back up of all the data comprising of the files related to the personal information of the customers, human resource files, databases, financial and operational data, spread sheets and other various documents (Rittinghouse and Ransome, 2016). It is essential that the businesses must have a practice of backing up the data on a regular and continuous basis on the cloud as well as multiple locations to overcome the risk of data loss and breaching of networks. This will not only support in getting back the lost data but also in getting attentive and take one step high during a network-attack as all the data will be secured at some or the other place. The organisation in its coming five years to have safer business operations can take use of renowned ap plications such as Comodo/Time Machine, Dropbox, etc. for backing up its data. These applications are effective enough in ensuring that the business applications and processes are safe and secure. The files on which the users and employees are working are not only synced to the installed application but also have a complete sync with the main servers of the application. This ensures that all the current work and other data is secured and kept safely backed up (Botta, et al., 2014). It is a basic and mandatory to be applied knowledge that the various phishing emails must not be opened by the organisational employees. There was presented in the reports of Data Breach Investigations by Verizon for the year 2016 that almost thirty percent of the employees access these phishing emails and this percentage is approximately seven percent higher in comparison with the data of 2015 (Segal, 2017). And to avoid such malware and ransom ware attacks, there is a much need that the organisations must install anti-malware as anti-ransom ware software to protect the users, their privacy and other network security. To overcome the issue there are various anti-malware software which can be used by the organisations such as NPE, MSRT, Hitman Pro, Zemana, etc. Once this software is installed, the businesses can be saved from the malware attacks. And to save from the ransom ware network attack, there is recognized software such as Trend Micro, BitDefender Anti-Ransomware, Kaspersky I nternet Security, etc. Such software protects the confidential data and the information in the digital age and save the organisations from network and cyber-attacks. The installation of the anti-malware and anti-ransom ware software can help the business to have safe business operations as well as will help to expand the businesses with several online companies by securing their data, passwords and confidential data of the users (Fisher, et al., 2015). Planning the mobile devices In such a digitalised and techno savvy age, all the devices have transformed completely by changing themselves from just being simple computers to the highly updated, wireless, digitalised gadgets. In present scenario, most of the companies have allowed BYOD i.e. Bring Your Own Device which is posing a great threat to the security and privacy of the organisations as well as the users. There are present fitness trackers as well as technology based smart watches that have the wireless potential that can deteriorate the network and security of the company and its processes. Thus, it is very much essential that BYOD and relative policies must be included in the network security policy of the organisations. He employees were required to effective update the security of the individual devices as well as must also follow the password policy which is required to be applied on all those electronic devices which have probability to attack the network security and privacy of the users and the organisation (Moore, Dynes and Chang, 2016). Conclusion Based open the discussions performed in the preceding segments of the report; it is clearly evident that the network security possess a great significance for the business organisations to perform, continue and expand their businesses as well as to enhance their performances. In such a global and digitalised age, where all the things have a connection with each other has resulted in increased threats and risks of network security that make the business organisations helpless. The network attacks have a potential to threaten the company as well as the users and can even run the company by stealing complete information as well as damaging the organisation from the financial perspective. It is essential that that the business organisation must adopt and implement an adequate network resilience policy as well as must have proper installation of the anti-malware and anti-ransom ware software to avoid the risks of attacks from the hackers. Through gaining insights from the various applicat ion, practices and development done by several other companies to save themselves from such attacks, it is essential that there must be take adequate initiatives while expanding the business operations. And it is further make essential for the business organisation to implement best possible practices with limited budget for securing themselves and the users from such networking threats and risk of privacy breaching. Other than the above suggested application and practices, there are few recommendations which can help the organisation to expand its business successfully with higher level of network security and appropriate safety measures for the new customers. The following recommendation can support the organisation to manage online security while developing application and also securing the websites and client databases in an appropriate manner. Recommendations Following are few of the recommendations based upon the various findings and proposed solution to overcome the threat of breach of network security and privacy of the users and their databases. In future, there are high chances that the organisations will take use of robotics technology for managing its operations but there are several risks of cyber-attacks and network attacks, thus it is recommended that there must new developments as well as taken use of software which are smart enough to analyse the future vulnerabilities before the time they get exposed and thus reduce the level of risks (Sen, 2013). It is also recommended that there must be performed a third party internal security as well as external security audits on a regular basis so that the networks can be modify when there are some issues or security problems to save from the hackers (Ziegeldorf, Morchon and Wehrle, 2014). The next key recommendation is that there must be an effective control over the end points for securing the databases, websites and personal information of the users. There must be complete knowledge of the software, legacy codes, custom code and other configurations so that the data can be secured effectively (Yang, et al., 2015). It is also recommended that there must be complete auditing of the web applications as they are highly vulnerable to attacks and privacy breaches. Thus, of these vulnerabilities are identified, the organisation can prepare themselves to escape from such network-attacks (Trappe, Howard and Moore, 2015). It is recommended that the employees as well as the users must be offered with adequate trainings regarding the phishing emails as they can attack on the personal accounts, business systems and other confidential information. Thus, as soon as some suspect is found, there must be taken appropriate initiatives (Rao and Selvamani, 2015). References Bayuk, J. L., Healey, J., Rohmeyer, P., Sachs, M. H., Schmidt, J., Weiss, J. (2012).Cyber security policy guidebook. John Wiley Sons. Bohli, J. M., Langendrfer, P., Skarmeta, A. F. (2013). Security and privacy challenge in data aggregation for the iot in smart cities.Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems management, 225-244. Botta, A., De Donato, W., Persico, V., Pescap, A. (2014, August). On the integration of cloud computing and internet of things. InFuture Internet of Things and Cloud (FiCloud), 2014 International Conference on(pp. 23-30). IEEE. Fisher, R., Ledwaba, L., Hancke, G., Kruger, C. (2015). Open hardware: A role to play in wireless sensor networks?.Sensors,15(3), 6818-6844. Khan, S., Gani, A., Wahab, A. W. A., Shiraz, M., Ahmad, I. (2016). Network forensics: review, taxonomy, and open challenges.Journal of Network and Computer Applications,66, 214-235. Liang, X., Zhang, K., Shen, X., Lin, X. (2014). Security and privacy in mobile social networks: challenges and solutions.IEEE Wireless Communications,21(1), 33-41. Liyanage, M., Abro, A. B., Ylianttila, M., Gurtov, A. (2016). Opportunities and challenges of software-defined mobile networks in network security.IEEE Security Privacy,14(4), 34-44. Moore, T., Dynes, S., Chang, F. R. (2016). Identifying how firms manage cybersecurity investment.University of California, Berkeley. Phillips, R., Sianjina, R. R. (2013).Cyber security for educational leaders: A guide to understanding and implementing technology policies. Routledge. Rao, R. V., Selvamani, K. (2015). Data security challenges and its solutions in cloud computing.Procedia Computer Science,48, 204-209. Rittinghouse, J. W., Ransome, J. F. (2016).Cloud computing: implementation, management, and security. CRC press. Roman, R., Zhou, J., Lopez, J. (2013). On the features and challenges of security and privacy in distributed internet of things.Computer Networks,57(10), 2266-2279. Sadeghi, A. R., Wachsmann, C., Waidner, M. (2015, June). Security and privacy challenges in industrial internet of things. InDesign Automation Conference (DAC), 2015 52nd ACM/EDAC/IEEE(pp. 1-6). IEEE. Segal, (2017). 8 Cyber Security Best Practices For Your Small To Medium-Size Business (SMB), Retrieved on: 24th September, 2017, Retrieved from: https://www.coxblue.com/8-cyber-security-best-practices-for-your-small-to-medium-size-business-smb/ Sen, J. (2013). Security and privacy issues in cloud computing.Architectures and Protocols for Secure Information Technology Infrastructures, 1-45. Sicari, S., Rizzardi, A., Grieco, L. A., Coen-Porisini, A. (2015). Security, privacy and trust in Internet of Things: The road ahead.Computer Networks,76, 146-164. Spiekermann, S., Acquisti, A., Bhme, R., Hui, K. L. (2015). The challenges of personal data markets and privacy.Electronic Markets,25(2), 161-167. Stallings, W., Tahiliani, M. P. (2014).Cryptography and network security: principles and practice(Vol. 6). London: Pearson. Trappe, W., Howard, R., Moore, R. S. (2015). Low-energy security: Limits and opportunities in the internet of things.IEEE Security Privacy,13(1), 14-21. Wang, D., Cheng, H., He, D., Wang, P. (2016). On the challenges in designing identity-based privacy-preserving authentication schemes for mobile devices.IEEE Systems Journal. Xiao, Z., Xiao, Y. (2013). Security and privacy in cloud computing.IEEE Communications Surveys Tutorials,15(2), 843-859. Yan, Y., Qian, Y., Sharif, H., Tipper, D. (2013). A survey on smart grid communication infrastructures: Motivations, requirements and challenges.IEEE communications surveys tutorials,15(1), 5-20. Yang, N., Wang, L., Geraci, G., Elkashlan, M., Yuan, J., Di Renzo, M. (2015). Safeguarding 5G wireless communication networks using physical layer security.IEEE Communications Magazine,53(4), 20-27. Ziegeldorf, J. H., Morchon, O. G., Wehrle, K. (2014). Privacy in the Internet of Things: threats and challenges.Security and Communication Networks,7(12), 2728-2742.