Describe the general Information Security steps and

controls that you would recommend to the Board to

secure the Hybrid Cloud. You will need to explain to the
Board your reasons for recommending these particular
security steps. (20 marks)

Hybrid Cloud. (2019). [image] Available at: https://www.veritis.com/wp-content/uploads/2018/01/hybrid_cloud.jpg

[Accessed 17 May 2019].

Hybrid cloud computing refers to the type of cloud computing deployment model which
includes the usage of both private and public clouds. The hybrid cloud provides maximum
flexibility and customizability. Due to this reason, many business organizations are migrating
to the hybrid cloud. Along with the popularity of using hybrid cloud, it is necessary to
protect the system and the information stored in that system from different types of attacks.
Not only the attacks, but there are some other serious challenges such as system crashes,
power outage, data corruption, data breaching, etc. faced in the hybrid cloud. Therefore, it is
necessary to maintain security in the cloud infrastructure using various mechanisms.
Following are some of the general information security steps and controls to minimize the
risk factors in the cloud.

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
 Selection of appropriate cloud service provider and
security solution provider

For using public, private or hybrid cloud services, it is important for every organization to
perform research activities prior selecting a cloud service provider. The research should most
importantly focus on which cloud service provider can give best services in terms of security.
The cloud service provider plays the biggest role to enforce security in the system hosted in
cloud. The hybrid cloud needs security options developed for hybrid cloud environment. The
hybrid cloud has instances both on public and private cloud. So, it needs special mechanism
to control systems hosted on both the public and private cloud environment. Some of the
best hybrid cloud solution providers are VMWare, Amazon Web Services, Microsoft Azure,
Rackspace, IBM, Cisco Systems, etc.

Along with cloud service provider, it is important for any organization hosting their system in
cloud to adopt an optimal cloud security solution provider. Those providers are always
focused on providing the best security options for the cloud infrastructure. We need to
choose the best one according to our requirements. Some of the companies providing
security solutions for hybrid cloud are Fortinet, Symantec, Trend Micro Hybrid Cloud
Security, etc.

Reasons for recommendation

 The cloud service providers play a vital role in terms of quality of security enforced in
applications hosted in cloud.
 It is in the hand of a cloud service provider to provide us with various options
regarding the features to control the security level of the cloud environment.
 The cloud solution providers are engaged only in providing the best security solution
for the applications hosted in cloud. Because of this reason, the organization can
focus of further enhancing and upgrading the system rather than being just focused
on enforcing security mechanisms.

Providing minimal privilege

The organization should focus on providing least privilege to the users regarding the use of
the system. The system should contain features to control what part of system can be
viewed by a particular user. The system should have features to control roles and

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
 permission. It is best to assign a role to each individual user and categorize the permissions
according to the roles. For example, a user with super admin role can perform all the
activities along with creating other users and assigning roles and permissions to them. All
other users can only view the system parts according to the roles assigned and permissions
given. This type of feature not only benefits the hybrid cloud but also the private cloud. In
fact, it is necessary for every organization to adopt this principle as a healthy habit to ensure
maximum security in their system.

Reasons for recommendation

 Providing only assigned permission can ensure security to the system because the
whole system is accessible only to the authorised and most trusted people.
 It minimizes the risk of system being misused by the unauthorized users or it can
even ensure any kind of brute force attacks or any unintentional operation by novice
users causing system crashes.

Separating the most critical infrastructures

The part of the system with most crucial data should be kept separately. It is a better
practice to isolate that part of the system in order to achieve maximum security. That part of
the system should only be exposed to few authorised people. The users operating the critical
infrastructures should be professional enough to handle all kinds of exceptions and bugs.
Once the system is live, it is very important to solve the issues in real time or in minimal
time. Sometimes, even a small piece of code can entirely damage the system and be the
reason for system crashes. A small wrong move can sometimes erase all the important data
and information. Therefore, hosting the critical infrastructures separately provide maximum
benefit to the system and the organization.

Reasons for recommendation

 It is crucial to isolate the critical infrastructures because it minimizes the risk of
potential attacks from the intruders.
 Even if the whole system crashes, that infrastructure is left unaffected or less affected
so that recovery process is easier.

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
 Data Encryption

The data stored in the hybrid cloud should be encrypted. It is an important factor regarding
the security of the data stored in the cloud. Encrypted data is more secure than storing the
plain data. The level of security is measured by the level of encryption provided. There are
various types of encryption algorithm available for security purpose. But many of them can
be decrypted easily by the hackers. Therefore, it is necessary for us to choose a security
provider not only providing encryption facility but also with the usage of strongest
encryption algorithm. It might be a policy to not enclose the encryption algorithm used for
security purpose but the least we can do is to make sure the encryption used in our system
is safe and provides the best security to the system. Not only the stored data should be
encrypted but also the data during the operations should be encrypted, then it will be
possible to achieve maximum security. It is important to ensure that all the incoming,
outgoing and stored data should be encrypted with best encryption algorithm.

Some of the encryption algorithm are Triple DES, AES, DES, RSA, BLOWFISH, TWO FISH, etc.

Reasons for recommendation

 Encryption can provide security from hackers because after implying encryption
technique, what is seen is different from what actually data is.
 It is very difficult to decrypt information encrypted with a strong encryption
algorithm.
 The encryption technique uses key for decrypting the message and it is difficult to
find the key without which it is not possible to retrieve information.

Pre-Planning for Disaster Recovery

Disasters like service disruptions, attacks, system crashes, and power outage in data center
can occur anytime. Organizations should be prepared from the beginning in order to protect
the system from any loss that might occur due to any kind of disasters. The disaster recovery
mechanisms ensure the smooth run of the system in case of any kind of disasters. The
techniques help to recover the system in emergency cases. The backups made for this
purpose serves as an alternate solution. It is very important to have a backup plan from the
starting as disasters can occur at any time. We can have image based backups that are used

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
 for making copies of computers or virtual machines that can be used for restoring the
system.

Reasons for recommendation

 As disasters can occur any time, it is very important to keep backups especially as
images that can be used during emergency situations to recover the system.
 The disaster recovery mechanisms help us to ensure that the data will not be lost
even after hazardous disaster occurs. It helps us to recover

Multiple backups of critical data

Since the system is hosted in cloud and disaster can occur any time, we need to keep
multiple backups of important data. It is a good practice to backup data in real time. As soon
as the data is entered, it should be stored in multiple places. Each of the servers should
follow strict security mechanism in order to protect the system from possible threats and
data breaching. It also helps to minimize the risk that can occur due to corrupted data.
Sometimes, data can be lost due to internal or external factors during its transmission. We
can use the reliable source where we kept the data or information securely. As in hybrid
cloud, there is involvement of both the public and private cloud. Sometimes, hackers or
intruders might attack on our system and erase all the data or misuse it. They lock our
system and sometimes even ask for ransom for releasing the data. In such cases, if we have
backup of our system and data stored in it, then there is not much thing to worry about. But
in absence of any security recovery mechanisms, the cloud is always prone to attack.

Reasons for recommendation

 Since backups helps to recover any kind of distortion in data. Even if the system
crashes, it can be recovered with the help of the backups.
 If one data center fails to function well, then a backup can be used to smoothly run
the system without any disruption.
 Backups help to restore from any kind of system failure, temporary or permanent
loss of data.

Bibliography

Trendmicro.com. (2019). Key Strategies for Securing the Hybrid Cloud - Security News - Trend
Micro USA. [online] Available at:

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
 https://www.trendmicro.com/vinfo/us/security/news/virtualization-and-cloud/key-
strategies-for-securing-the-hybrid-cloud [Accessed 17 May 2019].

Softwaretestinghelp.com. (2019). Top 10 Cloud Security Companies And Service Providers to

Watch. [online] Available at: https://www.softwaretestinghelp.com/cloud-security-
companies/ [Accessed 17 May 2019].

Softwaretestinghelp.com. (2019). Top 10 Cloud Security Companies And Service Providers to

Watch. [online] Available at: https://www.softwaretestinghelp.com/cloud-security-
companies/ [Accessed 17 May 2019].

Bradford, C. (2019). 5 Common Encryption Algorithms and the Unbreakables of the Future.
[online] StorageCraft Technology Corporation. Available at: https://blog.storagecraft.com/5-
common-encryption-algorithms/ [Accessed 17 May 2019].

This study source was downloaded by 100000855529264 from CourseHero.com on 10-24-2022 09:59:43 GMT -05:00

https://www.coursehero.com/file/119392584/Cloud-computing-assignmentdocx/
Powered by TCPDF (www.tcpdf.org)