4. 1.Secure data transfer
2. Secure programs interfaces
3. Secure retained data
4.user access to control
5.data separation
5. It’s a significant part of business planning.
Risk management believe to reduce the risk
R.M method for recognizing, considering risk.
Some of risk administrations are ISO,NIT
A disaster at a cloud provider can affect every one of
its customers.
And hackers and malware are not the only ones who
may target a cloud service provider.
Cloud computing risks are also presented by insider
threats.
6. Cloud computing provide all types of possibilities to
reduce the risk in IT .
Over 2-3 years IT organization evolving better
concentrated on
“Auditing, inspecting, reconsidering & modernizing”
Hybrid clouds start to verify their enterprise worth.
7. Risk can effect in market Authority:
Robust development,
premium supply charges &
investor confidence.
Risk management is not only buying protection for the
company, it should consider insurable & uninsurable
risk.
Its also define cost effective during the risk
management.
8.
9. #1. Unauthorized access to customer and
business data
Criminals do not like to work. They may
target small business networks because they
are easier to breach, and they often go after
larger companies because of the allure of
larger payouts.
10. #2. Insecure interfaces & APIs
Provider should double check that security to
their service forms
Logging security
#3.Vicious insider
Large risk in cc environment.
Gain unauthorized access to organozations
11. #4. Issues related technology sharing
It is based on IaaS
Remember: you have many ways to protect
your data when it is in control
#5. data loss or leakage
Data may be deleted or loss without produce
backup
#6. Hijacking
Deception & exploitation of program
vulnerabilities
12. #7. Unknown risk profile
This is less engaged with h/w & s/w
maintenance.
13. Malicious insiders & abusive use of login access by an
unauthorized persons.
Identity theft
External security Risk
Malware infections and data breaches
Data Protection Risk-
Data loss risk-deletion of record, loss of
encryption key,correption of data.
14.
15. It is a open environment security risk.
Its have high accessibility and associated with Risk too.
Cc provide higher service quality , security,
availability & reliability.
Current state
Data storage & computation are offer in the single
data center(service provider)
A single point of malfunction will not be presumed
for any data loss compare with house computing.
16. How data protected?
How code protected?
Cc provide security,availablity & reliablity.
Security advantages:
Data centralization
Incident Response
Forensic image verification time-MD5 hash function
Logging-benchmark logs solveing the logging problems
17. Investigation-illegal cloud environment
Data segregation –data normally distributed
Long term viability-double check the data
accessibility
Compromised server- backup of data
Regularity compliance-update not in regular
Recovery – natural and man made disasters.
18. If the data is confidential ,the data can handle by the
authorized person only.
Cc is the platform of digital matching form.
Human-human data flow.
Cloud ,digital persona & data security:
Salesforce.com-12 year of experience-service-infrastructure
scalability to accessibility.
After get authentication only can control the cloud .
Protect data from unauthorized control
19. Content level security endows Organizations to
organize data .
Contents are the organizational level, rather than the
institutional level.
20. Cloud service providers use a combination of methods
to protect your data. ... Cloud providers take steps to
protect data that's in transit.
Data Security methods include virtual private
networks, encryption, or masking. Virtual private
networks (VPNs) allow remote employees to connect
to corporate networks.
21. Data integrity strengthen by PRIVACY,SECURITY, &
RELIABLITY
And the integrity getting damaged by
HACKERS,PROGRAM MISTAKE, comp. virus
Data availability -
Data backup plan -
Disaster Recovery plan-
22. Only authorized persons only can access the resource within the system.
Setp1- Authenticate individual
Step2-get info. About individual
Step3-permit
Auditing:
Advantage is to reduce the cost of IT services.
Reduce the capital cost.
Unlimited scalablity
Pay- as-usage
23. Cc establish DB in virtual environment by reveling
internal & external attacks.
Double check the data inherently protected.
software testing:
Reducing testing cost
S/W testing tools to cc Applications