Assignment : Risk Management And Security

1971 Words8 Pages
ASSIGNMENT 03 – RISK MANAGEMENT AND SECURITY Student ID: 11580509 Student Name: Sethupathi Dyanprasad E-mail: s.dyanprasad@yahoo.com EXECUTIVE SUMMERY The first part discusses about the suitable delivery and deployment model for the project at hand. A suitable model out of Public or Private or Hybrid model is chosen. Also which out of Iaas,PaaS and SaaS is most suitable for the setup is discussed. The second part deals with the Risk Assessment for the models chosen. The Risk Assessment considers the Risks, Impact the risks can cause, the likelihood the risk can occur, and prevention and contingency plans for the risks. The third part discusses the security factors in cloud computing and how they can be related to this…show more content…
The major risks involved in this migration are discussed in the following. Governance: The vendor requires a third party control over the chosen cloud provider during any issues, which affects the data security. The local system administrator will have little control over the administration, leading to slow recovery and longer downtime. Lock In: The service provider has certain constrains and limits to the services they provide. So immediate modification and customizations to the system can be complicated. Isolation Failure: Shared resources and multi tenancy is a feature in cloud computing. Therefore, failure in quick access memory, storage issues or application latency between users might be common if the system does not have the capacity to support all users.. Compliance Risks: Each company maintains a different set of compliance levels. Therefore, if the entire system is migrated to the cloud, and the company cannot audit the compliance level of the service provider, it might be risky. Management Interface Compromise: Remote access and background processing can put the users’ credentials at risk.. Data Protection: This is by far the main risk involved. Most service providers do not have a clear stand on how the data protection service is carried out. Most of them outsource these services to third parties and unknown locations. It can be a risk if the user is not clear on how the service provider carries this process. Malicious Insider: Hacking and
Open Document