1. Course : Virtualization and Cloud Computing
Course Code : CSE423
Presented by :
Rishi Sharma, 12003011
A REVIEW OF THE SECURITY ISSUES IN CLOUD
COMPUTING AND ITS REMEDIAL ACTIONS
2. Introduction-
Cloud computing has changed the way organizations manage data by storing it on
remote servers, leading to cost savings and better accessibility. However, security
concerns have arisen due to the increasing reliance on cloud computing. This
presentation examines various security issues in cloud computing.
And suggests measures to improve security and privacy. It also emphasizes the
importance of addressing security concerns to protect the privacy, integrity, and
availability of organizational data.
3. Security Risks in Cloud Computing
There are multiple security threats that can negatively affect the
organization’s data. Below are some of the most prevalent security risks
associated with cloud computing:
Data Breaches
Insider Threats
Third Party Risks
4. Data Breaches :- A data breach in cloud computing refers to the unauthorized access of sensitive
information stored in a cloud-based system. It can occur due to various reasons, such as weak
passwords, inadequate encryption, or human error. The consequences of a data breach can be
severe, including financial loss, damage to reputation, and legal consequences.
Insider Threats:- It refers to the risks posed by employees, contractors, or other insiders who have
authorized access to a cloud-based system. These insiders can intentionally or unintentionally misuse
their privileges and compromise sensitive data stored in the cloud. Examples of insider threats in
cloud computing include employees accessing data outside their job responsibilities, sharing login
credentials with unauthorized individuals, etc
Third-party risks :- It refers to the security risks that arise due to the involvement of third-party
service providers, such as cloud hosting providers or software vendors. The security of the cloud-
based system depends on the security practices of these third-party providers. If the providers are
not following adequate security measures, it can compromise the security of the entire system.
5. Remedial Actions
Organizations can take several remedial actions to abate security issues in cloud
computing. The following are some of the most effective remedial actions:
Encryption
Access Controls
Regular Audits
Disaster Recovery
6. Encryption:- Data encryption in cloud computing refers to the process of converting plain text data
into an unreadable format using cryptographic algorithms. It is an essential security measure that
helps protect sensitive data stored in the cloud from unauthorized access like
encrypting sensitive financial data such as credit card numbers.
Access Controls:- Access controls in cloud computing refer to the methods used to manage and
restrict access to cloud-based resources, applications, and data. Access controls ensure that only
authorized users can access the resources and perform specific actions, thereby reducing the risk
of data breaches and insider threats.
Regular Audits:- Regular audits in cloud computing refer to the periodic assessments of cloud-
based systems to ensure compliance with security policies and regulations. Audits help identify
security vulnerabilities, ensure proper access controls and encryption, and assess the
effectiveness of disaster recovery plans.
Disaster Recovery:- It refers to the process of restoring the availability and functionality of cloud-based
systems in the event of a natural or human-made disaster. Cloud-based disaster recovery solutions offer
improved scalability, reliability, and cost-effectiveness compared to traditional disaster recovery methods.
7. Conclusion
Cloud computing is a popular way for organizations to store and manage data,
but it also presents new security challenges. The security risks such as data
breaches, insider threats, and third-party risks can compromise sensitive
information. To address these issues, organizations must implement security
measures.
Failing to address these concerns can lead to severe consequences, including the
loss of privacy of integrity of data. Therefore, it is crucial for organizations to
prioritize security measures in cloud computing to keep their data safe.