Making communications land - Are they received and understood as intended? we...
Risks in cc
1. Risks in cloud computing
BY
N.RUBA
ASST.PROF,
DEPT. OF COMPUTER APPLICATIONS,
BON SECOURS COLLEGE FOR WOMEN,
THANJAVUR.
2. Cloud computing & security
Risks in cloud computing
Introduction
risk management
Cloud impact
Enterprise wide risk management
Types of risks in CC
3. Risks in cloud computing
Introduction
Two kinds of providers
CSP cloud service providers/SaaS or PaaS providers
Cloud infrastructure providers/IaaS
Feature rich applications
Infrastructure
Storage
Platform
Appln
Services
Client
4. Security anxieties
Secure data transfer
Secure program interfaces
Secure retained data
User access to control
Data separation
5. contd
Cloud computing risks
the solution may not meet its economic objectives
The solution may not work in the context of the client’s
enterprise’s association
The solution may not be tough to evolve due to adversity of
incorporating the cloud services
A catastrophe (event cause sudden damage)may occur from
which the solution will not recover
system that it does not meet the us value may be in sufficient,
in or users needs
There may be an existing need For service orientation
6. RISK Management
Is a significant part of business planning
Is believed to reduce or eradicate the risk of certain types of
happenings.
risk admin measures evolved by project mgmt institute,
ISO(international Organization for standardization),National
institute of science & technology societies.
In cc new in its present pattern, granted to reduce
intermediate risk enterprise area.
CLOUD IMPACT-any action
-provided possibilities for organization of all types to reduce
the risks affiliated to IT acquisition(h/w &s/w)
7. ENTERPRISE WIDE RISK MANAGEMENT
• RM-followed to avert as many errors as possible and devising fee
procedures for the rest.
• Analyze the following
Hazards(danger)-e.g blaze, tomato, robbery, privacy, vandalism or crime
Internal procedure exposure initiated by security & security practices
,workers reimbursement & worker dishonesty.
Mgmt process--.Six steps
Determination of the objectives of the risk admin program
Identification of the risks-
analysis questionnaires, exposure checklist, flowchart, analysis of
financial stmt, other internal records, inspections & interview
Evaluation of risks- critical , significant or insignificant
Consideration of options and assortment of the risk remedy device
Implementation of the decision
Evaluation & reconsider
8. TYPES OF RISKS IN CC
THREATS:-
1. Misuse and illicit (forbidden by laws)use of CC
2. Insecure interfaces and APIs
3. Vicious insiders-violent
4. Issues-related technology sharing
5. Data loss or leakage
6. Hijacking(account/service)-unlawfully seize
7. Unknown risk profile
Internal security risk-bcoz of flexibility login access by
unauthorized person.
External security risk
Data protection risk
Data loss