SlideShare a Scribd company logo

CLOUD COMPUTING.pptx

Download as PPTX, PDF
S
Sameenafathima4

cloud computing

Education
1 of 18
Click to edit Master title style 1 CLOUD COMPUTING Risk Management Security Monitoring by S.SAMEENA FATHIMA II-M.Sc. (CS) Nadar Saraswathi College Of Arts and Science
Click to edit Master title style 2  Cloud-based information systems are exposed to threats that can have adverse effects on organisational operations, assets, and individuals. Therefore, risk management plans in cloud computing are implemented by organisations to mitigate cloud-based risks, improve system security, and expedite business growth. 2
Click to edit Master title style 3 Process of Risk Management Risk management is a cyclically executed process comprised of a set of activities for overseeing and controlling risks. Risk management follows a series of 5 steps to manage risk, it drives organisations to formulate a better strategy to tackle upcoming risks. 3
Click to edit Master title style 4 • These steps are referred to as Risk Management Process and are as follows: 1.Identify the risk 2.Analyze the risk 3.Evaluate the risk 4.Treat the risk 5.Monitor or Review the risk 4
Click to edit Master title style 5 Identify the risk : The inception of the risk management process starts with the identification of the risks that may negatively influence an organisation's strategy or compromise cloud system security. Operational, performance, security, and privacy requirements are identified. The organisation should uncover, recognise and describe risks that might affect the working environment. Some risks in cloud computing include cloud vendor risks, operational risks, legal risks, and attacker risks. 5
Click to edit Master title style 6 Analyze the risk : After the identification of the risk, the scope of the risk is analyzed. The likelihood and the consequences of the risks are determined. In cloud computing, the likelihood is determined as the function of the threats to the system, the vulnerabilities, and consequences of these vulnerabilities being exploited. In analysis phase, the organisation develops an understanding of the nature of risk and its potential to affect organization goals. 6
Click to edit Master title style 7 Evaluate the risk - The risks are further ranked based on the severity of the impact they create on information security and the probability of actualizing. The organisation then decides whether the risk is acceptable or it is serious enough to call for treatment. 7
Click to edit Master title style 8 Treat the risk : In this step, the highest- ranked risks are treated to eliminate or modified to achieve an acceptable level. Risk mitigation strategies and preventive plans are set out to minimise the probability of negative risks and enhance opportunities. The security controls are implemented in the cloud system and are assessed by proper assessment procedures to determine if security controls are effective to produce the desired outcome. 8
Click to edit Master title style 9 Monitor or Review the risk - Monitor the security controls in the cloud infrastructure on a regular basis including assessing control effectiveness, documenting changes to the system and the working environment. Part of the mitigation plan includes following up on risks to continuously monitor and track new and existing risks. 9
Click to edit Master title style 10 Risks bound under 2 main categories. 1.Internal Security Risks 2.External Security Risks 10
Click to edit Master title style 11 1.Misconfiguration of settings - Misconfiguration of cloud security settings, either by the organisation workforce or by the cloud service provider, exposes the risk of a data breach. Most small businesses cloud security and risk management are inadequate for protecting their cloud infrastructure. 2.Malicious Insiders - A malicious insider is a person working in the organisation and therefore already has authorized access to the confidential data and resources of the organization. With cloud deployments, organisations lack control over the underlying infrastructure; making it very hard to detect malicious insiders. . 11
Click to edit Master title style 12 1.Unauthorized Access - The cloud-based deployment of the organisation's infrastructure is outside the network perimeter and directly accessible from the public internet. Therefore, it is easier for the attacker to get unauthorized access to the server with the compromised credentials. 2.Accounts Hijacking - The use of a weak or repetitive password allows attackers to gain control over multiple accounts using a single stolen password. Moreover, organizations using cloud infrastructure cannot often identify and respond to such threats. 3.Insecure APIs - The Application Programming Interfaces(APIs) provided by the cloud service provider to the user are well-documented for ease of use. A potential attacker might use this documentation to attack the data and resources of the organisation. 12
Click to edit Master title style 13 Security management in the cloud is a set of strategies designed to allow a business to use cloud applications and networks to their greatest potential while limiting potential threats and vulnerabilities. This is often done with several independent tactics: 13
Click to edit Master title style 14 Identifying and assessing cloud services. First, you need to spend time identifying which cloud products and services are being used in your organization, and which ones might be considered in the future. Then, you’ll need to assess and audit those items, analyzing their security and potential vulnerabilities. Auditing and adjusting native security settings. Within each application, you’ll have full control of your own privacy and security settings. It’s on your cloud security team to understand which settings are available, and take full advantage of them to grant your organization the highest possible level of security. 14
Click to edit Master title style 15 Encrypting data. In many cases, you’ll need to take extra efforts to prevent data loss and preserve data integrity by encrypting your data and securing your connections. It’s your responsibility to allow legitimate network traffic and block suspicious traffic. 15
Click to edit Master title style 16 16 Managing devices. Cloud applications allow you to reduce the amount of physical infrastructure you maintain, but you and your employees will still be accessing data and services with specific devices. You’ll need some way to manage and monitor those devices to ensure only authorized devices can access your data.
Click to edit Master title style 17 17 Managing users. Similarly, you’ll need to consider user-level controls. Establish varying levels of user permissions, to restrict access to your most valuable or sensitive information, and change user permissions as necessary to allow secure access. Reporting. It’s also important to monitor cloud activity from a high level, and report on that activity so you can better understand your risks and ongoing operations.
Click to edit Master title style 18 Thank You

Recommended

For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docxyoroflowproduct
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...Precise Testing Solution
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Describe two methods for communicating the material in an Informatio.pdf
Describe two methods for communicating the material in an Informatio.pdfDescribe two methods for communicating the material in an Informatio.pdf
Describe two methods for communicating the material in an Informatio.pdfarchgeetsenterprises
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printjames morris
 

Recommended

For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docx10 Ways For Mitigating Cybersecurity Risks In Project Management.docx
10 Ways For Mitigating Cybersecurity Risks In Project Management.docxyoroflowproduct
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...Precise Testing Solution
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
Describe two methods for communicating the material in an Informatio.pdf
Describe two methods for communicating the material in an Informatio.pdfDescribe two methods for communicating the material in an Informatio.pdf
Describe two methods for communicating the material in an Informatio.pdfarchgeetsenterprises
 
Cyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadCyber presentation spet 2019 v8sentfor upload
Cyber presentation spet 2019 v8sentfor uploadsavassociates1
 
Weakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainWeakest links of an organization's Cybersecurity chain
Weakest links of an organization's Cybersecurity chainSanjay Chadha, CPA, CA
 
Bit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printBit defender ebook_secmonitor_print
Bit defender ebook_secmonitor_printjames morris
 
Presentation1 A.pptx
Presentation1 A.pptxPresentation1 A.pptx
Presentation1 A.pptxRabinBidari
 
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldKey Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldTEWMAGAZINE
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...cyberprosocial
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
How to analyze cyber threats
How to analyze cyber threatsHow to analyze cyber threats
How to analyze cyber threatsAkankshaPathak27
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesIJNSA Journal
 
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdfAfour tech
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksSkillmine Technology Consulting
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksSkillmine Technology Consulting
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITEnvision Technology Advisors
 
Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree AnikeyRoy
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxjeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxtodd521
 
800-37.pptx
800-37.pptx800-37.pptx
800-37.pptxAvniJain836319
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfNeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
ai.pptx
ai.pptxai.pptx
ai.pptxSameenafathima4
 
dip.pptx
dip.pptxdip.pptx
dip.pptxSameenafathima4
 

More Related Content

Similar to CLOUD COMPUTING.pptx

Presentation1 A.pptx
Presentation1 A.pptxPresentation1 A.pptx
Presentation1 A.pptxRabinBidari
 
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldKey Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldTEWMAGAZINE
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...cyberprosocial
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills
 
How to analyze cyber threats
How to analyze cyber threatsHow to analyze cyber threats
How to analyze cyber threatsAkankshaPathak27
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesIJNSA Journal
 
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdfAfour tech
 
Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree AnikeyRoy
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxjeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxtodd521
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfNeilStark1
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxNeilStark1
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 

Similar to CLOUD COMPUTING.pptx (20)

Presentation1 A.pptx
Presentation1 A.pptxPresentation1 A.pptx
Presentation1 A.pptx
 
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise WorldKey Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
Key Cybersecurity Risks and Mitigation Strategies in 2023 | The Enterprise World
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
 
Vskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample MaterialVskills Certified Network Security Professional Sample Material
Vskills Certified Network Security Professional Sample Material
 
How to analyze cyber threats
How to analyze cyber threatsHow to analyze cyber threats
How to analyze cyber threats
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resources
 
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of IT
 
Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree Prevent Security Risks with Cloud Security Posture Management | Mindtree
Prevent Security Risks with Cloud Security Posture Management | Mindtree
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
 
800-37.pptx
800-37.pptx800-37.pptx
800-37.pptx
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
How to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdfHow to Secure Your Enterprise Network.pdf
How to Secure Your Enterprise Network.pdf
 
How to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docxHow to Secure Your Enterprise Network.docx
How to Secure Your Enterprise Network.docx
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 

More from Sameenafathima4

Features of Android OS.pptx
Features of Android OS.pptxFeatures of Android OS.pptx
Features of Android OS.pptxSameenafathima4
 
anatomy of a jsp page & jsp syntax.pptx
anatomy of a jsp page & jsp syntax.pptxanatomy of a jsp page & jsp syntax.pptx
anatomy of a jsp page & jsp syntax.pptxSameenafathima4
 

More from Sameenafathima4 (15)

ai.pptx
ai.pptxai.pptx
ai.pptx
 
dip.pptx
dip.pptxdip.pptx
dip.pptx
 
iot.pptx
iot.pptxiot.pptx
iot.pptx
 
women empowerment.pptx
women empowerment.pptxwomen empowerment.pptx
women empowerment.pptx
 
crypto.pptx
crypto.pptxcrypto.pptx
crypto.pptx
 
crypto.pptx
crypto.pptxcrypto.pptx
crypto.pptx
 
nosql.pptx
nosql.pptxnosql.pptx
nosql.pptx
 
Features of Android OS.pptx
Features of Android OS.pptxFeatures of Android OS.pptx
Features of Android OS.pptx
 
python p.pptx
python p.pptxpython p.pptx
python p.pptx
 
Creating windows
Creating windowsCreating windows
Creating windows
 
Code optimization
Code optimizationCode optimization
Code optimization
 
Swing components
Swing components Swing components
Swing components
 
dsa.pptx
dsa.pptxdsa.pptx
dsa.pptx
 
anatomy of a jsp page & jsp syntax.pptx
anatomy of a jsp page & jsp syntax.pptxanatomy of a jsp page & jsp syntax.pptx
anatomy of a jsp page & jsp syntax.pptx
 
JAVA SERVER PAGE
JAVA SERVER PAGEJAVA SERVER PAGE
JAVA SERVER PAGE
 

Recently uploaded

How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 

Recently uploaded (20)

How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 

CLOUD COMPUTING.pptx

  • 1. Click to edit Master title style 1 CLOUD COMPUTING Risk Management Security Monitoring by S.SAMEENA FATHIMA II-M.Sc. (CS) Nadar Saraswathi College Of Arts and Science
  • 2. Click to edit Master title style 2  Cloud-based information systems are exposed to threats that can have adverse effects on organisational operations, assets, and individuals. Therefore, risk management plans in cloud computing are implemented by organisations to mitigate cloud-based risks, improve system security, and expedite business growth. 2
  • 3. Click to edit Master title style 3 Process of Risk Management Risk management is a cyclically executed process comprised of a set of activities for overseeing and controlling risks. Risk management follows a series of 5 steps to manage risk, it drives organisations to formulate a better strategy to tackle upcoming risks. 3
  • 4. Click to edit Master title style 4 • These steps are referred to as Risk Management Process and are as follows: 1.Identify the risk 2.Analyze the risk 3.Evaluate the risk 4.Treat the risk 5.Monitor or Review the risk 4
  • 5. Click to edit Master title style 5 Identify the risk : The inception of the risk management process starts with the identification of the risks that may negatively influence an organisation's strategy or compromise cloud system security. Operational, performance, security, and privacy requirements are identified. The organisation should uncover, recognise and describe risks that might affect the working environment. Some risks in cloud computing include cloud vendor risks, operational risks, legal risks, and attacker risks. 5
  • 6. Click to edit Master title style 6 Analyze the risk : After the identification of the risk, the scope of the risk is analyzed. The likelihood and the consequences of the risks are determined. In cloud computing, the likelihood is determined as the function of the threats to the system, the vulnerabilities, and consequences of these vulnerabilities being exploited. In analysis phase, the organisation develops an understanding of the nature of risk and its potential to affect organization goals. 6
  • 7. Click to edit Master title style 7 Evaluate the risk - The risks are further ranked based on the severity of the impact they create on information security and the probability of actualizing. The organisation then decides whether the risk is acceptable or it is serious enough to call for treatment. 7
  • 8. Click to edit Master title style 8 Treat the risk : In this step, the highest- ranked risks are treated to eliminate or modified to achieve an acceptable level. Risk mitigation strategies and preventive plans are set out to minimise the probability of negative risks and enhance opportunities. The security controls are implemented in the cloud system and are assessed by proper assessment procedures to determine if security controls are effective to produce the desired outcome. 8
  • 9. Click to edit Master title style 9 Monitor or Review the risk - Monitor the security controls in the cloud infrastructure on a regular basis including assessing control effectiveness, documenting changes to the system and the working environment. Part of the mitigation plan includes following up on risks to continuously monitor and track new and existing risks. 9
  • 10. Click to edit Master title style 10 Risks bound under 2 main categories. 1.Internal Security Risks 2.External Security Risks 10
  • 11. Click to edit Master title style 11 1.Misconfiguration of settings - Misconfiguration of cloud security settings, either by the organisation workforce or by the cloud service provider, exposes the risk of a data breach. Most small businesses cloud security and risk management are inadequate for protecting their cloud infrastructure. 2.Malicious Insiders - A malicious insider is a person working in the organisation and therefore already has authorized access to the confidential data and resources of the organization. With cloud deployments, organisations lack control over the underlying infrastructure; making it very hard to detect malicious insiders. . 11
  • 12. Click to edit Master title style 12 1.Unauthorized Access - The cloud-based deployment of the organisation's infrastructure is outside the network perimeter and directly accessible from the public internet. Therefore, it is easier for the attacker to get unauthorized access to the server with the compromised credentials. 2.Accounts Hijacking - The use of a weak or repetitive password allows attackers to gain control over multiple accounts using a single stolen password. Moreover, organizations using cloud infrastructure cannot often identify and respond to such threats. 3.Insecure APIs - The Application Programming Interfaces(APIs) provided by the cloud service provider to the user are well-documented for ease of use. A potential attacker might use this documentation to attack the data and resources of the organisation. 12
  • 13. Click to edit Master title style 13 Security management in the cloud is a set of strategies designed to allow a business to use cloud applications and networks to their greatest potential while limiting potential threats and vulnerabilities. This is often done with several independent tactics: 13
  • 14. Click to edit Master title style 14 Identifying and assessing cloud services. First, you need to spend time identifying which cloud products and services are being used in your organization, and which ones might be considered in the future. Then, you’ll need to assess and audit those items, analyzing their security and potential vulnerabilities. Auditing and adjusting native security settings. Within each application, you’ll have full control of your own privacy and security settings. It’s on your cloud security team to understand which settings are available, and take full advantage of them to grant your organization the highest possible level of security. 14
  • 15. Click to edit Master title style 15 Encrypting data. In many cases, you’ll need to take extra efforts to prevent data loss and preserve data integrity by encrypting your data and securing your connections. It’s your responsibility to allow legitimate network traffic and block suspicious traffic. 15
  • 16. Click to edit Master title style 16 16 Managing devices. Cloud applications allow you to reduce the amount of physical infrastructure you maintain, but you and your employees will still be accessing data and services with specific devices. You’ll need some way to manage and monitor those devices to ensure only authorized devices can access your data.
  • 17. Click to edit Master title style 17 17 Managing users. Similarly, you’ll need to consider user-level controls. Establish varying levels of user permissions, to restrict access to your most valuable or sensitive information, and change user permissions as necessary to allow secure access. Reporting. It’s also important to monitor cloud activity from a high level, and report on that activity so you can better understand your risks and ongoing operations.
  • 18. Click to edit Master title style 18 Thank You