Secure Cloud Computing through IT Auditing
|
|
- Felicity Rogers
- 8 years ago
- Views:
Transcription
1 Secure Cloud Computing through IT Auditing 75 Navita Agarwal Department of CSIT Moradabad Institute of Technology, Moradabad, U.P., INDIA ABSTRACT In this paper we discuss the origin of cloud computing and framework for providing secure cloud computing through IT auditing. It involves checklists which are based on the cloud deployment models and cloud services models. This paper emphasizes on implication of cloud computing and defines secure cloud computing via IT auditing in spite of proposing a new technology to secure cloud computing. Keywords: Cloud, Cloud Service, Cloud Computing. 1. INTRODUCTION Cloud computing is an advanced technology that provides resources over the Internet and they act as extremely informative services to those who use the service. With this cloud, subscribers can access relevant business applications by using a web browser. Their data and the related software are stored on an off-site server. It ensures economic benefits by providing computing resources and applications to all customers. These services may include computing software services, storage, development and deployment platform, infrastructure and desktop services etc. It represents a different way to maintain data and applications by the use of internet and central remote servers. Consumers and businesses can easily use applications without installation and access their personal files at any computer with internet access. This efficient technology centralizes storage, memory, processing and bandwidth. In the cloud computing, a thin client interacts with remote cloud operating system to get virtual desktop with a chosen virtual local operating to access virtual data storage and implement these applications from anywhere and at anytime. In the current scenario, IT has reached a critical point. The information is driving 54% growth in storage. So, large scientific calculation such as weather forecasting, new medicine and healthcare informatics demands faster processing capabilities. Whereas in real terms, around 85% of computing capacity is idle. On an average, near about 70% of the IT budget is spent on managing IT infrastructure rather than adding new capabilities to the existing technologies. Alongwith this, the connectivity cost keeps on falling. So an off-site cloud computing infrastructure is provided by a third party who requires less technological skills for the user s in-house implementation. Although centralized data storage approach is implemented, but possible security risks should be considered along with loss of access and control. Users of cloud computing can easily achieve location and device independence. They can also use a web browser to access various systems from any site with various devices. Customers can manage and interact with the cloud services through APIs. Service Providers must ensure that security is integrated into their service models, and users must be aware of security risks in the use, implementation, management, and monitoring of those services. The risks may include limited monitoring capabilities, inflexible access controls, reusable passwords, clear-text authentication and improper authorizations. Figure 1
2 76 Businesses are running all kinds of applications in the cloud like Human Resource (HR), Customer Relationship Management (CRM), accounting and many others. Best IT Companies moved their applications to the cloud after clearly testing the security and reliability of the infrastructure. In this paper, we focus on the security issues for information assurance. That is, we can secure cloud computing by using the IT auditing policy. IT auditing under cloud computing provide benefit of building strategic plan for the enterprise in addition to the traditional auditing role. For this we make master checklists framework that can specify cloud deployment models. 2. ORIGIN OF CLOUD COMPUTING In 1960, John McCarthy stated about cloud computing that- Computation may someday be organized as a public utility. [1] Other scholars have shown that cloud computing s roots go all the way back to the 1950s when scientist Herb Grosch claimed that the entire world would operate on dumb terminals powered by about 15 large data centers. The term cloud comes from telephony in that telecommunications companies offers Virtual Private Network (VPN) services to customers with comparable quality of service (QoS) but at comparable less cost. The cloud computing symbol was used to specify the boundary between the responsibility of the service provider and the responsibility of the end user. Cloud computing covers aspects of servers and the network infrastructure. Amazon also played a key role in the development of cloud computing by equipting their data centers like other computer networks, which uses only 10% of their capacity at any one time. Amazon found that the new cloud architecture resulted in significant improvements whereby small teams could add new features faster and more easily. So it admitted a new product development effort to provide cloud computing to the external customers, and thus launched utility computing based Amazon Web Service (AWS) in WHY BUSINESSES NEED CLOUD COMPUTING? The supercomputers can perform complex tasks such as analyzing climate change, ensuring national security and solving medical problems. These are preferred by the universities, government agencies, military and research laboratories. As compared to the 3 billion computations per second processed by a powerful desktop PC, Cloud computing makes trillions of calculations per second and can provide similar power. Users can easily analyze sales data by using Internet, to estimate the risk in businesses ventures, store patients medical information and perform other essential tasks for their organizations was a milestone year for the implementation of Cloud Computing Services. Companies are increasingly finding that SaaS (Software-as-a-Service) is a safe and secure service for maintaining flexibility. SaaS is extremely well and simplifies IT planning. Thousands of users can be instantly assigned resources on the fly. It can be done either on a button click, or even automatically. This eliminates unnecessary maintenance costs and hardware upgrades. Different Companies like the idea of SaaS because it allows them to access company systems from any point. Employees can work from the head office, the remote sales office, their home, or even from a laptop while the road. 4. GLIMPSE OF CLOUD COMPUTING NIST has defined cloud computing as a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. [2] [3] The cloud computing model has five essential characteristics broad network access, resource pooling, on-demand self service, measured Service and rapid elasticity. It includes three service models SaaS (Software-as-a service) PaaS (Platform-as-a-service) and IaaS (Infrastructureas-a-Service). These services offer different benefits according to requirements of customers. Figure 2: Types of Cloud Services The cloud computing symbol includes four deployment models Public Cloud, Private Cloud, Community Cloud and Hybrid Cloud. The influence of cloud computing on security, privacy and compliance is a working progress. The major issues include trust, multi-tenancy, encryption and compliance such as FISMA, GLBA, HIPAA, SOX, PCI and SAS 70 Audits. Figure 3: Cloud computing types
3 77 At the end of 2008, Cloud security alliance released its second version of Security Guidance for Critical Areas of Focus in Cloud Computing. In 2009 five governance domains and seven operational domains were established. In the domain of IT audit, it raises cloud computing issues for regulatory applicability and for the division of compliance responsibilities between providers and users. It also made 13 recommendations which are audit rights, legal and contract team involvement, compliance scope, contractual understanding, impact of regulations on data security, relevant partners and services providers review, provider infrastructure configuration review, policies and procedures analysis, cloud providers SAS 70 Type II status, and ISO/IEC 27001/27002 roadmap and scoping, evidence preparation, auditor qualification and selection. The biggest challenge for cloud computing is that there s no standard or single architectural method. Therefore, it is more appropriate to view cloud architectures as a set of approaches, each with its own examples and capabilities. Open Security Architecture Group offers various Cloud Computing Patterns and specific Controls. In this paper, we focus on IT Audit to assure a secure cloud computing. The main aim is to design a well equipped framework with master check list so that both internal and external auditors get a reference when they have to audit this new and dynamic cloud computing territory. 5. CLOUD DATA LIFE CYCLE Cloud computing makes the world more vapid. Public cloud providers can use their computing resources both locally or globally. Cloud users do not require information about the location of computing resources because they are all virtualized. In general, the data life cycle includes collection, storage, transferring and destruction.[4] The data collection includes both raw data and derived data. Derived data, also called information, is produced from raw data to deliver intelligence. The data storage includes active data storage and inactive storage. For example, former employee data can be considered as inactive. Its storage procedure may be different from the active employee data. It is not necessary that data processing and data storage lie under the same location in the cloud environment. Therefore data transferring is a common activity. The destruction of data is to destroy data permanently, no backup should be left somewhere either in the user side or the provider side. The cloud data life cycle presents many distinct features. Data can cross different security domain and regulations and constantly moves due to the nature of data storage provided by a third party. Information assurance is the advanced area which provide new dimension via contracts among cloud users and cloud providers. They need to establish formal agreement. Service Level Agreement (SLA) can be borrowed, since we now need to add crossing domain compliance clauses that can be implementable. 6. CHECKLIST FOR PUBLIC CLOUD Public Cloud Computing provides scalable and easy access to computing resources and IT services. It is implemented where several organizations have similar requirements and share infrastructure so as to understand the benefits of cloud computing. It offers higher level of privacy, security, and/or policy compliance. Along with this, it can be economically attractive as the storage and workstations utilized and shared in the community are already in use. Cloud computing is cheaper which benefits many users. Public cloud is based on the standard cloud computing model, in which applications and storage are available to the general public over the Internet. These services may be free or offered on pay basis. The base of Public cloud lies in Google, Amazon, and Microsoft etc. Enterprise basically uses public cloud to emphasize on its core business and cut the cost. Cloud concept can integrate various computing resources from different departments and agencies into a manageable format. Therefore making a connected government is a reality. IT auditing in public cloud can have different focus based on different service models- Infrastructure as a Service (IaaS) and Software as a Service (SaaS). 6.1 IaaS Infrastructure as a Service (IaaS) is a popular service model that provides computing resources to cloud users. So that they can utilize operating systems and run their applications on top of it. It can also be used as a archive or as a storage medium. In IT auditing, location, geopolitics, data owner and regulatory issues are not virtualized. The checklist of Public cloud emphasize on the following issues Cloud IT Technique Rationale: IT auditing techniques need to refine to reflect the change. IT auditing is challenging toward public cloud because the IT infrastructure offered by the third party may not provide direct access to the agreement auditors. What: The techniques should include wired and wireless connection, database, data center, cloud operating system like VMware, hardware dependencies. How: IT auditors must verify the agreement with the help of third party cloud provider. They should know how far it can go and test and what kind of tools it can use. Data ownership aware Rationale: Data owner in public cloud is always a issue between providers and users. Cloud users can assume that
4 78 they are the owners of their data. This assumption should be presented in an agreement format. When it comes to move data out of the cloud, cloud users should know if data are destroyed completely and how. No backup should be there when data is supposed to destroy. What: The agreement clearly states on data ownership on data life cycle. It also included the data destroy and verification process. How: It is necessary to discuss with cloud coordinators about the data ownership and data life cycle management. Data Protection Plan and Best Practice Rationale: Clearly defined data protection plan as the part of data life cycle is important part of agreement among all parties, users, providers and affected. In addition to written agreement, actual practice is also important to data protection. What: Data protection plan should include clear procedure and practice in each phase of data life cycle such as collection, storage, transferring and destruction. How: Auditors must be able to differentiate between essential and non-essential data. IT auditors must advise various controls for every phase of data life cycle. Data Processing Isolation Rationale: Data can also be leaked during the data processing in a shared cloud environment. In order to isolate data processing we have to check that no other applications can access the data during the processing. What: Clear procedure should be applied to make sure data processing does not leak data. How: IT auditors must read the document in written but also follow certain procedures. Cloud Disaster Recovery Plan Rationale: Cloud disaster recovery plan play an important for the business recovery from any disaster. What: Cloud disaster recovery plan must include how to get crucial data back. So it must contain disaster recovery plan from cloud providers. How: IT administrators must do proper documentation and checked if it is being properly tested and updated. Cloud Business Continuity Rationale: Business continuity manages damage minimization. It should include business continuity plans of cloud providers with its own business continuity plan. What: Cloud business continuity should include all the documentation from inside and outside. How: IT administrators should provide proper documentation. They should test business continuity plan. Overall IT Projects Cost Rationale: Actual cost structure using public cloud should be known and how much it saves as compared to traditional IT model.[5] 6.2 SaaS It is a popular cloud service model in which many checklist items are similar to those from IaaS. Data Activity Surrender Rationale: SaaS providers should kept data within the national boundaries so that government agencies can access them when needed. It must keep all the customer data that can be accessed under court order. So SaaS users must be aware if there is a possibility that can avoid the cases of intrusion. How: IT auditors should be able to understand the local law and regulation on data service providers such as phone records, utility bills, etc. They should ask about what kind of information cloud providers keep. This documented policy should be properly viewed on site. Data Format Rationale: If freely available readers like adobe, work, open office and notepad can read the data, SaaS users can avoid pay extra software usage. What: It must check available data format from the software service. How: Auditors should check if these format can be accessed by general reader applications. They should talk to users to find out reasons that specific format being used or not used. Disaster Recovery and Continuity Plan Rationale: Disaster recovery plan must follow the procedure like public cloud. The IT team and management should work together to change the existing disaster plan to fit the cloud scenario. What: The plan should include data different location backup. It should also include how to get crucial data back and how quickly. How: IT administrators should properly check the documentation. 7. CONCLUDING REMARKS: SHAPING OPPORTUNITY In this paper, we have defined a framework of checklist of IT auditing cloud computing that assure the secure cloud computing. It focuses more on Cloud rather than emphasizing on the complete list of IT Auditing for secure Cloud computing. IT auditors whether internal or external should pertain the basic requirements for IT auditing.
5 79 The checklist of the IT auditing also references to those who want to step into cloud computing wave and a questionnaire to answer if cloud computing is good for the current business applications in long run. PaaS service model is an important aspect for the future work as feasibility for PaaS business model is still going on. The future of cloud computing is expected to see many technological advancements for changing the world. It uses applications which will extract entire potential of the cloud which can be known only when it is used with Internet that has higher bandwidth rates and can be accessed at faster speeds. It is because many public places like educational institutions now have wireless internet facilitating hotspots. The Cloud computing future also shows that the extra overhead of client s computer to maintain the software will be negligible. Because there is no requirement to install the software application on their computer. So there will no need for the end user to emphasize on any type of maintenance issues. The clouds, different services, and various service-oriented architectures are technologies that will be necessary for twentyfirst-century corporations successfully to navigate the changes that they now face. The use of cloud hosting services will began either as an alternative to self-hosting, or as an alternative to other current day third party hosting arrangements will began. The companies that require the implementation results and management of a service-oriented architecture will have to re-architect the current platforms to leverage/implement cloud computing and the possible need to formalize the way the policy is used to manage IT platforms within and across service grid boundaries. Future of cloud computing guarantees that with the reduced usage of hardware, the probability of entry of viruses in the system will be very less since everything will be operated over the network and using web browser. It shows scope in many areas fields which requires high bandwidth internet and need larger storage space like medicine, education and space, which might be difficult if the system does not use cloud computing. Cloud computing cuts down the cost and risks of having storage area and also can have the data stored readily with backup which does not have to be done manually. REFERENCES [1] NIST Definition of Cloud Computing v15, accessed on 4/15/2010, cloud-def-v15.doc [2] Will Forrest, Clearing the Air on Cloud Computing, Discussion Document from McKinsey and Company, March [3] Luis M. Vaquero, et al., A. Breaks in the Clouds: Toward the Definitions, ACM SIGCOMM Computer Communication Review, V39 No1, January, 2009, pp [4] FISMA: pdf [5] Gramm-Leach-Bliley Act (GLBA, the Financial Management.
Secure Cloud by IT Auditing
Vol.1, Issue.2, pp-332-337 ISSN: 2249-6645 Secure Cloud by IT Auditing CHIPURUPALLI SEKHAR 1, U. NANAJI 2 1 (Department of CSE, St.Theresa Institute of Engg. & Technology, Garividi, Vizayanagaram, (A.P.),
More informationInvestigation of IT Auditing and Checklist Generation Approach to Assure a Secure Cloud Computing Framework
Investigation of IT Auditing and Checklist Generation Approach to Assure a Secure Cloud Computing Framework Rajni Maheshwari M.Tech (Computer) College of Engineering, Bharati Vidyapeeth Deemed University
More informationHow cloud computing can transform your business landscape
How cloud computing can transform your business landscape Introduction It seems like everyone is talking about the cloud. Cloud computing and cloud services are the new buzz words for what s really a not
More informationClinical Trials in the Cloud: A New Paradigm?
Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand
More informationWhite Paper on CLOUD COMPUTING
White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples
More informationOverview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin
Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director
More informationOutline. What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages
Ivan Zapevalov 2 Outline What is cloud computing? History Cloud service models Cloud deployment forms Advantages/disadvantages 3 What is cloud computing? 4 What is cloud computing? Cloud computing is the
More informationCloud Computing; What is it, How long has it been here, and Where is it going?
Cloud Computing; What is it, How long has it been here, and Where is it going? David Losacco, CPA, CIA, CISA Principal January 10, 2013 Agenda The Cloud WHAT IS THE CLOUD? How long has it been here? Where
More informationHow cloud computing can transform your business landscape.
How cloud computing can transform your business landscape. This whitepaper will help you understand the ways cloud computing can benefit your business. Introduction It seems like everyone is talking about
More informationBUSINESS MANAGEMENT SUPPORT
BUSINESS MANAGEMENT SUPPORT Business disadvantages using cloud computing? Author: Maikel Mardjan info@bm-support.org 2010 BM-Support.org Foundation. All rights reserved. EXECUTIVE SUMMARY Cloud computing
More informationCloud Computing. What is Cloud Computing?
Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited
More informationSecuring and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer
Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable
More informationCloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter
Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute
More information20 th Year of Publication. A monthly publication from South Indian Bank. www.sib.co.in
To kindle interest in economic affairs... To empower the student community... Open YAccess www.sib.co.in ho2099@sib.co.in A monthly publication from South Indian Bank 20 th Year of Publication Experience
More informationEssential Characteristics of Cloud Computing: On-Demand Self-Service Rapid Elasticity Location Independence Resource Pooling Measured Service
Cloud Computing Although cloud computing is quite a recent term, elements of the concept have been around for years. It is the maturation of Internet. Cloud Computing is the fine end result of a long chain;
More informationCloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC
Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC www.fmsinc.org 1 2015 Financial Managers Society, Inc. Cloud Security Implications
More informationPresented by Mike Jennings President BEI
Presented by Mike Jennings President BEI Cloud Computing Defined Benefits of Cloud Computing Risks of Cloud Computing When and How to Utilize Cloud Computing Recommendations 2 Cloud Computing Defined 3
More informationNCTA Cloud Architecture
NCTA Cloud Architecture Course Specifications Course Number: 093019 Course Length: 5 days Course Description Target Student: This course is designed for system administrators who wish to plan, design,
More informationEDC Collaboration White Paper Cloud Companion SM IT Services Delivery Transformation
EDC Collaboration IT Delivery Transformation By W. Fred Rowell Vice President and Chief Technology Officer Companion Data, LLC IT Delivery Transformation Contents Introduction... 1 Cloud DNA... 1 Through
More informationContents. What is Cloud Computing? Why Cloud computing? Cloud Anatomy Cloud computing technology Cloud computing products and market
Cloud Computing Contents What is Cloud Computing? Why Cloud computing? Cloud Anatomy Cloud computing technology Cloud computing products and market What is Cloud Computing? Definitions: Cloud computing
More informationWhat Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.
What Every User Needs To Know Before Moving To The Cloud LawyerDoneDeal Corp. What Every User Needs To Know Before Moving To The Cloud 1 What is meant by Cloud Computing, or Going To The Cloud? A model
More informationCloud Computing. Bringing the Cloud into Focus
Cloud Computing Bringing the Cloud into Focus November 2011 Introduction Ken Cochrane CEO, IT/NET Partner, KPGM Performance and Technology National co-leader IT Advisory Services KPMG Andrew Brewin Vice
More informationCloud Computing Policy 1.0 INTRODUCTION 2.0 PURPOSE. Effective Date: July 28, 2015
Cloud Computing Policy Effective Date: July 28, 2015 1.0 INTRODUCTION Cloud computing services are application and infrastructure resources that users access via the Internet. These services, contractually
More informationCloud Computing. Karan Saxena * & Kritika Agarwal**
Page29 Cloud Computing Karan Saxena * & Kritika Agarwal** *Student, Sir M. Visvesvaraya Institute of Technology **Student, Dayananda Sagar College of Engineering ABSTRACT: This document contains basic
More informationFundamental Concepts and Models
Chapter 4: Fundamental Concepts and Models Nora Almezeini MIS Department, CBA, KSU From Cloud Computing by Thomas Erl, Zaigham Mahmood, and Ricardo Puttini(ISBN: 0133387526) Copyright 2013 Arcitura Education,
More informationCloud Computing and Records Management
GPO Box 2343 Adelaide SA 5001 Tel (+61 8) 8204 8773 Fax (+61 8) 8204 8777 DX:336 srsarecordsmanagement@sa.gov.au www.archives.sa.gov.au Cloud Computing and Records Management June 2015 Version 1 Version
More informationCloud models and compliance requirements which is right for you?
Cloud models and compliance requirements which is right for you? Bill Franklin, Director, Coalfire Stephanie Tayengco, VP of Technical Operations, Logicworks March 17, 2015 Speaker Introduction Bill Franklin,
More information6 Cloud computing overview
6 Cloud computing overview 6.1 General ISO/IEC 17788:2014 (E) Cloud Computing Overview Page 1 of 6 Cloud computing is a paradigm for enabling network access to a scalable and elastic pool of shareable
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationCloud Security and Managing Use Risks
Carl F. Allen, CISM, CRISC, MBA Director, Information Systems Security Intermountain Healthcare Regulatory Compliance External Audit Legal and ediscovery Information Security Architecture Models Access
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationSee Appendix A for the complete definition which includes the five essential characteristics, three service models, and four deployment models.
Cloud Strategy Information Systems and Technology Bruce Campbell What is the Cloud? From http://csrc.nist.gov/publications/nistpubs/800-145/sp800-145.pdf Cloud computing is a model for enabling ubiquitous,
More informationOWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect
OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud
More informationCLOUD COMPUTING IN HIGHER EDUCATION
Mr Dinesh G Umale Saraswati College,Shegaon (Department of MCA) CLOUD COMPUTING IN HIGHER EDUCATION Abstract Technology has grown rapidly with scientific advancement over the world in recent decades. Therefore,
More informationCLOUD COMPUTING INTRODUCTION HISTORY
1 CLOUD COMPUTING INTRODUCTION 1. Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over a network (typically the Internet). The name comes from
More informationSecurity Considerations for Public Mobile Cloud Computing
Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of
More informationElectronic Records Storage Options and Overview
Electronic Records Storage Options and Overview www.archives.nysed.gov Objectives Understand the options for electronic records storage, including cloud-based storage Evaluate the options best suited for
More information1 Introduction. 2 What is Cloud Computing?
1 Introduction Table of Contents 1 Introduction 2 What is Cloud Computing? 3 Why is Cloud Computing important? 4 Why Cloud deployments fail? 5 Holistic Approach to cloud computing implementation 6 Conclusion
More informationHow to Turn the Promise of the Cloud into an Operational Reality
TecTakes Value Insight How to Turn the Promise of the Cloud into an Operational Reality By David Talbott The Lure of the Cloud In recent years, there has been a great deal of discussion about cloud computing
More informationUnderstanding The Cloud
Understanding The Cloud Benefits and Considerations for Fund Managers Backstop Solutions Group www.backstopsolutions.com Executive Summary Today, cloud computing pervades nearly every aspect of our digital
More informationTamanna Roy Rayat & Bahra Institute of Engineering & Technology, Punjab, India talk2tamanna@gmail.com
IJCSIT, Volume 1, Issue 5 (October, 2014) e-issn: 1694-2329 p-issn: 1694-2345 A STUDY OF CLOUD COMPUTING MODELS AND ITS FUTURE Tamanna Roy Rayat & Bahra Institute of Engineering & Technology, Punjab, India
More informationA STUDY OF OPEN INNOVATION IN CLOUD COMPUTING
A STUDY OF OPEN INNOVATION IN CLOUD COMPUTING Grozdalina Grozeva 1, Yordan Dimitrov 2 1 Department of Management, Technical University, Bulgaria, E-mail: grozeva77@abv.bg 2 Department of Management, Technical
More informationArchitectural Implications of Cloud Computing
Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,
More informationDaren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD
Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD Agenda Cloud Computing Technical Overview Cloud Related Applications Identified Risks Assessment Criteria Cloud Computing What Is It? National
More informationCloud Security. DLT Solutions LLC June 2011. #DLTCloud
Cloud Security DLT Solutions LLC June 2011 Contact Information DLT Cloud Advisory Group 1-855-CLOUD01 (256-8301) cloud@dlt.com www.dlt.com/cloud Your Hosts Van Ristau Chief Technology Officer, DLT Solutions
More informationcustom hosting for how you do business
custom hosting for how you do business 24775 League Island Boulevard Philadelphia PA 19112 gibraltarit.com 866.410.4427 Gibraltar s replicated cloud architecture and PCI/HIPAA compliant data centers provide
More informationCertified Cloud Computing Professional Sample Material
Certified Cloud Computing Professional Sample Material 1. INTRODUCTION Let us get flashback of few years back. Suppose you have some important files in a system at home but, you are away from your home.
More informationGrid Computing Vs. Cloud Computing
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 6 (2013), pp. 577-582 International Research Publications House http://www. irphouse.com /ijict.htm Grid
More informationINTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS
INTRODUCTION TO CLOUD COMPUTING CEN483 PARALLEL AND DISTRIBUTED SYSTEMS CLOUD COMPUTING Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing
More informationSURVEY OF ADAPTING CLOUD COMPUTING IN HEALTHCARE
SURVEY OF ADAPTING CLOUD COMPUTING IN HEALTHCARE H.Madhusudhana Rao* Md. Rahmathulla** Dr. B Rambhupal Reddy*** Abstract: This paper targets on the productivity of cloud computing technology in healthcare
More informationSecurity Issues in Cloud Computing
Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources
More informationTECHNOLOGY GUIDE THREE. Emerging Types of Enterprise Computing
TECHNOLOGY GUIDE THREE Emerging Types of Enterprise Computing TECHNOLOGY GU IDE OUTLINE TG3.1 Introduction TG3.2 Server Farms TG3.3 Virtualization TG3.4 Grid Computing TG3.5 Utility Computing TG3.6 Cloud
More informationEDC COLLABORATION WHITE PAPER Cloud Computing IT Services Delivery Transformation
EDC COLLABORATION WHITE PAPER Cloud Computing IT Delivery Transformation By W. Fred Rowell Vice President and Chief Technology Officer Companion Data, LLC APRIL, 2011 Table of Contents and List of Figures
More informationGETTING THE MOST FROM THE CLOUD. A White Paper presented by
GETTING THE MOST FROM THE CLOUD A White Paper presented by Why Move to the Cloud? CLOUD COMPUTING the latest evolution of IT services delivery is a scenario under which common business applications are
More informationCloud Computing 159.735. Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009
Cloud Computing 159.735 Submitted By : Fahim Ilyas (08497461) Submitted To : Martin Johnson Submitted On: 31 st May, 2009 Table of Contents Introduction... 3 What is Cloud Computing?... 3 Key Characteristics...
More informationJohn Essner, CISO Office of Information Technology State of New Jersey
John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management
More informationCloud Computing Paradigm Shift. Jan Šedivý
Cloud Computing Paradigm Shift Jan Šedivý Business expectations Improving business processes Reducing enterprise costs Increasing the use of information/analytics Improving enterprise workforce effectiveness
More informationCloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu
Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu 2 If cloud computing is so simple, then what s the big deal? What is the
More informationModule 1: Facilitated e-learning
Module 1: Facilitated e-learning CHAPTER 3: OVERVIEW OF CLOUD COMPUTING AND MOBILE CLOUDING: CHALLENGES AND OPPORTUNITIES FOR CAs... 3 PART 1: CLOUD AND MOBILE COMPUTING... 3 Learning Objectives... 3 1.1
More informationWhere in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle)
Where in the Cloud are You? Session 17032 Thursday, March 5, 2015: 1:45 PM-2:45 PM Virginia (Sheraton Seattle) Abstract The goal of this session is to understanding what is meant when we say Where in the
More informationCloud Courses Description
Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,
More informationStandardizing Cloud Services for Financial Institutions through the provisioning of Service Level Agreements (SLAs)
Standardizing Cloud Services for Financial Institutions through the provisioning of Service Level Agreements (SLAs) Robert Bohn, PhD Advanced Network Technologies Division Cloud FS Americas 2015 New York,
More informationCredit Unions and The Cloud. By: Chris Sachse
Credit Unions and The Cloud By: Chris Sachse Agenda! Introduction.! Definition of the cloud.! Discuss cloud popularity.! Look at the use of the cloud.! Discuss cloud management.! Discuss cloud security.!
More informationCLOUD COMPUTING SECURITY ISSUES
CLOUD COMPUTING SECURITY ISSUES Florin OGIGAU-NEAMTIU IT Specialist The Regional Department of Defense Resources Management Studies, Brasov, Romania The term cloud computing has been in the spotlights
More informationLeveraging Technology New Horizons Computer Learning Center of Memphis
New Horizons Computer Learning Center of Memphis Presents Leveraging Technology Presenter: Charles B. Watkins, Sr. Technical Instructor New Horizons Computer Learning Center of Memphis About Me: Agenda:
More informationFEDERATED CLOUD: A DEVELOPMENT IN CLOUD COMPUTING AND A SOLUTION TO EDUCATIONAL NEEDS
International Journal of Computer Engineering and Applications, Volume VIII, Issue II, November 14 FEDERATED CLOUD: A DEVELOPMENT IN CLOUD COMPUTING AND A SOLUTION TO EDUCATIONAL NEEDS Saju Mathew 1, Dr.
More informationCloud Computing: The Next Computing Paradigm
Cloud Computing: The Next Computing Paradigm Ronnie D. Caytiles 1, Sunguk Lee and Byungjoo Park 1 * 1 Department of Multimedia Engineering, Hannam University 133 Ojeongdong, Daeduk-gu, Daejeon, Korea rdcaytiles@gmail.com,
More informationANALYSIS OF CLOUD VENDORS IN INDIAN ENVIORNMENT
ANALYSIS OF CLOUD VENDORS IN INDIAN ENVIORNMENT Mrs. Jeena Thomas Asst. Professor, Department of Computer Science St.Joseph s College of Engineering & Technology, Palai, Kerala,(India) ABSTRACT Grid Computing
More informationCloud Computing Guide & Handbook. SAI USA Madhav Panwar
Cloud Computing Guide & Handbook SAI USA Madhav Panwar Background 2010 WGITA approved the cloud computing project with SAI USA as lead and Canada & India as members 2011 A status report was presented and
More informationSecurity Issues in Cloud Computing
Security Issues in Cloud Computing Dr. A. Askarunisa Professor and Head Vickram College of Engineering, Madurai, Tamilnadu, India N.Ganesh Sr.Lecturer Vickram College of Engineering, Madurai, Tamilnadu,
More informationKent State University s Cloud Strategy
Kent State University s Cloud Strategy Table of Contents Item Page 1. From the CIO 3 2. Strategic Direction for Cloud Computing at Kent State 4 3. Cloud Computing at Kent State University 5 4. Methodology
More informationCloud Computing. Following the American Psychological Association s Guidelines. Dustin Self. The University of North Texas
Running Head: CLOUD COMPUTING 1 Cloud Computing Following the American Psychological Association s Guidelines Dustin Self The University of North Texas 2 Cloud Computing by Dustin Self ABSTRACT According
More informationThe Cloud. IIA Seminar, York April 30 th 2015. www.bakertilly.co.uk
The Cloud IIA Seminar, York April 30 th 2015 www.bakertilly.co.uk Introduction David Morris Technology Services Director with Baker Tilly Qualified Internal Auditor Based in Manchester Baker Tilly is an
More informationCLOUD COMPUTING. A Primer
CLOUD COMPUTING A Primer A Mix of Voices The incredible shrinking CIO CIO Magazine, 2004 IT Doesn t Matter, The cloud will ship service outside the institution and ship power from central IT groups to
More informationCLOUD COMPUTING. Keywords: Cloud Computing, Data Centers, Utility Computing, Virtualization, IAAS, PAAS, SAAS.
CLOUD COMPUTING Mr. Dhananjay Kakade CSIT, CHINCHWAD, Mr Giridhar Gundre CSIT College Chinchwad Abstract: Cloud computing is a technology that uses the internet and central remote servers to maintain data
More informationCLOUD COMPUTING OVERVIEW
CLOUD COMPUTING OVERVIEW http://www.tutorialspoint.com/cloud_computing/cloud_computing_overview.htm Copyright tutorialspoint.com Cloud Computing provides us a means by which we can access the applications
More informationCloud Computing - Advantages and Disadvantages
Could Computing: Concepts and Cost Considerations Arlene Minkiewicz, Chief Scientist PRICE Systems, LLC arlene.minkiewicz@pricesystems.com Optimize tomorrow today. 1 If computers of the kind I have advocated
More informationWhy Migrate to the Cloud. ABSS Solutions, Inc. 2014
Why Migrate to the Cloud ABSS Solutions, Inc. 2014 ASI Cloud Services Information Systems Basics Cloud Fundamentals Cloud Options Why Move to the Cloud Our Service Providers Our Process Information System
More informationSecurity & Trust in the Cloud
Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer
More informationEXIN Cloud Computing Foundation
Sample Questions EXIN Cloud Computing Foundation Edition April 2013 Copyright 2013 EXIN All rights reserved. No part of this publication may be published, reproduced, copied or stored in a data processing
More informationCloud Computing Services
Cloud Computing Services Thinking About Moving to the Cloud? How you get to the cloud is as important as being there, because being in the cloud isn t enough. Your access needs to be synced with your overall
More informationCloud Computing Flying High (or not) Ben Roper IT Director City of College Station
Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationCloud computing: the state of the art and challenges. Jānis Kampars Riga Technical University
Cloud computing: the state of the art and challenges Jānis Kampars Riga Technical University Presentation structure Enabling technologies Cloud computing defined Dealing with load in cloud computing Service
More informationProf. Luiz Fernando Bittencourt MO809L. Tópicos em Sistemas Distribuídos 1 semestre, 2015
MO809L Tópicos em Sistemas Distribuídos 1 semestre, 2015 Introduction to Cloud Computing IT Challenges 70% of the budget to keep IT running, 30% available to create new value that needs to be inverted
More informationRunning head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1
Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Taking a Deeper Look at the Cloud: Solution or Security Risk? LoyCurtis Smith East Carolina University TAKING A DEEPER LOOK AT THE CLOUD:
More informationCloud Computing - Architecture, Applications and Advantages
Cloud Computing - Architecture, Applications and Advantages 1 Arun Mani Tripathi 2 Rizwan Beg NIELIT Ministry of C&I.T., Govt. of India 2 Prof. and Head, Department 1 of Computer science and Engineering,Integral
More informationResearch Paper Available online at: www.ijarcsse.com A COMPARATIVE STUDY OF CLOUD COMPUTING SERVICE PROVIDERS
Volume 2, Issue 2, February 2012 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: A COMPARATIVE STUDY OF CLOUD
More informationDEFINING CLOUD COMPUTING: AN ATTEMPT AT GIVING THE CLOUD AN IDENTITY. adnan_khalid56@hotmail.com
DEFINING CLOUD COMPUTING: AN ATTEMPT AT GIVING THE CLOUD AN IDENTITY Adnan Khalid* a,dr. Muhammad Shahbaz b, Dr. Athar Masood c d Department of Computer Science, Government College University Lahore, Pakistan,
More informationHigh Performance Computing Cloud Computing. Dr. Rami YARED
High Performance Computing Cloud Computing Dr. Rami YARED Outline High Performance Computing Parallel Computing Cloud Computing Definitions Advantages and drawbacks Cloud Computing vs Grid Computing Outline
More informationA Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services
A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services Ronnie D. Caytiles and Byungjoo Park * Department of Multimedia Engineering, Hannam University
More informationLEGAL ISSUES IN CLOUD COMPUTING
LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing
More informationCloud Computing Technology
Cloud Computing Technology The Architecture Overview Danairat T. Certified Java Programmer, TOGAF Silver danairat@gmail.com, +66-81-559-1446 1 Agenda What is Cloud Computing? Case Study Service Model Architectures
More informationStudent's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen
Student's Awareness of Cloud Computing: Case Study Faculty of Engineering at Aden University, Yemen Samah Sadeq Ahmed Bagish Department of Information Technology, Faculty of Engineering, Aden University,
More informationEnterprise Governance and Planning
GEORGIA TECHNOLOGY AUTHORITY Title: Enterprise Operational Environment PSG Number: SO-10-003.02 Topical Area: Operations / Performance and Capacity Document Type: Standard Pages: 5 Issue Date: July 15,
More informationThe Cloud at Crawford. Evaluating the pros and cons of cloud computing and its use in claims management
The Cloud at Crawford Evaluating the pros and cons of cloud computing and its use in claims management The Cloud at Crawford Wikipedia defines cloud computing as Internet-based computing, whereby shared
More information