INSIDE: Basics of Cloud Hosting Security

Author: Thabiso Muzi Mbatha

Abstract
Cloud computing is popular in providing a set of integrated, shared resources between businesses and other cloud computing service providers. In
addition, it gains popularity by enabling companies to reduce costs and sustain affordability by outsourcing computations on-demand or publicly on a
daily basis. The outcome in the benefits and drawbacks of cloud services determines whether or not its suitable for any organization. The process of
selecting a cloud computing model requires careful consideration to ensure its benefits outweigh the service constraints adopted within the business. The
analysis of the article highlights several key aspects to be considered in cases where businesses contract with cloud service providers, addressing security
issues and providing alternatives for security constraints. If addressed effectively, it will ensure data consistency, security and integrity for resource sharing
throughout small and medium sized businesses dependent on cloud services. Examining the levels of security and processes in cloud service is significant in
verifying the confidentiality and integrity of data computation.

Keywords: Cloud computing, Security, Threats and Benefits.

Introduction
The critical factor in each organization is creating an efficient
asset and data management system in a secure manner. To manage
data as a corporate asset, managers and companies must
understand the values of information, the techniques in utilizing
with the cloud computing service, and resources being shared
through cloud computing. Given the current state of cloud
computing, most organizations continuously seek ways or
techniques to leverage, and protect their resources to yield greater
returns.
Cloud computing forms the basis for data management and
sharing over a public or private networks among several
computing devices (such as mobile devices, tablets,

personnel computers, and netbook devices) across multiple

geographical locations. It is a model that enables a convenient
and perhaps, a more complex network access to a shared amount
of computing facilities with minimized management efforts and
cloud services provider interaction.
While its a platform for dominant data resource delivery,
companies are faced or subjected to security constraint and
drawbacks by addressing issues pertaining to data authentication
violations, data sabotage, high cost of cloud computing
facilitation and other various aspects that require an immense
consideration in cloud computing implementation.

Facilitation of Models and Services

A large number of businesses (dependant on cloud computing)
comes across the question, of whether to facilitate cloud
computing services on the basis of a third-party services
provider,self-automation1 services provider where companies
have an option of operating without signing up directly with a
service provider or directly from a local and global spectrum to
enable a secure service to clients.

Nevertheless, the success of the infrastructure in any organization

will be determined by the types of technological tools, methods
and contingency plans2 in implementing a sophisticated cloud
computing model. Despite these aspects, an additional critical
factor for an organization is to adapt its business processes and the
day-to-day operation with the model being applied.

-----------------------------------------------------------1
The process of operating or function an activity without human interaction.
2
A plan unforeseen or embarking on making it occur within a future event or purpose.
1
Third-party services providers to provide services from specific
companies affiliated within other organization handling similar services.
Current cloud computing service and models may include:

Self-automation services providers in which enable a

company or organization to operate and manage its own
facilities.
needs exhibit the right combination of technical skills to produce
the desired benefits.

Public cloud computing model- it makes the service publicly

accessible through the internet over a geographical location.

To further illustrate the concept of cloud computing security, the

cloud computing includes the following benefits in an
organization:

Private cloud computing model considered a virtualized

service to provide resource within a company in few departments
of an organization.

Reduction in the costs and capital expenditure in its

implementation.

Providing cloud computing services based on a payment process

for an amount of computing usage known as On-Demand
cloud computing.

The desire to add new capabilities that are unavailable.

Much of the small and medium-sized businesses and enterprises

are beginning to admire cloud computing for application
development, hardware and software reliance. This phenomenon
has the ability to transform a business consisting of fixed
infrastructure into a more advance infrastructure in a rapidly
changing information system industry.

Rapid

development
implementation).

approaches

(Speed

in

Simplicity and subscription pricing options.

Conventional software license.
Lower energy consumption.

The benefits and security constraints

Delivery of services to multiple computers over a

network.

Accessibility from various devices.

Well-designed (organized) adopted cloud computing models

generate a secure infrastructure for valuable information and
resource sharing. However, as the platform sets a profound
impact in business and society, its approach may pose several
consequences, which may result in clients becoming sceptical in
the level of security and recovery constraints3.

An added benefit of cloud computing includes the provision of a

facilitation known as automation, which provides a service
without or little human interaction. However, business
requirements and potential threats should be considered before the
implementation of the model and services.

The benefits and constraints for cloud computing are numerous,

therefore the objectives of cloud computing model is to ensure it
meets the business needs and those

The security threats, including the solutions in averting4 the

threats are as follows:

---------------------------------------------------------3
The results of restriction or obligation.
4a particular
The manner of taking away or solving a disaster or threat in
event.

Threats

Details and Solutions

Unauthorized data access

Confidential items stolen,

unauthorized
resources
accessed
and causes of
identification theft.
Solution: Create

multiple

2
passwords and confidential

information about clients

(e.g.
Biometrics
and
fingerprint
identification
systems.)
Scams and repudiation

Malicious items
being
send, with the outcome of
denying the submission of
the send item.
Solution: Monitoring the
web logs, ensuring that the
providers implement the
appropriate audit trails for
request
or
submitted
resources.

Data sabotage

Precautions and Checklist

Protection mechanisms are the main aspect for securely

outsourcing data as it builds trust between the cloud services
providers and the clients, businesses, and organizations.
Mechanisms and precautions such as conducting research is one
of the strongest links on how to secure cloud computing services.
In addition, clients should question how the providers would
segregate6 their services and corporate data, emphasizing how it
will implement external audits, security measures, configuration
methods, data integrity and consistency during the
implementation process.

Intrusion, modifying and

damaging items into the
cloud computing service
providers system.
Solution:
Integrated
monitoring and notification
tools
in
the
cloud
computing facilitation.

Causes of natural
disasters

Natural disasters caused by

hurricanes, earthquakes and
other various natural
disasters.
Caption 1: Secure Cloud Computing Layer Framework
Solution: Backup, system
recovery tool and storing
data into multiple locations
to ensure the recovery of
resources.

Table 1: Security threats and solutions in cloud computing

services.

Security software mechanisms such as Anti-Viruses, Firewalls

and encryption practices should be in place, ensuring the control
of data is stored securely in cloud service provider systems (In
cases, where data that is shared across cloud computing services
which may be created maliciously in a process called virus
deployment7 in cloud services).

----------------------------------------------------------5
The practice of rejection or denial.
6
Placing apart from the rest or an item being in isolation.
7
The implementation of malicious programs for the purpose of damaging and using data without authorization.
8
Processes or procedures adopted by a person or organization in meeting its objectives.
3
computing model, the company must ensure that:

The encryption tools and application are

Before the implementation process of selecting a viable cloud

operational to secure the data in the cloud services.

 It understands and implements consistent policy

practices such as pricing, access control and security
policies8.

Conclusion
The primary focus in cloud computing has been gained from
resource sharing to ensuring the security measures are in place in
each cloud computing environment. When evaluating the
outcome of cloud computing, it is clear that the benefits in cloud
services outweigh its shortfalls.

It secures sufficient funds for pricing subscription

options.

The solution or contingency plans integrated in the cloud

services capture data or resource usage and storage
behaviour.

The principle of cloud computing is considered incomplete if it

lacks the security measures and fails to meet the organizations
business needs. In addition, cloud computing services tend to fails
when organizations lack the ability to understand the software and
service provided by the service providers and lack the ability in
engaging with the service providers.

It understands the features provided by the solution in

cloud computing.

The processes and services provided by the service

provider satisfy the business needs.

Despite the outcomes of cloud computing, being vulnerable to

service outages and facing the possibilities of data intrusion, it
will always be considered the most dominant force in resource
sharing between clients, businesses and organizations in a rapidly
changing computing environment.

It reviews the level of security implemented by cloud

service providers.

The service provider is liable and assertive in its service,

policies and priorities.

It tests the service before implementation, if the provider

References

enables the opportunity of evaluating the system by

testing processes.

It creates a strategic and recovery plan for stored data and

resources.

Thuraisingham, B. (2014), Developing and Securing the

Cloud, CRC Press, pp. 42 - 45, 332.

Finally, the companies or businesses requiring services from the

cloud service provider must ensure frequent interaction and
communication between the service providers regarding enquires
in security policies and service analysis. The analysis information
can be used to build a consistent relationship with the services
provider.

Laudon, C. K., Laudon, P. J. (2012), Management

Information System, Managing the digital firm, Pearson,
pp. 214 215
Cooter, M. (2011), The Ultimate Guide To Cloud
Computing, MacBook magazine, pp. 7 - 87
Hamlen, K., Kantarcioglu, M., Khan, L., Thuraisingham, B.
(2010), Security Issues for Cloud Computing, International
Journal of Information Security and Privacy 4(2), pp. 41

Note: The text marked with quotation marks in

the Abstract was used from the Section 5.pdf topic
1 illustration. The texts in the other quotation marks
from the body of the article used from the Reference
sources listed above.