Course: MSc Computer Science (Cyber Security)
Introduction
Cloud computing for SME enables organisations to be more resilient, agile as well as connected. It enables the SMEs for overcoming the limitation of physical office as well as empower employees for working from anywhere and anytime. Cloud computing enables businesses for accessing data from anywhere using Internet connection [1]. Cloud computing provides various services such as storage, software, backup as well as hosting services. Users can get cloud services on demand basis. Few cloud services are IaaS, PaaS and SaaS. Cloud computing offers various benefits to the SMEs such as reducing operational cost related with IT by eliminating the legacy infrastructure maintenance. SMEs need not maintain any networking and hardware equipment. To start a business, SMEs can spend low initial investment by adopting cloud services. It breaks silos as well as encourages collaboration.
Following are threats for cloud security such as insecure Interfaces/APIs, lack of visibility, misconfiguration, unauthorised access, accounts hijacking, external sharing of data, cyber-attacks, DoS attacks, malicious insiders, data loss, data privacy.
Contents
- Professional secure networks
- Introduction
- Latest technologies, techniques and tools
- Relevant statistical data or trends
- Selecting network equipment or technologies
- Installation or configuration issues
- Testing or implementation procedures
- Conclusion
- References
Professional secure networks
Seeking assistance with your Advanced Computer Networks assignment? Look no further! Delve into Advanced Computer Networks - OTHM Level 6 Diploma In Information Technology with our expert guidance.
Task: Investigate the current security issues related to moving SMEs to the cloud.
Solution:
Literature review
Cloud services provide more flexibility for the small and medium businesses. It keeps the business up-to date in the market. It enables the businesses for scaling as well as developing new software programs rapidly and also ecosystems without the need of investing in the infrastructure. It gives better collaboration and communication capabilities. Cloud computing also has various threats including account hijacking, data breaches, limited visibility of cloud usage, APIs, insecure interfaces, DoS, data loss, unsecure access control points, misconfiguration of security system etc.
Misconfiguration of security system
The foremost cause for the cloud security issue is misconfiguration of security system. There are various reasons for the misconfiguration of security system of cloud network. The main focus of the cloud infrastructure is to provide accessibility for users as well as enables data sharing. The best example for accessibility is link based data sharing. In cloud environment, any one has link can access the data. Organisations do not have enough visibility about the infrastructure of cloud. Organisation rely in cloud providers on security control and management. One more cause for the cloud security issue is that many business organisations use multiple cloud service providerresults in difficulties in understanding security controls of each cloud service provider. Lack of understanding on security controls will lead to the misconfigurations as well as security oversights.
DoS attack
DoS attack makes the legitimate users not able to access their authorised resources. Cyber criminals makes the network or machine to crash and make it not accessible to the users by flooding more traffic to the target or sending malicious code.
Data loss
Cyber criminals are targeting cloud due to its accessibility. Malicious hackers aware of the security weakness of cloud as well as how to exploit. Loss of data due to human error, natural disasters as well as malicious attacks results in disastrous for the company. Moving business critical data to cloud increases security concerns.
Unsecure access control points (ACPs)
One of the main benefits of cloud network is accessibility that is cloud users can access the resources from anywhere and any location. Application programming Interface (API) is widely used in cloud that enables user to interact with cloud. These APIs are vulnerable for cyber-attacks. These APIs acts an entry point to the hackers.
In need of Network Management Assignment Help? Dive into Network Management - Level 5 Pearson BTEC HND in Computing with our specialized support.
Latest technologies, techniques and tools
Various cloud security technologies as well as tools exist within the cloud for ensuring data protection and security. Few technologies are two factor authentication, encryption, prevention of data loss, privileged access management, monitoring of cloud security as well as vulnerability management. Two factor authentication enables users to validate login credentials from their personal devices [2]. Encryption enables data protection and security by converting the data into unreadable format. Data loss prevention solutions give visibility as well as control in IaaS as well as SaaS applications [3].
Few tools for cloud security are as follows:
Zscalar
Zcalar is one of the best tool for cloud security. It offers different software such as Zscalar Internet Access, Zcalar Digital Experience, Zscalar Private access and Zscalar Cloud provider. ZIA protects the network of the company [4].
Orca security
It is workload level security solution. It is not suitable for serverless based cloud applications or container.
Qualys
It gives visibility over security posture as well as vulnerabilities across every endpoint, data center, server, as well as device. It gives real time monitoring of all cloud assets as well as report to the cloud platform for accessing as well as identity vulnerabilities [5]. Cloud protection platform provides services such as compliance monitoring, vulnerability scanning as well as cloud workload protection.
VIPRE
It gives protection from data leaks and malware.
Relevant statistical data or trends
Cloud computing provides a shared pool of IT resources over the internet. Cloud computing has various vulnerabilities such as data threats, vulnerabilities in cloud API, malicious insiders, weak cryptography, and vulnerable cloud services [6].
Selecting network equipment or technologies
Cloud security is a network of controls, integrated policies, technologies, procedures for protecting the infrastructure of cloud based systems as well as data stored in the cloud. Cloud networking is type of IT infrastructure in which organisation's networking infrastructure are hosted in the cloud whether in public, hybrid, or private cloud [7]. Networking resources in the cloud includes network management software, firewalls, virtual routers, as well as other technologies and tools required for the business. Cloud networking is based on the ability of the cloud service provide or customer for designing, managing as well as configuring and also managing the underlying network in a cloud service. Cloud networking shifts the organisation's network management, data connectivity as well as control to the cloud. Networking services and resources that can be hosted in the cloud are connectivity, firewalls, network management software, CDNs, load balancers, bandwidth, VPN and domain name system [8]. Different types of cloud networking are cloud enabled networking as well as cloud networking. In cloud enabled networking, network architecture is present in the customer's premises. The network management will be managed by cloud providers. Example for the network architecture are the architecture involved in the packet forwarding as well as routing. Cloud providers will have facilities for network management, monitoring as well as security services. Cloud based networking is another technique in which network architecture as well as management will be maintained and managed by cloud providers. Following network resources are required to support cloud such as virtual routers, firewalls, and bandwidth as well as network management software [9].
Virtual routers
Virtual router is a software based router that can be deployed as a virtual machine or a BMI (bare metal image) and it is deployed in the cloud. A virtual router can be installed on any hardware device. It performs the same functionalities of layer 3 routers and also it uses protocols for moving data between devices in the network. Some of the use cases of virtual routers are cloud connectivity, edge networking as well as VPNs [10].
Firewalls
Cloud firewalls are also software based as well as deployed in the cloud. It is useful for mitigating or stopping unwanted access to the private networks. Two kinds of cloud firewalls are Saas as well as next generation firewalls [11]. The focus of SaaS firewalls are securing the organisation's network as well as its users. Next generation firewalls are the services of cloud intended for deploying within a virtual data centre. It helps to protect the organisation's servers in an IaaS or PaaS. Virtual server consists firewall to secure incoming as well as outgoing traffic between cloud based applications [14].
For Security Assignment Help, explore Security - BTEC Higher National Diploma in Computing, and obtain top-notch solutions from our experienced tutors!
Network management and bandwidth software
Network management is a task of managing, administering as well as operating a network with the use of network management software [12]. Latest systems use hardware as well as software for collecting as well as analysing data constantly to improve performance, security and reliability. This kind of systems have low start-up costs.
Installation or configuration issues
Virtual router configuration
The functionalities of virtual router is similar to physical routers. These routers are configured as well as activated on demand basis. These routers use its own routing as well as forwarding table. It is possible to configure static as well as dynamic routing protocols including multicast and unicast protocols, redistribution, router advertisements as well as importing policies. The configuration virtual redundancy protocol is illustrated below. It is possible for configuring the managed device in a layer 3 deployment. For routing the traffic, it is important to assign an IP address for each of the interface as well as assign the interfaces to the virtual router. Virtual routers' interfaces can be logical, physical or link aggregation group. It is also possible for configuring the system for routing packets through making packet forwarding decisions based on the destination address [13]. The configured interfaces forward and also receive layer 3 traffic. Destination address can be obtained from outgoing interface according to forwarding criteria, access control rules. Static routes can be defined in the layer 3 deployments. It also possible to configure open shortest path and routing information protocols. Following steps show how to create a virtual router on the firewall for participating in the layer 3 routing. First, it is essential to decide interfaces should perform routing and also administrative distances for OSPF, static, IBGP, RIP as well as EBGP. The next step is to create a virtual router as well as applying interfaces on it. Firewall has a virtual router with the name "default". It is possible to edit as well as add new virtual router [14].
Step 1 : select Network and select virtual routers
Step 2 : select a virtual router (default) or add →name of the new virtual router
Step 3 : router settings →general
step 4 : Interfaces →click on Add →select → defined interfaces. Repeat the same step 4 for all interfaces that has to be added to the virtual router
Step 5 : click on Ok
Setting administrative distances for dynamic as well as routing
The next step is to set up administrative distances for different types of routes as needed for the network. If the virtual router has various routes to the same destination, it adopts administrative distance for selecting the best path. Different routing protocols are static, OSPF internal, IBGP, EBGP etc.
As a final step, we have to commit the virtual router settings.
Testing or implementation procedures
A cloud firewall is like traditional firewall to filter-out malicious traffic. Cloud firewalls are hosted in the cloud. This cloud based firewall is called as firewall as a service. Cloud firewall can protect cloud platforms as well as on-premise infrastructure. A firewall is a security system to filter out malicious traffic. Firewalls run in between an untrusted network as well as trusted network. The main two types of firewall are cloud firewall as well as next generation firewall. Next generation firewall includes the following technologies such as IPS, deep packet inspection, and application control [15].
Conclusion
Cloud computing offers various benefits to the SMEs such as reducing operational cost related with IT by eliminating the legacy infrastructure maintenance. SMEs need not maintain any networking and hardware equipment. To start a business, SMEs can spend low initial investment by adopting cloud services. It breaks silos as well as encourages collaboration.
Following are threats for cloud security such as misconfiguration, insecure Interfaces/APIs, unauthorised access, accounts hijacking, lack of visibility, external sharing of data, cyber-attacks, DoS attacks, malicious insiders, data loss, data privacy.
Need assistance with your Enterprise and Small Business Management assignment? Dive into Enterprise and Small Business Management - HND in Business, and hire the best quality tutor for top-notch assignment help!
FAQ: Security Issues When SMEs Move to the Cloud
- Q:What is network security?
- Q:Why is network security important for businesses?
- Q:What are the goals of network security?
- Q:What security measures can be implemented?
- Q:What are the main security concerns for SMEs migrating to the cloud?
- Q:How do these security issues differ from on-premises IT infrastructure?
- Q:What steps can SMEs take to secure their cloud environment?
- Q:What are the benefits of using cloud security solutions?
Assistance Tailored for Network Security Assignments
Require HND Assignment Support in the UK? If you're in urgent need of assistance with computer science, we've got you covered. Our specialized teams in each department boast years of experience aiding UK students with their homework.
With expertise in their specific domains, they're equipped to assist you with case studies in the UK. For professional support in crafting your BTEC assignments or diploma tasks, reach out to us promptly. Recognizing that over 90% of our clientele are students, we invite you to gauge the caliber of our work through samples of HND assignments in the United Kingdom.