Essay on Data Security in Cloud Computing

Cloud Computing

Cloud computing is an innovative process that utilizes the Internet to transfer information among users, store data in virtual spaces, allow remote operationalization and sharing of computer devices, provide virtual services over the internet and facilitate business operations through programs and applications (Rittinghouse & Ransome, 2016). Cloud computing relies heavily on data transmission and information exchanges over different entities. The role of cloud computing in data security is mainly applied to cloud storage services offered to individuals and organizations, cloud storage services is a platform that allows users to store their data in virtual space as a backup plan to data stored in hard drives (Sarre et al., 2018). The use of cloud storage services are used by individuals and organizations in the development of Disaster Recovery Plans (DRPs) aimed at securing data against loss or damage from massive data breaches and natural disasters (Rittinghouse & Ransome, 2016). Cloud computing is also used in organizations for other computer systems management such as Information Security Management Systems (ISMS), where service providers manage databases for companies that lack fully developed IT departments to offer full protection services (Sarre et al., 2018).

Cloud Storage in Cloud Computing

Cloud storage is an internet service model that involves securing data from viral attacks, maintaining, backing up, and ensuring accessibility to the users. The commonly used service models include software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS) (Rittinghouse & Ransome, 2016). The main reason why people and organizations should adapt the data cloud storage system is because of the integrity used in storage and maintenance of information. It is a cheaper and flexible way of creating a backup for files and enhances immediate information exchange.

Data cloud storage provides a safe and sufficient space to store all types of data. Reliance on desktops, laptops, smartphones, and even the hard drives for data storage provides less safety compared to cloud storage (Rittinghouse & Ransome, 2016). Devices are prone to mechanical failure and physical damage leading to loss of important data information including private files, photos, and videos. Cloud storage, equipped with an auto-upload function, enables one to synchronize data directly in a simple approach. The user will enjoy availability, security, and speed for the data stored.

Cloud storage is a swift system which facilitates immediate data exchange. It saves time by giving access to multiple users both within and outside a place of work. Freelancers will be able to send their projects and proposals directly to their supervisors instead of only relying on email (Rittinghouse & Ransome, 2016). Automatic data exchange system will also enhance the ability to interact with office online servers to improve their online relationships, e.g. Customer Relationship Management (CRM).

Finally, the backup service also protects stored data from getting modified. The advantage of migrating to cloud is that users can still log in with different devices and continue working on their data regardless of electricity or device breakdown. Hard drives and flash drives are frequently mounted on different devices making them prone to attack by malware and viral computer attacks as compared to the cloud protection that is safe and only requires legal access.

Authentic Methods in Cloud Computing

Authentication methods can be classified using three classical forms: what the user knows, what the user has, and what the user is. Using the three classical forms, authentication types can be used in protecting data and information in computer systems (Almedia & Respicio, 2018). There are three types of authentication methods in computer security: knowledge-based authentication, possession-based authentication and biometric-based authentication (Almedia & Respicio, 2018). The traditional form of authentication is the knowledge based authentication method. Knowledge-based authentication is based on using information pieces that are only known to the specific user requiring entry. Authentication methods that are based on knowledge include passwords, pass phrases, pass sentences, graphical passwords, pass faces, patterns and Personal Identification Numbers (PINs) (Du, 2017). Possession-based authentication uses tokens based on what the user has. Tokens are categorized as memory tokens and smart tokens. Memory tokens store information but have no circuits to process information. Memory tokens are mainly magnetic cards which are used together with PINs (e.g. ATM cards) (Du, 2017). Smart tokens have several embedded integrated circuits which can process information. Biometric-based authentication methods use anatomical, physiological or behavioral features and characteristics that belong to the user (Almedia & Respicio, 2018). The authentication method uses a sensor module, feature extraction module and a feature matching module that uses the unique features of the user to match with users in the existing database.

Best Practices in Computer Security and Cloud Computing

General guidelines and security measures are employed in data protection for individuals and organizations implementing security policies and measures (Almedia & Respicio, 2018). Individuals should ensure that they download, install and run genuine and reliable antimalware programs and applications in all their devices to avoid infiltration. Users should also ensure that all hard drives, memory sticks and connections used in file sharing are properly checked before insertion in devices for use (Almedia & Respicio, 2018). As a general rule, all users are advised to check file attachments and download only from trusted sources (the rule applies to all downloads of files and programs) (Du, 2017).it is recommended that users use a reliable cloud service provider to be used as backup plans for data storage (for individuals) and as DRPs for organizations (Almorsy, Grundy & Muller, 2016). Employees in organizations should be trained regularly so that they understand general rules in data security and convenience programs such as Bring Your Own Device (BYOD) should be vetted before introduction into organizations. Employees should also sign security policies that shows intent to comply with security guidelines that promote data security in the workplace (Almorsy et al., 2016). Additionally, organizations should have fully functional IT departments that have CSIRT teams that are integral in data recovery.

Conclusion

The concepts of data security are numerous and range from user control measures, authentication methods, trends in data security such as cloud computing and cybercrime, to risks and threats that affect Internet information management systems. Data security is a rising challenge that has affected millions of users and led to the loss of billions of information data points for organizations. Programs and applications dedicated to fighting malware and ensuring data security should be fully implemented; while cloud storage services may be used as DRPs and back up plans for organizations and individuals.

References

Almeida, L. & Respicio, A. (2018). Decision support for selecting information security controls. Journal of Decision Systems, 27(suppl. 1): 173-180.

Almorsy, M., Grundy, J., & Müller, I. (2016). An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

Du, W. (2017). Computer security:A hands-on approach. California, CA: CreateSpace Independent Publishing Platform.

Rittinghouse, J. W., & Ransome, J. F. (2016). Cloud computing: implementation, management, and security. CRC press.

Sarre, R., Lau, L. Y. & Chang, L. Y. (2018). Responding to cybercrime: Current trends. Police Practice and Research, 19(6): 515-518.