Predictive Analysis Of My Jewelry Business
SECURITY AND BCP/DR 1
Data Analysis and Prediction for Future Maintenance
Prof. Mark O’Connell
Running head: SECURITY AND BCP/DR 1
Digital safety and security have never been more prevalent on peoples’ minds than they are today. How to keep a computer and its data safe are important questions to continually ask. Data security has consistently been a major issue in information technology. In the cloud computing environment, it becomes particularly serious because the data is in different places. The use of the cloud computing environment to cater to the demands of users in the internet has made database security a critical issue. Security is a critical issue in cloud computing due to the variety of IT services that can be provided through a cloud environment (Cleveland, 2009). Database security should guarantee information availability, integrity and confidentiality on any system. Because my firm is using cloud service, we will develop approaches to ensure data security.
Cloud database systems are subject to many of the same threats that affect cloud technology. Because of the nature of large amounts of potentially sensitive information being stored in databases, however, the impacts can be quite severe if unchecked (Bisk Education, 2018). While not a comprehensive list, these threats give a sense of the types of dangers facing network administrators as our firm will be adopting large-scale cloud database storage systems.
1. Data breaches
Data breaches are perhaps the most common threat to cloud databases. In a data breach, hackers gain access to sensitive information stored in the cloud, such as customer credit card numbers or mailing addresses, and use it for personal gain. As more information is stored online in a centralized location, data breaches become potentially more severe, affecting millions of customers or employees at one time (Bisk Education, 2018). Not only relying on the service that our CSP provides, for reducing data breaches, we will institute end user security awareness, craft an encryption policy and enforce it, deploy intrusion detection and prevention, perform regular vulnerability assessments, apply comprehensive patching, employ insider behavior monitoring, and importantly back up the data.
2. Account hijacking
In a hijacking attempt, intruders try to gain access to a user’s account by phishing or using holes in software security systems to discover passwords. When a user’s account login information is taken, intruders usually then change the password to lock users out of their accounts. At this point, any files or other information stored in the user’s cloud can be freely accessed, potentially including database information that provides data on many users at once (Bisk Education, 2018). For preventing account hijacking, my firm will enforce a boot and braces tactic for protected and safe access, implement encryption, and build a multi-layered defense to ensure that data is protected all the times.
An Application Programming Interface (API) is the technical means through which a user connects with a cloud system, governing whatever authorizations she or he has to attach third-party applications to the system. While cloud storage companies and other Internet entities have made great advances in developing secure APIs, such as OAuth, there is always the possibility that an intruder will find vulnerabilities to gain access to administrator API areas (Bisk Education, 2018). For making safe and protecting our API, we will develop secured authentication patterns, access control, and set rate limits for API usage.
4. Data impairment and loss
When an intruder gains access to sensitive information, one possible outcome is for the intruder to delete the information in order to inconvenience its owner. If we do not keep up-to-date backups of files, it is possible that these files could be permanently lost if tampered with. When all files are stored in a single cloud-based server, deletion can trickle down to all user devices causing files to be lost everywhere simultaneously (Bisk Education, 2018). Therefore, my firm will make sure of updating backup files in a appropriate manner and on time.
5. Cloud servers as malware platforms
The synchronizing facilities given by cloud computing are certainly valuable for staying up with the latest database files over platforms and devices. Nevertheless, what occurs if an attacker or invader chooses to utilize this equivalent syncing mechanism to distribute malware, virus or trojan horse to all user devices simultaneously? If attackers are able to harness the power of cloud servers to spread malware across a network, the potential for damage is far greater than if attackers were only able to affect a small, locally stored organization network. In order to reduce the risk of malware attacks, firm will secure the network data, monitor the network, and utilize security intelligence technologies.
As our company performs predictive maintenance analytics for manufacturing equipment and machinery from IoT sensors, it collects huge data. We store the company and our customers information in the cloud. These all need to be stored and backed up for future analysis and interpretation. Cloud computing is the technology that is widely used for storing large volume of data in organizations. And as our data grows and diversifies, storing, protecting, and recovering it becomes increasingly challenging. The important issues are data protection and its confidentiality. Storing data at a remote location and restoring the data in case that it’s deleted without requirement of network connectivity are the main concern of our backup/recovery plan. Since our cloud service provider will be AWS marketplace, we will also coordinate with AWS for backup and restore plan because AWS offers the tools and resources to build robust, protected and scalable restore and backup solutions (AWS Marketplace, 2018). As my start firm environment is cloud-native, AWS will provide us with a design and deploy a data-protection solution that will meet our needs. The cloud-native environment has workloads that exist entirely on AWS, where my firm will have access to virtual servers, databases, applications, monitoring services, and Active Directory. Backup in this environment may require a migration service to move data to the cloud and after that leverage unified and coordinated AWS cloud- native capacities for object, file system backups and block (for example, replication, snapshots or versioning) (AWS Marketplace, 2018). Obviously traditional backup software can also be used to manage data and jobs.
When structuring these backup procedures for the firm, we should likewise backup the calamity situations that can happen, foresee the potential effects, and build complete catastrophe(disaster) recuperation solutions. Doing as such is one of the most important steps to ensuring our business continuity during and after events that could negatively impact our operations, financial performance, and brand. To get ahead of disaster events, our company will again be using AWS to enable faster disaster recovery of critical IT systems without incurring the infrastructure expense of a second physical site, as the AWS support numerous structures and architectures, for example, hot standby environments, warm standby, and pilot light (AWS Marketplace, 2018).
Mell, P., & Grance, T. (2009). Effectively and securely using the cloud computing paradigm. NIST, Information Technology Laboratory, 2(8), 304-311
Bisk Education. (2018). Possible threats with cloud database security. Retrieved from https://www.villanovau.com/resources/iss/possible-threats-with-cloud-database security/#.W38FZehKg2w
Cleveland, T. (2009). Database security in a cloud computing environment. Retrieved from https://www.itworld.com/article/2764788/security/database-security-in-a-cloud computing-environment.html
AWS Marketplace. (2018). Backup and restore. Retrieved from https://aws.amazon.com/backup restore/
Ali, G., & Erwin, L. (2016) Big Data Security and Privacy Issues in the CLOUD Retrieved from https://www.researchgate.net/publication/293807726_Big_Data_Security_and_Privacy_Issues_