INSIDE: Basics of Cloud Hosting Security

Author: Thabiso Muzi Mbatha

Abstract
Cloud computing is popular in providing a set of integrated, shared resources between businesses and other cloud computing service providers. In
addition, it gains popularity by enabling companies to reduce costs and sustain affordability by outsourcing computations on-demand or publicly on a
daily basis. The outcome in the benefits and drawbacks of cloud services determines whether or not its suitable for any organization. The process of
selecting a cloud computing model requires careful consideration to ensure its benefits outweigh the service constraints adopted within the business. The
analysis of the article highlights several key aspects to be considered in cases where businesses contract with cloud service providers, addressing security
issues and providing alternatives for security constraints. If addressed effectively, it will ensure data consistency, security and integrity for resource sharing
throughout small and medium sized businesses dependent on cloud services. Examining the levels of security and processes in cloud service is significant in
verifying the confidentiality and integrity of data computation.

Keywords: Cloud computing, Security, Threats and Benefits.

Introduction
The critical factor in each organization is creating an
efficient asset and data management system in a secure
manner. To manage data as a corporate asset, managers
and companies must understand the values of information,
the techniques in utilizing with the cloud computing
service, and resources being shared through cloud
computing. Given the current state of cloud computing,
most organizations continuously seek ways or techniques
to leverage, and protect their resources to yield greater
returns.

personnel computers, and netbook devices) across

multiple geographical locations. It is a model that enables
a convenient and perhaps, a more complex network
access to a shared amount of computing facilities with
minimized management efforts and cloud services
provider interaction.
While its a platform for dominant data resource delivery,
companies are faced or subjected to security constraint
and drawbacks by addressing issues pertaining to data
authentication violations, data sabotage, high cost of
cloud computing facilitation and other various aspects
that require an immense consideration in cloud computing
implementation.

Cloud computing forms the basis for data management

and sharing over a public or private networks among
several computing devices (such as mobile devices,
tablets,

Facilitation of Models and Services

Nevertheless, the success of the infrastructure in any
organization will be determined by the types of
technological tools, methods and contingency plans2 in
implementing a sophisticated cloud computing model.
Despite these aspects, an additional critical factor for an
organization is to adapt its business processes and the
day-to-day operation with the model being applied.

A large number of businesses (dependant on cloud

computing) comes across the question, of whether to
facilitate cloud computing services on the basis of a
third-party services provider,self-automation1 services
provider where companies have an option of operating
without signing up directly with a service provider or
directly from a local and global spectrum to enable a
secure service to clients.

-----------------------------------------------------------1

The process of operating or function an activity without human

interaction.
2
A plan unforeseen or embarking on making it occur within
a future event or purpose.

Current cloud computing service and models may include:

needs exhibit the right combination of technical skills to

produce the desired benefits.

Third-party services providers to provide services

from specific companies affiliated within other
organization handling similar services.

To further illustrate the concept of cloud computing

security, the cloud computing includes the following
benefits in an organization:

Self-automation services providers in which

enable a company or organization to operate and manage
its own facilities.
Public cloud computing model- it makes the service
publicly accessible through the internet over a
geographical location.
Private cloud computing model considered a
virtualized service to provide resource within a company
in few departments of an organization.

Much of the small and medium-sized businesses and

enterprises are beginning to admire cloud computing for
application development, hardware and software reliance.
This phenomenon has the ability to transform a business
consisting of fixed infrastructure into a more advance
infrastructure in a rapidly changing information system
industry.

Reduction in the costs and capital expenditure in

its implementation.

The desire to add new capabilities that are

unavailable.

Rapid development
implementation).

Simplicity and subscription pricing options.

Conventional software license.

Lower energy consumption.

Delivery of services to multiple computers over a

network.

Accessibility from various devices.

Providing cloud computing services based on a payment

process for an amount of computing usage known as
On-Demand cloud computing.

approaches

(Speed

in

An added benefit of cloud computing includes the

provision of a facilitation known as automation, which
provides a service without or little human interaction.
However, business requirements and potential threats
should be considered before the implementation of the
model and services.

The benefits and security constraints

Well-designed (organized) adopted cloud computing

models generate a secure infrastructure for valuable
information and resource sharing. However, as the
platform sets a profound impact in business and society,
its approach may pose several consequences, which may
result in clients becoming sceptical in the level of security
and recovery constraints3.

The security threats, including the solutions in averting4

the threats are as follows:

The benefits and constraints for cloud computing are

numerous, therefore the objectives of cloud computing
model is to ensure it meets the business needs and those

Threats

Details and Solutions

Unauthorized data access

Confidential items stolen,

unauthorized
resources
accessed
and causes of
identification theft.
Solution: Create

---------------------------------------------------------3

The results of restriction or obligation.

The manner of taking away or solving a disaster or threat
in a particular event.

multiple

Precautions and Checklist

passwords and confidential

information about clients
(e.g.
Biometrics
and
fingerprint
identification
systems.)
Scams and repudiation

Protection mechanisms are the main aspect for securely

outsourcing data as it builds trust between the cloud
services providers and the clients, businesses, and
organizations. Mechanisms and precautions such as
conducting research is one of the strongest links on how
to secure cloud computing services.

Malicious items
being
send, with the outcome of
denying the submission of
the send item.
Solution: Monitoring the
web logs, ensuring that the
providers implement the
appropriate audit trails for
request
or
submitted
resources.

Data sabotage

In addition, clients should question how the providers

would segregate6 their services and corporate data,
emphasizing how it will implement external audits,
security measures, configuration methods, data integrity
and consistency during the implementation process.

Intrusion, modifying and

damaging items into the
cloud computing service
providers system.
Solution:
Integrated
monitoring and notification
tools
in
the
cloud
computing facilitation.

Causes of natural
disasters

Natural disasters caused by

hurricanes, earthquakes and
other various natural
disasters.

Caption 1: Secure Cloud Computing Layer Framework

Solution: Backup, system

recovery tool and storing
data into multiple locations
to ensure the recovery of
resources.

Security software mechanisms such as Anti-Viruses,

Firewalls and encryption practices should be in place,
ensuring the control of data is stored securely in cloud
service provider systems (In cases, where data that is
shared across cloud computing services which may be
created maliciously in a process called virus
deployment7 in cloud services).

Table 1: Security threats and solutions in cloud computing

services.

----------------------------------------------------------5
6

The practice of rejection or denial.

Placing apart from the rest or an item being in isolation.

The implementation of malicious programs for the purpose of

damaging and using data without authorization.
8
Processes or procedures adopted by a person or
organization in meeting its objectives.

Conclusion

Before the implementation process of selecting a viable

cloud computing model, the company must ensure that:

The encryption tools and application are

operational to secure the data in the cloud
services.

It understands and implements consistent policy

practices such as pricing, access control and
security policies8.

It secures sufficient
subscription options.

The solution or contingency plans integrated in

the cloud services capture data or resource usage
and storage behaviour.

funds

for

The principle of cloud computing is considered

incomplete if it lacks the security measures and fails to
meet the organizations business needs. In addition, cloud
computing services tend to fails when organizations lack
the ability to understand the software and service
provided by the service providers and lack the ability in
engaging with the service providers.

pricing

It understands the features provided by the

solution in cloud computing.

The processes and services provided by the

service provider satisfy the business needs.

It reviews the level of security implemented by

cloud service providers.

The service provider is liable and assertive in its

service, policies and priorities.

It tests the service before implementation, if the

provider enables the opportunity of evaluating
the system by testing processes.

The primary focus in cloud computing has been gained

from resource sharing to ensuring the security measures
are in place in each cloud computing environment. When
evaluating the outcome of cloud computing, it is clear that
the benefits in cloud services outweigh its shortfalls.

Despite the outcomes of cloud computing, being

vulnerable to service outages and facing the possibilities
of data intrusion, it will always be considered the most
dominant force in resource sharing between clients,
businesses and organizations in a rapidly changing
computing environment.

References

Thuraisingham, B. (2014), Developing and Securing

the Cloud, CRC Press, pp. 42 - 45, 332.
Laudon, C. K., Laudon, P. J. (2012), Management
Information System, Managing the digital firm,
Pearson, pp. 214 215

It creates a strategic and recovery plan for stored

data and resources.

Cooter, M. (2011), The Ultimate Guide To Cloud

Computing, MacBook magazine, pp. 7 - 87

Finally, the companies or businesses requiring services

from the cloud service provider must ensure frequent
interaction and communication between the service
providers regarding enquires in security policies and
service analysis. The analysis information can be used to
build a consistent relationship with the services provider.

Hamlen, K., Kantarcioglu, M., Khan, L.,

Thuraisingham, B. (2010), Security Issues for Cloud
Computing, International Journal of Information
Security and Privacy 4(2), pp. 41

Note: The text marked with quotation marks in

the Abstract was used from the Section 5.pdf topic
1 illustration. The texts in the other quotation marks
from the body of the article used from the Reference
sources listed above.