ASSIGNMENT 2 FRONT SHEET

Qualification BTEC Level 5 HND Diploma in Computing

Unit number and title Unit 16: Cloud Computing

Submission date 11/6/2020 Date Received 1st submission

Re-submission Date 10/11/2020 Date Received 2nd submission

Student Name Nguyễn Mạnh Tài Student ID GCS17579

Class 0706A Assessor name Hồ Nguyễn Phú Bảo

Student declaration

I certify that the assignment submission is entirely my own work and I fully understand the consequences of plagiarism. I understand that
making a false declaration is a form of malpractice.

Student’s signature

Grading grid

P5 P6 P7 P8 M3 M4 D2 D3
❒ Summative Feedback: ❒ Resubmission Feedback:

Grade: Assessor Signature: Date:

Signature & Date:

Page 2
 ASSIGNMENT 2 BRIEF
Qualification BTEC Level 5 HND Diploma in Computing

Unit number Unit 16: Cloud Computing

Assignment title Cloud’s implementation and security threats

Academic Year 2020

Unit Tutor Ho Nguyen Phu Bao

Issue date Submission date 11/10/2020

IV name and date Nguyen Manh Tai

Submission Format:
Format: A presentation in Power Point format(about 25 pages)
A security manual(in PDF format)
You must use font Calibri size 12, set number of the pages and use multiple line spacing at
1.3. Margins must be: left: 1.25 cm; right: 1 cm; top: 1 cm and bottom: 1 cm. The reference
follows Harvard referencing system.
Submission Students are compulsory to submit the assignment in due date and in a way requested by
the Tutors. The form of submission will be a soft copy posted on
http://cms.greenwich.edu.vn/
Note: The Assignment must be your own work, and not copied by or from another student or from
books etc. If you use ideas, quotes or data (such as diagrams) from books, journals or other sources, you
must reference your sources, using the Harvard style. Make sure that you know how to reference
properly, and that understand the guidelines on plagiarism. If you do not, you definitely get failed

Unit Learning Outcomes:

LO3 Develop Cloud Computing solutions using service provider’s frameworks and open source tools.

LO4 Analyse the technical challenges for cloud applications and assess their risks
Assignment Brief and Guidance:

Task 1

Base on the scenario and architecture design in the first assignment provide the
implementation. Because of the time constraint of the assignment, the implementation just
provides some demo functions of the scenario. The implementation includes two parts:

 A presentation (about 25 pages)

Page 3
 o which shows which functions are implemented
o How to config, deploy and test the services (Web application, Database Server,
Source code management, server logs..) using service provider’s frameworks
and open source tools.
o Images for the built functions
 The source code for the built application

Task 2

The table of contents in your security manual (which should be 500–700 words) should be
as follows:

1. Analysis of the most common problems of a cloud computing platform.

2. Possible solutions to these problems.
3. Analysis of the most common security issues in the cloud environment.
4. Discussion on how to overcome these issues.
5. Summary.

Page 4
 Learning Outcomes and Assessment Criteria

Pass Merit Distinction

LO3 Develop Cloud Computing solutions using service provider’s

frameworks and open source tools
P5 Configure a Cloud
Computing platform with a
cloud service provider’s
framework.
D2 Critically discuss how one
M3 Discuss the issues and can overcome these issues and
constraints one can face during constraints.
the development process.

P6 Implement a cloud platform

using open source tools.

LO4 Analyse the technical challenges for cloud applications and

assess their risks

P7 Analyse the most common M4 Discuss how to overcome D3 Critically discuss how an
problems which arise in a Cloud these security issues when organisation should protect
Computing platform and building a secure cloud their data when they migrate
discuss appropriate solutions to platform. to a cloud solution.
these problems.
P8 Assess the most common
security issues in cloud
environments.

Page 5
Table of Contents
P5 Configure a Cloud Computing platform with a cloud service provider’s framework...............................................8
Top Cloud Service Providers.......................................................................................................................................8
Amazon Web Services.............................................................................................................................................8
Microsoft Azure.......................................................................................................................................................9
IBM Cloud..............................................................................................................................................................11
Google Cloud Platform..........................................................................................................................................12
Oracle Cloud..........................................................................................................................................................14
Heroku................................................................................................................................................................... 15
Types of cloud service providers...............................................................................................................................16
Features Heroku offers to users............................................................................................................................16
Why does Heroku attract users?...........................................................................................................................17
Create an account for Heroku...................................................................................................................................18
P6 Implement a cloud platform using open source tools.............................................................................................20
create a database......................................................................................................................................................20
My website on Heroku..............................................................................................................................................26
P7 Analyze the most common problems which arise in a Cloud Computing platform and discuss appropriate
solutions to these problems.........................................................................................................................................27
Security issues...........................................................................................................................................................27
Cost management and containment........................................................................................................................27
Lack of resources/expertise......................................................................................................................................28
Governance/Control.................................................................................................................................................28
Compliance................................................................................................................................................................28
Managing multiple clouds.........................................................................................................................................29
Performance..............................................................................................................................................................30
Building a private cloud............................................................................................................................................30
Segmented usage and adoption...............................................................................................................................31
Migration................................................................................................................................................................... 31
Conclusion................................................................................................................................................................. 32
So, what are the challenges faced during storing data in the cloud and how to overcome them?....................32
P8 Assess the most common security issues in cloud environments..........................................................................33
Security issues related to cloud computing..............................................................................................................33
Page 6
 Security controls for cloud computing......................................................................................................................33
Prevention.............................................................................................................................................................33
Precautions............................................................................................................................................................33
Repair.................................................................................................................................................................... 33
Error detection......................................................................................................................................................33
Aspects of cloud security..........................................................................................................................................34
Security and privacy..............................................................................................................................................34
Policy..................................................................................................................................................................... 34
Visibility and Control Over Access............................................................................................................................35
Data Security.............................................................................................................................................................35
Thwart External Threats........................................................................................................................................35
Prevent Insider Threats.........................................................................................................................................36
Stop Accidental Data Breaches.............................................................................................................................36
Account Takeovers....................................................................................................................................................36
Risky SaaS Applications.............................................................................................................................................36
Advanced Malware and Phishing Attacks.................................................................................................................37
References..................................................................................................................................................................... 38

Page 7
P5 Configure a Cloud Computing platform with a cloud service provider’s framework.
Top Cloud Service Providers
Amazon Web Services
_Value proposition for potential buyers: Amazon Web Services has always been ahead of the cloud
computing curve. It went online with its Simple Storage Service (S3) in 2005, offered impressive and
relatively inexpensive secondary services, and now owns about 33 percent of the cloud services market, led
by its storage and other application services. It owns 45 percent of the IaaS (infrastructure as a service)
global market, with sales at about $20 billion in 2019. This is a full 2-to-1 lead over No. 2 Microsoft Azure,
which is gaining market share but is still in the low double digits (about 16 percent) neighborhood.

_AWS simply has a huge head start in the market, the widest array of services and the largest data center
presence in the world. CEO Jeff Bezos continues to plow billions of dollars into data center expansions,
storage and people to run it all. AWS is known as a public cloud solution but it also offers numerous
services to connect on-premises installations to the cloud. It serves as everything from burst capacity to
disaster recovery and much in between.
_Key values/differentiators:
+Use cases: Most IT storage and cloud computing needs can be handled by AWS. Mainstays: general
enterprise storage, servers, data backup, archiving (cold data storage).
+Scope: Largest public or hybrid cloud services provider in the world, economies of scale can be made to
work in favor of users.
+Security: Amazon has its own in-house security solutions for all types of use cases. Plenty of choices of
customers.

Page 8
+Computing stack/databases: Also, a plus for customers, who can basically name their configurations and
let AWS do all the grunt work. Again, choice is a good thing here.
_To Take Under Advisement: Uploading data to AWS storage is simple to do, but beware when you try and
retrieve it. Read all the fine print, because it may cost you more than you think.

Microsoft Azure
_Value proposition for potential buyers: Microsoft, the largest software maker in the world for more than a
generation, is one of the few vendors that can offer a fully contained hybrid cloud solution because of its
massive on-premises legacy through the Windows, .Net and MS Office franchises.

_The company has been intentional from the beginning in tying all of its assets into the same
infrastructure. Azure services are built on Windows Server, the .Net framework and Visual Studio, making
lift and shift of on-premises apps to the service relatively painless.

Page 9
_Azure has been the fast-growing cloud service provider the last few years and now owns nearly 17
percent of the global market.
_Key values/differentiators:
+Use cases: Like AWS, most IT storage and cloud computing needs can be handled by Azure, which was
designed to be a direct competitor. Mainstays include enterprise storage, servers, data backup,
deduplication services.
+Azure Storage: Can manage keys of an Azure Storage account for you. Internally, Key Vault can list (sync)
keys with an Azure Storage Account, and regenerate (rotate) the keys periodically.
+DB service: Azure Cosmos DB is a globally distributed, multi-model database service for building highly
available, large-scale applications easily. By default, Azure Cosmos DB automatically indexes all the data it
ingests, efficiently. This enables fast and consistent SQL (and JavaScript) queries on any kind of data.
+Enterprise Security: Azure Key Vault enables Microsoft Azure applications and users to store and use
several types of secret/key data:
+Cryptographic keys: Supports multiple key types and algorithms, and enables the use of Hardware
Security Modules (HSM) for high-value keys.
+Secrets: Provides secure storage of secrets, such as passwords and database connection strings.
+Certificates: Supports certificates, which are built on top of keys and secrets and add an automated
renewal feature.

Page 10
IBM Cloud
_Value proposition for potential buyers: Three years ago, IBM realized it was confusing the market with its
various branded cloud options, whose purposes weren’t completely clear to the buying public. So it made a
key decision to merge all of them—from its SoftLayer acquisition to Bluemix to Watson—into one umbrella
business simply called IBM Cloud. IBM Cloud now offers more than 180 services for both on-premises and
public cloud systems. These services include virtualized and bare metal hosting, DevOps tools, container
deployments and serverless computing, blockchain, AI/ML and HPC. Using its bare-metal server offering,
it’s possible to lift and shift on-premises workloads running on IBM platforms to the cloud with little to no
modification.

_Key values/differentiators:
+While both AWS and Microsoft Azure are aimed at all enterprise IT customers, IBM has a much longer
history in serving and maintaining systems belonging to midrange to large enterprise customers.
+IBM’s reputation: It’s fairly easy to defend buying decisions of products and services from the original IT
company (which started up during the First World War in 1916) to CFOs and boards of directors. IBM has
invested a lot of capital and people-hours into keeping its offerings current.
+Use cases: IBM Cloud is aimed mostly at large enterprises for scale-out purposes. Most commonly
requested IT storage and cloud computing needs can be handled by IBM Cloud, which operates more than
a dozen high-end data centers globally. Chief tasks include test and dev, enterprise storage, database
protection, servers, data backup and archiving.
+Full-service options: IBM has a wider range of products and services than any other cloud provider, bar
none.

Page 11
+You get what you pay for: IBM is going to cost more than almost everybody else, so don’t expect anything
cut-rate.

Google Cloud Platform

_Value proposition for potential buyers: Google Cloud Platform is designed for use by cloud developers.
Overall, GCP still has had some catching up to do with AWS and IBM over the last half-dozen years when it
comes to market share of enterprise usage, but it has slowly but surely become a player globally. GCP,
which brought in $11 billion last year and owns 8 percent of the global market, originally wanted to be a
pure cloud play but realized that it had painted itself into a corner; it now works with on-premises systems
to provide elastic infrastructure, disaster recovery, DevOps and big data. But it also has a lot of cloud-based
services, most notably its AI efforts, which are bolstered by its custom AI processor, TensorFlow. You can’t
buy a TensorFlow system; you can only run your AI and machine learning apps on them on the Google
Cloud.

Page 12
_Key values/differentiators:
+Cloud expertise: Users won’t find better or more detailed cloud-computing application and development
expertise than at Google.
+Aimed at developers: If you’re an enterprise cloud developer, and you’re continually creating and/or
maintaining high-end cloud-based services and applications, you’re likely to have more surrounding
support and tools on GCP than the three larger-market players.
+Innovation galore: Google is where Kubernetes, TensorFlow and dozens of other key cloud and storage
technologies were invented, so there’s a lot of residual intellectual property inherent in GCP.
+Use cases: If you're a retail business or a midrange cloud computing user, chances are Google Cloud and
all its attributes might be IT overkill for your use case. If you are company with an active IT and
development team that is constantly creating, maintaining and updating applications in real time (or even
in near-real time), then you would be well-served using GCP. Test and dev is a huge use cases here.
+Pricing is competitive: Google knows that in order to move up in market share, it has to be price-
competitive, and it is, offering generous “get-started” programs and corporate discounts.

Page 13
Oracle Cloud
_Value proposition for potential buyers: Oracle has been busy moving all of its tools and databases to the
cloud for the last six years. The company is often considered as being late to the cloud, but the fact is, the
company spun off NetSuite 21 years ago, which was the first full-service enterprise cloud application
management platform. This was six years before AWS launched S3. Larry Ellison’s database and enterprise
app software giant has reinvented itself to re-provision 95 percent of its ground-based software as on-
demand services, at least on its own growing cloud. It does not allow its software to run in virtualized
instances the way AWS, Azure and GCP operate, but it can be run on bare metal servers, which Oracle still
offers (as a result of the 2010 acquisition of Sun Microsystems).

Page 14
_Key values/differentiators:
+Speed is of the essence: Ellison has long bragged that Oracle’s database servers—whether in a data center
or in a cloud—are the fastest in the world, and they probably are. But you get what you pay for, and
Oracle’s products are not to be found at Walmart.
+Variety of offerings: Oracle now competes in many ways with Salesforce for the cloud business application
buyer, and it steadily adds to its repertoire of features for a long list of vertical sectors. Plowing profit back
into the business is a mainstay of the Oracle approach, and it produces dividends.
+One throat to choke: Once you buy into Oracle, you’re in for the long haul, and the company will basically
run it all for you. This will entail some long-term hardware and software costs, but that’s the business
Oracle is in, and a big reason why it gets so much government and military business.
+Use cases: Similar to IBM, VMware and Google Cloud Platform, Oracle Cloud is designed for IT admins and
cloud app developers. Chief services sold include enterprise applications (far and away No. 1), enterprise
storage, server and database services. Oracle will provide service help as needed.

Page 15
Heroku
_Heroku is a Containerized Application Cloud Platform as a Service (PaaS). Developers use Heroku to
deploy, manage, and expand modern apps. Their platform is very flexible and easy to use, providing
developers with the simplest way to get their apps to market.
_Heroku is entirely managed by Heroku, allowing developers to freely focus on their core product without
distraction in maintaining servers, hardware, or infrastructure. The Heroku experience offers services,
tools, workflows, and support all designed to enhance app developer productivity.

Page 16
_Heroku is known as a place to deploy applications in dyno. (When you deploy a Heroku application, you
have to set up a virtual machine called slug, using one or more build packs. When a virtual machine is
launched from slug, it is called dyno.)
_In the case of a lot of complex work, you will need to add more blocks (scale horizontally) or increase the
block size (scale vertically). Heroku usage fee is calculated based on the number of dyno and the size of
each dyno you use.

Types of cloud service providers

Features Heroku offers to users
_Heroku Runtime: Your application runs inside fully managed smart containers during app runtime, Heroku
handles everything important including: - configuration, dispatching, load balancing, failover, logging log
logs, security, etc.
_Heroku Postgres (SQL): Reliable and secure PostgreSQL service with easy setup, quick encryption, simple
scaling, database transformation, continuous protection, and more.
_Heroku Redis: Redis service support for programmers to use. One of the popular fast key-value caching
services.
_Scale: Heroku can instantly scale apps, both vertically and horizontally. You can run everything from small
hobby projects to enterprise-grade e-commerce.
_Add-ons: Extend, enhance and manage your applications with built-in services like New Relic, MongoDB,
SendGrid, Searchify, Fastly, Papertrail, ClearDB MySQL, Treasure Data, and more.

Page 17
_Code / data rollback: Heroku build system and Postgres service allow you to restore your source code or
database to a previous state in no time.
_App metrics: You will always know what happens to your applications thanks to built-in monitoring of
traffic, response time, memory, CPU load and errors ...

_Continuous delivery: Heroku Flow uses Heroku Pipeline, Review Apps and Integrated GitHub to build a CI /
CD pipeline process including build, test, deploy, ...
_GitHub Integration: GitHub integration helps you to pull requests, push, commit, ... works with every
branch you want.

Why does Heroku attract users?

_Provide the best user experience: Heroku is heaven for developers as it was built by the developers
themselves. They understand exactly what developers need and what difficulties they may have when
using their services.
_Is a service ecosystem:
+Developers can build their apps on any language, whether it's Nodejs, Ruby, PHP, Python, or Java.
+Furthermore, Heroku has a huge list of Heroku Add-ons, integrating powerful functions to help you deploy
apps with just one click. Heroku offers both free and paid add-ons, but they both save you a lot of time in
project implementation.

Page 18
_Support to connect to salesforce: With Heroku Connect version, Heroku can connect to salesforce,
allowing your apps to sync two-way with salesforce. From there, you will easily scale and always have an
overview of your customers.
Create an account for Heroku
_The first step working with Heroku. We login to Heroku, if we still do not have an account, then we will
begin to create account.

Page 19
_This is the homepage; we have logged in successfully.

Page 20
P6 Implement a cloud platform using open source tools.
create a database
_First, I download git for the database setup.

_I create a directory to store data in drive E.

_I download the Laravel folder into the directory

Page 21
_Now, I access the Laravel directory and load composer to support Laravel

Page 22
_Create env file that copy information from env.example file, the env is the configuration file for database and app.

_Create key database .

_Create app heroku .

Page 23
_Now, configure information in env file and database.

_Take information from Heroku pgsql add-on to env file.

Page 24
_create database php.

_ collecting code, test code and push it to Heroku

Page 25
_Open Heroku application.

_You can see that my website already run because I have changed DB_Connection default value from
mysql to pgsql.

Page 26
My website on Heroku.
_Link Customer page: https://mysterious-scrubland-48587.herokuapp.com/
_Main page (index.php):

Page 27
P7 Analyze the most common problems which arise in a Cloud Computing platform and discuss
appropriate solutions to these problems.
_Cloud computing is the delivery of various hardware and software services over the internet, through a
network of remote servers. These remote servers are busy storing, managing, and processing data that
enables users to expand or upgrade their existing infrastructure.
Security issues
_We already mentioned the hot debate around data security in our business intelligence trends 2019
article, and security has indeed been a primary, and valid, concern from the start of cloud computing
technology: you are unable to see the exact location where your data is stored or being processed. This
increases the cloud computing risks that can arise during the implementation or management of the cloud.
Headlines highlighting data breaches, compromised credentials, and broken authentication, hacked
interfaces and APIs, account hijacking haven’t helped alleviate concerns. All of this makes trusting sensitive
and proprietary data to a third party hard to stomach for some and, indeed, highlighting the challenges of
cloud computing. Luckily as cloud providers and users, mature security capabilities are constantly
improving. To ensure your organization’s privacy and security is intact, verify the SaaS provider has secure
user identity management, authentication, and access control mechanisms in place. Also, check which
database privacy and security laws they are subject to.
_While you are auditing a provider’s security and privacy laws, make sure to also confirm the third biggest
issue is taken care of: compliance. Your organization needs to be able to comply with regulations and
standards, no matter where your data is stored. Speaking of storage, also ensure the provider has strict
data recovery policies in place.
_The security risks of cloud computing have become a reality for every organization, be it small or large.
That’s why it is important to implement a secure BI cloud tool that can leverage proper security measures.
Cost management and containment
_The next part of our cloud computing risks list involves costs. For the most part cloud computing can save
businesses money. In the cloud, an organization can easily ramp up its processing capabilities without
making large investments in new hardware. Businesses can instead access extra processing through pay-as-
you-go models from public cloud providers. However, the on-demand and scalable nature of cloud
computing services make it sometimes difficult to define and predict quantities and costs.
_Luckily there are several ways to keep cloud costs in check, for example, optimizing costs by conducting
better financial analytics and reporting, automating policies for governance, or keeping the management
reporting practice on course, so that these issues in cloud computing could be decreased.

Page 28
Lack of resources/expertise
_One of the cloud challenges companies and enterprises are facing today is lack of resources and/or
expertise. Organizations are increasingly placing more workloads in the cloud while cloud technologies
continue to rapidly advance. Due to these factors, organizations are having a tough time keeping up with
the tools. Also, the need for expertise continues to grow. These challenges can be minimized through
additional training of IT and development staff. A strong CIO championing cloud adoption also helps. As
Cloud Engineer Drew Ferment puts it:
_“The success of cloud adoption and migrations comes down to your people — and the investments you
make in a talent transformation program. Until you focus on the #1 bottleneck to the flow of cloud
adoption, improvements made anywhere else are an illusion.”
_SME (small and medium-sized) organizations may find adding cloud specialists to their IT teams to be
prohibitively costly. Luckily, many common tasks performed by these specialists can be automated. To this
end companies are turning to DevOps tools, like Chef and Puppet, to perform tasks like monitoring usage
patterns of resources and automated backups at predefined time periods. These tools also help optimize
the cloud for cost, governance, and security.
Governance/Control
_There are many challenges facing cloud computing and governance/control is in place number 4. Proper
IT governance should ensure IT assets are implemented and used according to agreed-upon policies and
procedures; ensure that these assets are properly controlled and maintained, and ensure that these assets
are supporting your organization’s strategy and business goals.
_In today’s cloud-based world, IT does not always have full control over the provisioning, de-provisioning,
and operations of infrastructure. This has increased the difficulty for IT to provide the governance,
compliance, risks and data quality management required. To mitigate the various risks and uncertainties in
transitioning to the cloud, IT must adapt its traditional IT governance and control processes to include the
cloud. To this effect, the role of central IT teams in the cloud has been evolving over the last few years.
Along with business units, central IT is increasingly playing a role in selecting, brokering, and governing
cloud services. On top of this third-party cloud computing/management providers are progressively
providing governance support and best practices.
Compliance
_One of the risks of cloud computing is facing today is compliance. That is an issue for anyone using backup
services or cloud storage. Every time a company moves data from the internal storage to a cloud, it is faced
with being compliant with industry regulations and laws. For example, healthcare organizations in the USA
have to comply with HIPAA (Health Insurance Portability and Accountability Act of 1996), public retail

Page 29
companies have to comply with SOX (Sarbanes-Oxley Act of 2002) and PCI DSS (Payment Card Industry
Data Security Standard).
_Depending on the industry and requirements, every organization must ensure these standards are
respected and carried out.
_This is one of the many challenges facing cloud computing, and although the procedure can take a certain
amount of time, the data must be properly stored.
_Cloud customers need to look for vendors that can provide compliance and check if they are regulated by
the standards they need. Some vendors offer certified compliance, but in some cases, additional input is
needed on both sides to ensure proper compliance regulations.
Managing multiple clouds
_Challenges facing cloud computing haven’t just been concentrated in one, single cloud.
_The state of multi-cloud has grown exponentially in recent years. Companies are shifting or combining
public and private clouds and, as mentioned earlier, tech giants like Alibaba and Amazon are leading the
way.
_In the referred survey, 81 percent of enterprises have a multi-cloud strategy. Enterprises with a hybrid
strategy (combining public and private clouds) fell from 58 percent in 2017 to 51 percent in 2018, while
organizations with a strategy of multiple public clouds or multiple private clouds grew slightly.
_In the cloud strategy, 81% of enterprises have a multi-cloud strategy.

Page 30
_While organizations leverage an average of almost 5 clouds, it is evident that the use of the cloud will
continue to grow. That’s why it is important to answer the main questions organizations are facing today:
what are the challenges for cloud computing and how to overcome them?
Performance
_When a business moves to the cloud it becomes dependent on the service providers. The next prominent
challenges of moving to cloud computing expand on this partnership. Nevertheless, this partnership often
provides businesses with innovative technologies they wouldn’t otherwise be able to access. On the other
hand, the performance of the organization’s BI and other cloud-based systems is also tied to the
performance of the cloud provider when it falters. When your provider is down, you are also down.
_This isn’t uncommon, over the past couple of years all the big cloud players have experienced outages.
Make sure your provider has the right processes in place and that they will alert you if there is ever an
issue.
_For the data-driven decision-making process, real-time data for organizations is imperative. Being able to
access data that is stored on the cloud in real-time is one of the imperative solutions an organization has to
consider while selecting the right partner.
_With an inherent lack of control that comes with cloud computing, companies may run into real-time
monitoring issues. Make sure your SaaS provider has real-time monitoring policies in place to help mitigate
these issues.
Building a private cloud
_Although building a private cloud isn’t a top priority for many organizations, for those who are likely to
implement such a solution, it quickly becomes one of the main challenges facing cloud computing – private
solutions should be carefully addressed.
_Creating an internal or private cloud will cause a significant benefit: having all the data in-house. But IT
managers and departments will need to face building and gluing it all together by themselves, which can
cause one of the challenges of moving to cloud computing extremely difficult.
_It is important to keep in mind also the steps that are needed to ensure the smooth operation of the
cloud:
+Automating as many manual tasks as possible (which would require an inventory management system).
+Orchestration of tasks which has to ensure that each of them is executed in the right order.
_As this article stated: the cloud software layer has to grab an IP address, set up a virtual local area
network (VLAN), put the server in the load balancing queue, put the server in the firewall rule set for the IP
address, load the correct version of RHEL, patch the server software when needed and place the server into
the nightly backup queue.
Page 31
_That being said, it is obvious that developing a private cloud is no easy task, but nevertheless, some
organizations still manage and plan to do so in the next years.
Segmented usage and adoption
_Most organizations did not have a robust cloud adoption strategy in place when they started to move to
the cloud. Instead, ad-hoc strategies sprouted, fueled by several components. One of them was the speed
of cloud adoption. Another one was the staggered expiration of data center contracts/equipment, which
led to intermittent cloud migration. Finally, there also were individual development teams using the public
cloud for specific applications or projects. These bootstrap environments have fostered full integration and
maturation issues including:
+Isolated cloud projects lacking shared standards
+Ad hoc security configurations
+Lack of cross-team shared resources and learnings
_In fact, a recent survey by IDC of 6,159 executives found that just 3% of respondents define their cloud
strategies as “optimized”. Luckily, centralized IT, strong governance and control policies, and some heavy
lifting can get usage, adoption, and cloud computing strategies inline.
_Nearly half of the decision makers believe that their IT workforce is not completely prepared to address
the cloud computing industry challenges and managing their cloud resources over the next 5 years. Since
businesses are adopting the cloud strategy more often than ever, it is eminent that the workforce should
keep up and carefully address the potential issues.
Migration
_One of the main cloud computing industry challenges in recent years concentrates on migration. This is a
process of moving an application to a cloud. An although moving a new application is a straightforward
process, when it comes to moving an existing application to a cloud environment, many cloud challenges
arise.
_A recent survey conducted by Velostrata showed that over 95% of companies are currently migrating
their applications to the cloud, and over half of them find it more difficult than expected – projects are over
budget and deadline.
_What are the challenges faced during storing data in the cloud? Most commonly cited were:
+Extensive troubleshooting
+Security challenges
+Slow data migrations
+Migration agents
+Cutover complexity
Page 32
+Application downtime
_In another survey, although not that recent, but a picturesque perception of the migration to the cloud; IT
professionals stated they would rather “get a root canal, dig a ditch, or do their own taxes” than address
challenges in cloud computing regarding the deployment process.
Conclusion
_Cloud computing has some amazing advantages: infinite memory, fast computing energy entry and the
capacity to readily communicate and manage data, but has several problems and most of them relate to
safety. Before it is commonly embraced, cloud devices have to conquer many barriers, but can now be
used in certain compromised and under appropriate circumstances.
_It is no secret; cloud computing is revolutionizing the IT industry. It is also shaking up the business
intelligence (BI) landscape, and well, pretty everything else it touches. As the cloud adoption exponentially
grows, businesses of all sizes are realizing the benefits. For startups and small to medium-sized businesses
(SMEs), that can’t afford costly server maintenance, but also may have to scale overnight, the benefits of
utilizing the cloud are especially great.
_While cloud computing challenges do exist, if properly addressed, these 10 issues don’t mean your IT
roadmap has to remain anchored on-premise. Business intelligence (BI) and the cloud are an ideal match,
as the first one provides the right information to the right people while the latter is an agile way to access
BI applications.
So, what are the challenges faced during storing data in the cloud and how to overcome them?
_To make the best out of it and overcome issues, you should take a strategic iterative approach to
implementation, explore hybrid cloud solutions, involve business and IT teams, invest in a CIO, and choose
the right BI SaaS partner. All this will ensure that the benefits of cloud business intelligence will far
outweigh the challenges.
_Clearly, organizations have some demanding work ahead of them, especially since the adoption of the
cloud is becoming a business standard that will grow exponentially. Cloud is not just an idea to implement
overnight, but a strategic approach, management details, and professionals’ involvement can help reduce
potential risks, costs, and flaws in the implementation process. The future of cloud lies upon introducing
industry standards, that will help in addressing regulatory, management and technological matter.

Page 33
P8 Assess the most common security issues in cloud environments.
Security issues related to cloud computing
_Security in cloud computing consists of two areas: security problems facing cloud services and customer
security issues. Confronted. In the sense that user data and services are secured, cloud providers must
promise that the technology they offer is secure. Meanwhile, consumers must ensure that adequate
security steps have been taken by suppliers to secure their information.
_The extension of the use of virtualization strategies to construct cloud computing networks poses
particular consumer security concerns. The relation between the operating system and hardware
architectures including processing, storage and networking is altered by virtualization techniques. This
introduces a new layer that needs to be configured, maintained and protected-virtualization. The issues of
concern are software for virtualization. For starters, it will crash the whole system when a security issue
arises on administrative workstations with virtualization management software.
Security controls for cloud computing
_Cloud computing 's security infrastructure is only efficient if adequate defense approaches are applied.
The concerns that arise about protection should be defined by an optimized cloud security architecture.
Regulation of security concerns relevant to access and control of security. To secure vulnerabilities in the
mechanism and reduce the effect of an attack, these safeguards are in place. Although there are many
ways in which cloud protection can be regulated, there are common ways:
Prevention
_This control is set up to prevent purposeful attacks on cloud computing systems. Relatively similar to a
warning sign in a fence or property, these controls do not reduce the likelihood of the system being truly
compromised.
Precautions
_Controls enhance the power of the system by managing vulnerabilities. Preventive control will protect
system vulnerabilities. If an attack occurs, preventive controls are in place to ensure minimal damage and
security breaches of the system.
Repair
_Adjustment controls are used to reduce the impact of attacks. Unlike preventive controls, repair controls
are implemented when attacks take place.
Error detection
_The find control is used to detect any possible attacks with the system. In the case of an attack, detection
control will signal preventive or corrective control to resolve the problem.

Page 34
Aspects of cloud security
_The three most popular aspects are aggregated into cloud protection aspects: security and secrecy,
enforcement, and legal or contractual concerns.
Security and privacy
_Identity management: Each business will have its own identity management system to control access to
information and computer resources. Cloud providers or integrate customers' identity management
systems into their own infrastructure, using either federation (Federation) or Single-Sign-On (SSO) ), or
provide an identity management solution of its own.
_Personal security: Suppliers ensure that physical machines used in cloud computing are secure enough
and access to these machines as well as all relevant customer data is not restricted. Access term but also be
recorded.
_Rationale: Cloud providers assure customers that they will have regular and predictable access to their
data and applications.
_Application security: Cloud computing providers ensure that applications are available as a service
through the cloud to ensure security by performing external testing and acceptance of procedures. or
packaging the application code. It also requires proper security measures in place
production environment.
_Privacy: Finally, suppliers ensure that all important data (for example, credit card numbers) is concealed
and that only authorized users can access it. all data. Furthermore, the information and identifiers are
digitized and the information must be protected as any data that suppliers collect or create about customer
activity in the cloud.
_Legal issues: In addition, suppliers and customers must consider legal issues, such as contracts and
electronic checks- E-Discovery - (Electronic Discovery), and Relevant legal issues, may vary by country.
Policy
_Many regulations involve the storage and use of data, including payment of industry standard security
data card (PCI DSS), health insurance and Liability Act (HIPAA), Sarbanes Act -Oxley. Many of the above
require regular and audited reporting. Cloud providers must allow their customers to comply with these
regulations.
_Continuity of response and data recovery: Cloud providers must have ongoing business plans and on-site
data recovery to ensure service can be maintained in the event of a disaster. disaster or emergency, and
any data loss will be recovered. These plans are shared and reviewed with their customers.

Page 35
_Logging and auditing: In addition to recording and auditing, cloud providers work with their customers to
ensure that audit records and documents are properly, maintenance until the customer requests it, and
may have access to legal investigative purposes (for example, eDiscovery).
_Distinctive policy requirements: In addition to the requirements given by customers, data centers
maintained by cloud providers may also be required to comply with other separate requirements. Using a
cloud service provider (CSP) can lead to additional security issues around data authorization from
customers or data tenants that may not exist on the same system., or in similar data centers or even in the
cloud of the same provider.
_Legal and contractual issues: In addition to the security and compliance issues listed above, cloud
providers and their customers will negotiate terms around liability. (for example, how the regulation
regarding data loss incidents or compromises will be resolved), intellectual property, and the end of the
service (when data and applications end same return for customers).
Visibility and Control Over Access
_Adopting a zero-trust security architecture is one of the most impactful ways to manage users and
safeguard data in the cloud.
_Zero trust security is exactly what it sounds like—no user is automatically trusted. Everyone must provide
verification of who they are before gaining access to resources and data stored in the cloud app.
_Two common examples of identity based zero trust security approaches are Single Sign On (SSO) and
Multi-factor Authentication (MFA). Single Sign On verifies users through a single name and password
combination. Multi-factor Authentication combines two (or more) unique credentials, such as requiring
users to enter a password and a security token. Most reputable cloud applications provide both of these
authentication features natively, and simply require your admin to activate either or both for your team.
_Many companies use Single Sign On or Multi-factor Authentication as a first line of defense to keep
unauthorized users out of systems that hold sensitive data. Both are easy to use and set up in popular
cloud apps, and all IT security experts strongly encourage the use of both.
Data Security
_Data loss prevention solutions, SaaS security, and malware threat protection can all increase your cloud
data security to reduce the risk of internal and external threats, and guard against data breaches.
Thwart External Threats
_Today’s cyber criminals target weaknesses in cloud applications to steal business, employee, and
customer data. This means any business with SaaS applications accessing the cloud environment is at risk.
SaaS security is no longer a nice-to-have, it’s a necessity.

Page 36
Prevent Insider Threats
_Develop companywide standards to define who can take action on what data sets, in what environments,
using which methods to ensure that data stays carefully controlled. Limiting internal access points, and
monitoring how that information is used, can help keep sensitive data safe.
Stop Accidental Data Breaches
_Human error is the most common source of a data breach, and proactiveness is the key to prevention. To
ensure costly mistakes are not made, help employees understand how and where data breaches can
happen.
Account Takeovers
_When impersonators take over user accounts, they roam freely in the environment, carrying out
fraudulent activities wherever and whenever they want. Common signs of an account takeover may
include successful logins from other counties or IP addresses, successful logins from multiple different
countries in a short amount of time, mass file downloads, suspicious sharing activity, phishing emails
coming from an internal account, and more.
_In traditional on-prem environments, account takeovers are relatively easy to catch. But account
takeovers are a nagging security issue in cloud computing because they are notoriously difficult to detect.
Further, the impacts of a cloud account takeover are even more difficult to find and remediate.
_Using a cloud application account takeover prevention tool is one of the best ways to detect attempts,
identify account takeovers, and quickly remediate the issue.
Risky SaaS Applications
_When end users download and sign into cloud applications on their phones, tablets, or personal
computers unbeknownst to the IT department, it’s extremely difficult to monitor and block the use of
unsanctioned applications.
_SaaS risk comes in two basic forms: malicious SaaS apps and apps that were not developed with proper
security controls. These apps can open a “back door” to your cloud environment.
_OAuth applications that request broad user permissions, such as the ability to write and send emails,
should be particularly scrutinized by IT. Make sure your team is only allowing permissions to well-known
and trusted applications through OAuth.
_SaaS security solutions provide greater visibility and control over cloud applications to protect against
data exposure. They can detect SaaS applications that are connected to your cloud environment through
OAuth and score the potential security risk based on a number of factors. These factors might include the
level of permissions provided by the end user, as well as an aggregation of security complaints others have
reported.

Page 37
Advanced Malware and Phishing Attacks
_The element of human error in malware and phishing threats is still the greatest vulnerability that
organizations are contending with. To help prevent human error teach users about the importance of
creating and using complex passwords and identifying phishing attempts, keep operating systems and anti-
virus software up to date, and get in a routine of backing up files to guard against data loss.
_Using best-in-class cloud malware threat protection technology is the optimal way to protect against
malicious attacks.
_The security concerns involved with cloud computing do not outweigh the benefits of moving your
business to the cloud. Most reputable cloud applications continue to work hard to patch security
vulnerabilities and improve data security architecture. However, security administrators feel much better
knowing that their cloud environment is being monitored and controlled by a third-party platform. This is
where Managed Methods cloud application security platform comes in.

Page 38
References
1. Heroku.com. 2020. Cloud Application Platform | Heroku. [online] Available at:
<https://www.heroku.com/> [Accessed 6 November 2020].
2. Polar-temple-90087.herokuapp.com. 2020. Homepage - Polar-Temple-90087. [online] Available at:
<https://polar-temple-90087.herokuapp.com/#> [Accessed 6 November 2020].
3. GitHub. 2020. Tai0888 - Overview. [online] Available at: <https://github.com/Tai0888> [Accessed 6
November 2020].
4. TechRadar. 2020. Best Cloud Computing Services Of 2020: For Digital Transformation. [online]
Available at: <https://www.techradar.com/best/best-cloud-computing-services> [Accessed 6
November 2020].
5. Chris Preimesberger, e., 2020. Compare Top Cloud Computing Companies For 2020. [online]
eWEEK. Available at: <https://www.eweek.com/cloud/top-cloud-computing-providers> [Accessed 6
November 2020].
6. Cloud Academy. 2020. Which Cloud Computing Platform? - Cloud Academy Blog. [online] Available
at: <https://cloudacademy.com/blog/top-3-amazon-web-services-vs-micosoftazure-vsgoogle-
compute-platform/> [Accessed 6 November 2020].
7. Technology Diver. 2020. Heroku Là Gì ? Tổng Quan Về Nền Tảng Đám Mây Heroku - Technology
Diver. [online] Available at: <https://cuongquach.com/heroku-la-gi.html> [Accessed 6 November
2020].
8. Ribbonfish. 2020. What Is Heroku? A Brief Introduction - Ribbonfish. [online] Available at:
<https://ribbonfish.co.uk/blog/heroku-brief-introduction/> [Accessed 6 November 2020].
9. ManagedMethods. 2020. Top 5 Security Issues In Cloud Computing | Managedmethods. [online]
Available at: <https://managedmethods.com/blog/security-issues-in-cloud-computing/> [Accessed
6 November 2020].
10. Rackspace Technology. 2020. What Is Cloud Backup? Cloud Data Recovery Solutions | Rackspace
Technology. [online] Available at: <https://www.rackspace.com/library/what-is-cloud-
backup#:~:text=Cloud%20backup%20is%20a%20service,failure%2C%20outage%20or%20natural
%20disaster.> [Accessed 6 November 2020].
11. BI Blog | Data Visualization & Analytics Blog | datapine. 2020. Cloud Computing Risks, Challenges &
Problems Businesses Are Facing. [online] Available at: <https://www.datapine.com/blog/cloud-
computing-risks-and-challenges/> [Accessed 6 November 2020].

Page 39
Page 40