Professional Documents
Culture Documents
The role of cloud computing is to use of the resources such as servers, storage, networking,
and software over the Internet. Cloud computing is like a necessity nowadays due to the fact
that technology has a great impact on business nowadays is evident since in the future
tasks. Although cloud computing provides many benefits, it is also important to consider the
accompanying risk of it since it cannot be prevented. It is important to consider the risks
associated with cloud adoption specific to their missions, systems, and data such as:
Data security
Although cloud service providers implement the best security standards to store important
information. It can be associated with loss, leakage, or unavailability of data. The data security
becomes particularly serious in the cloud computing environment because data are scattered in
different machines and storage devices that can cause a loss in revenue, business interruption,
loss of reputation, or regulatory incompliance. By securing these systems it involves the efforts
of cloud providers and the usage of clients whether it is an individual, small to medium business,
or enterprise.
To control the risk, the provider must assure its users that appropriate measures are in place.
There are variety of controls related to the basics of data center security, such as establishing
physical security perimeters and establishing policies and procedures related to physical
security within the data center. It also includes sanitizing stored data, a goal that many
enterprises achieve by encrypting stored data and protecting the secret key from discovery. IT
managers should know the physical security policies and ensure that unauthorized parties
cannot physically access the organization’s resources by storing in secure locations and have a
Organizations may face problems when transferring their services from one vendor to another
since it involves moving data to a totally different type of environment and may involve
reformatting the data. Hosting and running the applications of the current cloud platform on
some other platform may cause support issues, configuration complexities, and additional
expenses. The data might also be left vulnerable to security attacks due to compromises that
might have been made during migrations. Vendor lock-in is usually the result of proprietary
technologies that are incompatible with those of competitors. However, it can also be caused by
The companies should evaluate the cloud services carefully and research a cloud vendor by
sure that the service is sufficient enough. Having a backup of all the data can help the business
stay ready to store the data in other cloud service and ensuring that the data can be moved
easily by keeping data in formats that are usable across a variety of platforms.
Technology risk
As technology improves, and protection systems evolve, cyber-criminals have also come up
with new techniques to deliver malware targets. Since there are many organizations are putting
so much sensitive data into cloud environments, they have inevitably become targets for
malicious attackers. Identity theft is one thing that can make the client worried about, and it
became more sensitive when Cloud Computing implementation encounters the security
problems that could lead to costly rearchitected efforts for adoption or integration with new
technology.
Legal Risk
with sharing their data. Even as key processes and data storage are outsourced, companies still
bear the full responsibility to comply with applicable laws and regulations including protecting
their customer’s sensitive data. If a company outsources the processing or storage of data that it
is required to protect, then it is relying on a cloud service provider to maintain their compliance.
It does not have adequate legal protections, then it may be liable when there is a data breach at
the cloud service that exposes the company’s data. Many organizations find it difficult or even
impossible to achieve compliance while using cloud architecture. IT leaders should thoroughly
To mitigate this risk, companies should always use authentication systems for all the sensitive
data in the firm. Even tech giants like Facebook have been victims of resource exploitation due
to user error or misconfigurations. Keeping employees informed about the dangers and risks of
data sharing is of at most importance. A majority of companies have already established privacy
and compliance policies to protect their assets. In addition to these rules, they should also
create a framework of governance that establishes authority and a chain of responsibility in the
organization.A well-defined set of policies clearly describes the responsibilities and roles of each
employee. It should also define how they interact and pass information.
Organizations should have established privacy and compliance policies to protect their assets.
They should also create a framework of governance that establishes authority and a chain of
have underestimated the cost of running up the cloud and requirements from the business.
If cloud environments are down for hours or days, this could adversely impact a business’ ability
To offset possible lost revenues, most cloud providers will sign up for availability SLAs and
Companies accused of data breach also typically provide consumer credit monitoring services for up to
one year. According to
According to the North Bridge and Wikibon’s Future of Cloud Computing Survey in December
2015, the cost of cloud services is three times as likely to be a concern today versus five years
ago.
Operational Risk
Operational risk can be associated with execution of IT services and tasks that the business
relies on. Migrating to the cloud introduce complexity into IT operations. Key management and
encryption services become more complex in the cloud. Cloud service providers typically offer
different services, techniques, and tools available to log and monitor cloud services which
further increasing complexity. Hybrid cloud implementations may also face emergent
threats/risks as a result of technology, policies, and implementation methods, all of which add
complexity. As a result of the increased complexity, there is a greater risk of security gaps in
Cloud service provider must also perform proper due diligence to determine if they have the
capabilities to meet the organization’s cloud vision and for the organization to understand the
potential risks associated with the provider. With the move to the cloud, a new approach known
as DevOps has emerged, in which development and operations responsibilities are merged.
This virtually removes the lengthy queue and development times to create more efficient
https://www.linkedin.com/pulse/cloud-computing-what-does-mean-operational-risk-the-institute
REFERENCE:
https://www.compuquip.com/blog/cloud-security-challenges-and-risks
https://www.nutanix.com/theforecastbynutanix/technology/four-biggest-risks-of-cloud-
computing-and-how-to-mitigate-them
https://webobjects.cdw.com/webobjects/media/pdf/Solutions/Cloud-Computing/151383-
Mitigating-Risk-in-the-Cloud.pdf?fbclid=IwAR28xglMVEp-Fp00ng40lpVQlgMD2-YQpK-
bq8FZxRyndezmcImT0oer1a4