Cloud Deployment
docx
keyboard_arrow_up
School
Boise State University *
*We aren’t endorsed by this school
Course
401
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by SargentBee3814
1
Cloud Deployment Models
Ien Shen Narbay
CPS 401, Student, Boise State University
Boise, Idaho USA
ienshennarbay@u.boisestate.edu
2
1.) Comparison of Cloud Deployment Models
Feature
Public Cloud
Private Cloud
Hybrid Cloud
Ownership
Shared ownership
Single organization ownership
Combination of shared
and private ownership
Cost
Cost-effective
High initial setup costs, lower
operational costs
Variable costs
depending on usage
Scalability
Highly scalable
Limited scalability
Scalable, combines
public and private
resources
Customization
Limited customization
High level of customization
Moderate
customization
Security
Shared responsibility
between cloud
provider and customer
Higher control and
responsibility for the
organization
Shared responsibility,
but with varying
degrees
2.) Selection of Cloud Model for Healthcare Company
Model
Reasoning
Hybrid Cloud
A healthcare company needs to balance the cost-effectiveness of the
public cloud with the security and customization of the private cloud. A
hybrid cloud offers the best of both worlds, allowing for flexibility and
control over sensitive healthcare data.
3.) Security Responsibility for Each Cloud Deployment Model
Model
Responsible Party
Public Cloud
Shared responsibility - The cloud provider handles infrastructure security,
while the customer is responsible for securing their data and applications.
Private Cloud
Customer - The organization is solely responsible for the security of the
private cloud infrastructure, data, and applications.
3
Hybrid Cloud
Shared responsibility - The division of security responsibilities depends on
the deployment model (public or private) of each component.
4.) Cloud Offerings and Security Focus
Office 365 is a Software as a Service (SaaS) offering (
Skendzic & Kovacic, 2012)
.
Shopify is a Platform as a Service (PaaS) offering.
For focusing on core competencies with the best security, a Hybrid Cloud model would
be suitable, providing a balance of control and scalability (
Carroll et al., 2011)
.
5.) Mitigating Unauthorized Access Threat
Implementing multi-factor authentication, robust access controls, and regular user access
reviews to ensure only authorized personnel can access sensitive data (
Pauley et al., 2022)
.
6.) Measures to Mitigate Misconfiguration Threat
Regularly audit and review cloud configurations, implement automated configuration
management tools, and provide training to personnel to avoid misconfigurations (
Mullet et al.,
2021)
.
7.) Components of a Cloud Security Checklist
Ongoing security monitoring
Regular security audits and assessments
Incident response and recovery plans
Data encryption protocols
Access management and identity verification
Employee training on security protocols
Regular updates and patch management
Vendor risk management
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
Compliance with industry regulations
Network security measures
Backup and recovery procedures
References
Carroll, M., Van Der Merwe, A., & Kotze, P. (2011, August). Secure cloud computing: Benefits,
risks and controls. In
2011 Information Security for South Africa
(pp. 1-9). IEEE.
5
Mullet, V., Sondi, P., & Ramat, E. (2021). A review of cybersecurity guidelines for
manufacturing factories in industry 4.0.
IEEE Access
,
9
, 23235-23263.
Pauley, E., Sheatsley, R., Hoak, B., Burke, Q., Beugin, Y., & McDaniel, P. (2022, May).
Measuring and Mitigating the Risk of IP Reuse on Public Clouds. In
2022 IEEE
Symposium on Security and Privacy (SP)
(pp. 558-575). IEEE.
Skendzic, A., & Kovacic, B. (2012, May). Microsoft Office 365-cloud in business environment.
In
2012 Proceedings of the 35th International Convention MIPRO
(pp. 1434-1439).
IEEE.