Cloud Computing is a model that enables convenient, ubiquitous and on-demand network access to all the shared pool of configurable computing resources such as; networks, storage, servers, services, and applications, which can be swiftly provisioned and released. It is a young concept that is gaining popularity so fast. Cloud computing has concurrently transformed business, government operations and created security challenges at an unprecedented pace.
Development of the cloud service model has delivered business-supporting technology that is more efficient. The idea of shifting from the server- based on service-based thinking has continually transformed the way technology departments perceive designing and delivery of computing applications and technology. Despite the popularity and numerous advantages, cloud computing faces a couple of security threats, some of which are embedded in networks, intranets, computing platforms, and internets. These threats and risk vulnerabilities usually come in various forms.
Privacy
One of the major challenges of cloud computing is the risk of violating the information privacy of the users. The rise of cloud computing has made it difficult to guard the integrity of users data security, therefore, there is a need for addressing security and privacy issues that pose greater risk for the use of the technology (Chourasia, et al. 2014). Despite the success of cloud computing in different areas, its models have received mixed reactions as far as their applicability is concerned. Sometimes cloud computing suffers from different vulnerabilities, for instance, the only internet supports the models, hence, all the information is at the mercy of internet providers (Mellado, et al. 2015). Prolonged internet outages sometimes affect the accessibility of data and create real risks to the users. Current breaches of massive databases mean that cloud-computing models are not safe from hackers. The risk of security breach is pronounced when the protected information database is stored in a central location (Schwartz, n.d. As the concept of cloud computing gains momentum, IT service providers and other stakeholders are consciously aware of the magnitude of liability that would be caused if sensitive data were to be breached. They are aware of the penalties associated with inadequate security mechanisms as more data is moved into the volatile cloud (Pasquale & Ragone, 2014).
However, organizations cannot turn down cloud computing because of the few associated risks. The organizations can manage these risks by creating a ready response team that is adequately prepared to respond immediately to security breach threats.
Human factors
Studies indicate that human error is still the biggest challenge that is facing cloud-computing technology. When organizations adopt the cloud-computing technology, the first thing that should come to mind is how to develop human resource policy integrates with information technology policy (Kotz et al. 2015). It is vital for organizations to ensure that IT and HR policies adequately cover the organization against the risks that are posed by employees retrieving information for an illegitimate purpose (Mork, et al. 2011). Organizations have reported cases of data theft by their employees for commercial use or other malicious intentions (Chen, Lu, & Jan 2012). Notably, millions of dollars have been lost because of employees errors of omission or commission. In such instances, the organization may lose its assets or affect its reputation. Recklessness in the workplace is also a common problem for organizations that have weak IT and human resource policies. For example, employees who fail to keep their security authentication information safely expose the organization to the risk of unauthorized data access (Sultan, 2014). Often, this is a result of lack of job satisfaction or failure in the recruitment process (Kuo et al. 2011). When organizations fail to scrutinize their employees during the recruitment process, they may absorb employees with poor behavioral attitudes and end up exposing themselves to the risk of compromising data integrity (Sultan, 2014).
Protecting the integrity of organizations information from unauthorized access by its employees is a daunting task and a lengthy process. The organization needs to create a sound human resource and IT policy that covers all the areas. The human resource policy should answer some pertinent questions including whether employees are aware that their internet and email activities are being monitored. Proper education and training among workers can help reduce human errors associated with the mismatch between user need and supplier. When and how the hospital will use cloud computing and what applications will be hosted in cloud computing, and whether the hospital allows its employees to access their personal webmail at work and where access to the cloud is allowed i.e. inside or outside.
Accessibility and data storage and retrieval
There are several data storage and retrieval challenges that face many institutions when using cloud computing technology. Storing, indexing, and maintaining the viability of information is a major problem that inhibits absorption of cloud computing in business facilities. To effectively address this challenge, the constellation of tools and professional information technology skills are required. With limited economic resources for on-site support, organizations can use outsourced strategy for data storage management aspects. This will enable these institutions to utilize specialized technological expertise to design approaches for managing problems faced by medical practitioners, whose work includes data mining and processing of non-standard file formats, and relating those electronic files to their DICOM standard descendent.
Organizations also face challenges especially with information stored in offsite locations, common with cloud computing. When this data is stored in an offsite location, it is supposed to be encrypted to protect it from unauthorized access. This is often a clean solution when there is no need to process the data in its offsite location. The situation offers data security as a single site can be used to store data for future retrieval. The solution to this problem is to make files anonymous before they leave their storage location.
Solutions
Organizations should enhance internal communication systems that define how information is shared within the organization to ensure that there is a prompt response in case of an attack (Samanthula et al. 2015). The organization should also create strong policies so as to guard the systems from malware or spyware infection. In the same breath, organizations should create a strong culture that values responsibility. Employees should be encouraged to use strong authentication details and update them regularly. They should ensure that every important file is encrypted and the encryption key stored in a secure location. It is evident that a successful IT policy depends on a team of trained employees who are guided by a sound data protection policy (Pasquale & Ragone, 2014). Traditional data securing approach can be used as a measure of mitigating risks associated with cloud computing risks. The method involved storing and backing up the information on a single server to allow access to the use of correct passwords. The users can also be taught not to keep their passwords simple and memorable because this may lead to the possibility of brute force attacks.
There should be a clear contract with a cloud vendor. This will enable an organization to claim, incase cloud vendor closes before the contract. Cloud vendors should also provide good recovery facilities. This will enable continuity and recovery of data in case of fragmentation or loss of data due to certain issues.
Conclusion
Cloud computing is a combination of different key technologies, which have evolved over the years. Cloud computing helps in cutting the operating costs of an organization, but the security risk involved are enormous. Enterprise views cloud computing technology as a way of cutting down the cost and increasing the profitability. Although Cloud computing is viewed as an innovative phenomenon, set to revolutionize the way people use Internet, there are various issues that they should be cautious about. If security issues are mitigated, cloud computing can have the potential to become a leader in promoting virtual systems, security, and economic viability in IT solutions. We tried to solve many issues.
References
Chen, Y. Y., Lu, J. C., & Jan, J. K. (2012). A Secure EHR System Based on Hybrid Clouds. J Med Syst, 33753384.
Chourasia, A., Nordstrom, D., & Vanderheiden, G. (2014). State of the science on the Cloud, accessibility, and the future. Springer-Verlag Berlin Heidelberg, 483495.
Kotz, D., Fu, K., Gunter, C., & Rubin, A. (2015). Security for Mobile and Cloud Frontiers in Healthcare. Communications Of The ACM, 21-23.
Mellado, D., Rebollo, O., Medina, E. F., & Mouratidis, H. (2015). Empirical evaluation of a cloud computing information security governance framework. Information and Software Technology, 4457.
Mork, P., Reynolds, C., Kimura, E., & Lai, F. (2011). Opportunities and Challenges of Cloud Computing to Improve Health Care Services. Journal of Medical Internet Research, 1-88.
Pradeep Kumar Tiwari1, D. B. (2012). Cloud Computing Security Issues, Challenges, and Solution. Emerging Technology and Advanced Engineering, 306-310.
Pasquale, F., & Ragone, T. A. (2014). Protecting Health Privacy In An Era Of Big Data Processing And Cloud Computing. Stanford Technology Law Review, 595-654.
Samanthula, B. K., Elmehdwi, Y., Howser, G., & Madria, S. (2015). A secured at sharing and query processing framework via federation of cloud computing. Information Systems, 196212.
Sultan, N. (2014). Making use of cloud computing for healthcare provision: Opportunities and challenges. International Journal of Information Management, 177184.
Y. Ghebghoub, S. O. ( 2013). A Survey on Security Issues and the Existing Solutions in Cloud Computing. Computer and Electrical Engineering, 587-590.
If you are the original author of this essay and no longer wish to have it published on the SuperbGrade website, please click below to request its removal: