Cloud computing offers significant challenges for organizations which need to meet various global security regulations. This implies that organizations should adopt a systematic approach to addressing security in the cloud (Mather, Kumaraswamy & Latif, 2009). Cloud computing places a diverse collection of user and business information in a single location. Mather, Kumaraswamy & Latif (2009) noted that as unstructured data flows through the cloud, strong data governance is needed to ensure that the original purpose of collection and limitation on use is attached to the data. Security issues pertaining unstructured data storage in cloud include enforcement of appropriate access control policies as well as the secure storage of the data at multiple locations (Thuraisingham, 2010).
There is a critical need to securely store, manage, share and analyze massive amounts of complex for example unstructured data to determine patterns and trends in order to improve the quality of cloud computing services (Thuraisingham, 2010, 320). Cloud providers of unstructured data are most confident about their ability to ensure recovery from significant IT failures and ensure the physical location of data assets are in secure environments (Mather, Kumaraswamy & Latif, 2009).
-
0
Preparing Orders
-
0
Active Writers
-
0%
Positive Feedback
-
0
Support Agents
With unstructured data, cloud providers are least confident in their ability to restrict privileged user access to sensitive data. Anderson & Mutch (2011) noted that “lack of confidence can surely be attributed to the lack of a clear definition of privileged access and what the appropriate controls are in place” (p. 120). While researchers can debate the relative security of clouds versus most corporate data centers, there is one area where using unstructured data a cloud vendor will always represent a greater security risk. The threat is posed by insider’s administrative security privileges.
Anderson & Mutch (2011) argued that “encryption of data is a vital protection that can address a number of concerns about malicious insiders particularly with unstructured data” (p. 120). They however noted that unstructured data encryption in the cloud is tricky and requires a well thought out architecture and key management system. It is important to ensure that cloud providers understand the enterprise customer and deliver the security required. Throughout the cloud lifecycle, risks that are identified must be carefully balanced against the security and privacy controls available and the expected benefits from their utilization (Anderson & Mutch, 2011). At the same time too many controls can be inefficient and ineffective, if the benefits outweigh the costs and associated risks.
The security of unstructured data can be reflected in the privacy of user storage data. Furht & Escalante (2010) indicated that “user storage data cannot be viewed or changed by other people including the operator” (p. 24). The security of unstructured data can be viewed in the form of the user data privacy at runtime. The cloud service providers must ensure that user data cannot be viewed or changed by other people at runtime.
The security of unstructured data must be ensured when transferring through network (Furht & Escalante, 2010). Authentication and authorization needed for users to access their data is very important. Furht & Escalante (2010) indicated that “users can access their unstructured data through the right way and can authorize other users to access” (p. 25). To ensure security of unstructured data in the cloud, organizations can use the following corresponding technologies as shown in the table 1.0 below.
Recommendations of unstructured data security to operators and users in cloud computing
To other users |
To operators |
|
The privacy of user storage data |
SAN network zoning, Mapping, clean up disks after callback and file system authentication |
Bare device encryption, File system encryption |
The privacy of user data at runtime |
VM isolation Operating system isolation |
Operating system isolation |
The security when transferring unstructured data through network |
Secure Socket Layer, VLAN, Virtual Private Networks (VPN) |
Secure Socket Layer, Virtual Private Networks (VPN) |
Authentication and authorization needed for users to access their unstructured data |
Firewall, Virtual Private Networks authentication, Operating system authentication |
Virtual Private Networks authentication Operating system authentication. |
In addition to the technology solutions, business and legal guidelines can be used to enforce unstructured data security, with terms and conditions to ensure user rights to financial compensations in case of breached security (Furht & Escalante, 2010).
The security of unstructured data in the cloud has caused many organizations to develop private cloud environments where company data remains inside the firewall (Hurwitz, Bloor & Kaufman, 2009). Chang, Abu-Amara & Sanford (2010) mentioned that “security for unstructured data encompasses many different things including the policies on access control and identity management” (p. 167). It is also important to ensure monitoring, detection and forensics, encryption, patch management, privileged virtual environment, and protection of the actual virtual infrastructure.
Schulz (2011) noted that “sensitive unstructured data processed outside the enterprise brings an inherent level of risk” (p. 168). Cloud computing and unstructured data storage coexist and complement what is currently being done, with the objective of boosting quality of service, availability, or customer satisfaction while ensuring security of data being processed, moved, and stored for longer periods of time at a lower unit costs. Schulz (2011) also noted that it is a mistake to consider clouds for just their cost saving abilities while ignoring performance, availability, security, data integrity and other factors than can impact service delivery.
Save up to
25%!
We offer 10% more words per page than other websites, so actually you got 1 FREE page with every 10 ordered pages.
Together with 15% first order discount you get 25% OFF!
Even though clouding computing is an emerging trend, unstructured data may complicate internal efforts to secure the transmission of data. Andreasson (2011) indicated that “moving information to a centrally managed location can increase security as responsibility moves from an individual to the central provider” (p. 347). Andreasson (2011) also noted that the leading security risks within an organization resulting from various trends were the rise in unstructured data includes cyber terrorism, mobility and web 2.0.
In order to ensure the security of unstructured data in the cloud, it is critical to take into account organizational initiatives such as comprehensive and clearly communicated policies that are enforced in areas such as the establishment of secure transmissions. Andreasson (2011) explained that “chief information officers must ensure implementation of security on the devices themselves, awareness and training, preparedness, providing a list of approved apps, data loss prevention and a central back of data” (p. 346).
VIP services
Get
extended REVISION 2.00 USD
Get SMS NOTIFICATIONS 3.00 USD
Get an order
Proofread by editor 3.99 USD
Get an order prepared
by Top 30 writers 4.8 USD
Get a full
PDF plagiarism report 5.99 USD
Get
VIP Support 9.99 USD
VIP SERVICES
PACKAGE
WITH 20% DISCOUNT 23.82 USD
Secured access of the entire cloud environment ensures that unstructured data storage in cloud with complete security. Studies show that unstructured data processed outside the enterprise brings an inherent level of risk. Chang, Abu-Amara & Sanford (2010) says that this is because outsourced services may bypass the physical, logical, and personnel controls IT departments have over in house programs. Moreover, Chang, Abu-Amara & Sanford (2010) indicated that when an enterprise moves their unstructured data onto cloud based platforms, they must ensure that they can maintain the same level of access assurance as the current or previous internal applications.
Two factor authentications can be used to ensure security of unstructured data storage in cloud. Chang, Abu-Amara & Sanford (2010) noted that “lacking the appropriate control over the network that provide connectivity to cloud storage” (p. 168). This implies that all data sent could potentially be intercepted and even altered. The cloud service login process that provides strong two-factor authentication and complies with industry policies and guidelines can enforce a secured access (Chang, Abu-Amara & Sanford, 2010). Two factor authentications promote security of unstructured data in the cloud by providing fast and convenient token or token-less authentication.
Top 30 writers
Get the highly skilled writer in the chosen discipline for $4.8 only!
Single sign-on can be used to ensure security of unstructured data storage in cloud. Single sign-on plays a fundamental role in ensuring that a single action of signing out terminates access to multiple software systems. Chang, Abu-Amara & Sanford (2010) indicated that integrating single sign-on with existing enterprise identities is a key requirement and priority of many enterprise that adopt cloud services.
In the context of unstructured data in the cloud, single sign-on provides convenience and better application experiences to end users and can reduce security issues that arise from having to manage multiple security credentials. Wilshusen (2010) argues that cloud computing can both increase and decrease the security of information systems in organizations. Unstructured data security benefits include those related to the use of virtualization, such as faster deployment of patches, and from economies of scale, such as potentially reduced costs for disaster recovery.
Hardening the host operating system is a good strategy for enhancing security of unstructured data storage in cloud (Krutz & Vines, 2010). A compromise of the underlying host operating system would give an intruder access to all services on all virtual machines hosted by the machine. Krutz & Vines (2010) thus says that “best practice hardening techniques must be implemented to maintain the security posture of the underlying technology” (p. 165). This can be achieved through disabling unneeded services or programs especially networked services. The host of unstructured data should be individually firewalled. It is fundamental to patch and update the host regularly, after testing on a nonproduction unit.
VIP support
VIP support services:
special attention is assured! $9.99 only!
Using encrypted communications can enhance security of unstructured data storage in cloud. Krutz & Vines (2010) argues that encryption technologies such as secure HTTP (HTTPS) encrypted virtual private networks (VPN), transport layer security (TLS) secure shell (SSH) should be used to provide secure communications links between the host domain and the guest domain or from hosts to management systems. Krutz & Vines (2010) further says that “encryption will help prevent such exploits as man in the middle (MITM), spoofed attacks and session hijacking” (p. 167).
Disabling background tasks can be used to enhance security of unstructured data storage in cloud. Krutz & Vines (2010) says that “disabling, limiting or off-loading these processes to other servers may be advisable if the host is beginning to suffer from resource contention” (p. 167). Several hacker exploits are designed to piggyback off of these processes, in an attempt to be less detectable to malware detection.
In conclusion, several cloud computing information security risks of unstructured data relate to the ability to rely on a vendor’s security assertions and practices. Identity management and user authentication are a concern because customers and providers may need to establish a means to securely exchange and rely on authentication and authorization information for system users in the cloud computing environment. Organizations must ensure that there is a clear delineation of responsibilities as they relate to the security of unstructured data in a cloud computing environment.