Description
Cloud computing has changed significantly since it first started; the world is now more connected than ever before. Yet, facing new challenges such as security brings a top question related to risk for organizations. For these reasons, security service has become popular due to an increase in cyber-attacks, especially for end-user devices. However, there are a few techniques for organizations to decide what security models suit the best for them. One of the most common security applications is data encryption. “Data encryption can be used to protect data on a cloud. Techniques, such as secret computation allow the cloud to perform computation on the encrypted data while the secrecy of the data is protected†(Chen, Wu, & Tzeng, 2014).
In addition, the US Department of Homeland Security (DHS) created a new model for organizations to follow a cyber defensive and intelligence-sharing method that evolves a mix of defensive technologies. “DHS works with other federal agencies to conduct high-impact criminal investigations to disrupt and defeat cybercriminals, prioritize the recruitment and training of technical experts, develop standardized methods, and broadly share cyber response best practices and tools†(DHS, 2020). This method helps organizations to enhance security again known and malicious attacks. Security issues can be addressed when you have the correct tools and knowledge. Investing in security secure the cloud infrastructure across applications and network.
For companies, it is important to remain competitive, they need to adjust and develop the latest technologies and applications. By analyzing security, this needs to be measured and provide a numerical description of each feature. “Security metrics are a technique by which we monitor and compare the level of security and privacy, or privacy state(status), or the security record of a computing environment†(Silva & Geus, 2015). Each chosen security needs to be understood and evaluate all intrinsic aspects that affect the cloud.
Most attacks on cloud infrastructure are because of an organization`s lack of governance and security codes. Identity access management might be one of the most vulnerable metrics due to many threats from malware, ransomware, etc. Therefore, other vulnerabilities should also be highlighted, for example, cloud data storage. “During the storage process, data vulnerability can be observed. In cases where data vulnerability emerges, the distributed server will be certified through concurrent identification of the misbehaving nodes by analyzing the security malfunction†(Mohammed & Abed, 2020). A good example is Amazon Simple Store Service and Microsoft Azure, these are one of the most popular storage services of cloud services which serve to enhance storage, retrieve and share of data. On the other hand, there is still a gap whether the storage has been shared or not between users and access becomes sensitive and exposed. “Consequently, due to the importance of protecting users’ privacy, cloud storage services are encouraged to save an encrypted version of the user’s data†(Mohammed & Abed, 2020). A proper encryption method can provide a cloud-based security service for both provider and end-user to safely communicate under an encrypted channel. As a result, cloud-based security services can be offered in wide options including saving cost and scaling the company`s infrastructure rather than IT resources.
