Use of the cloud for data storage has grown exponentially.
Picking some of the topics in Chapter 16, find an article that discusses cloud security and/ or data breaches
Discuss how the company approached the problem or what they should have had in place based on the NIST standards.
Cloud Security and Countermeasures
Cloud protection has been a warm theme with the introduction of the Microsoft imparting of the Windows Azure platform. One of the quickest methods to get your head around security is to reduce to the chase and seem to be at the threats, attacks, vulnerabilities and countermeasures. This post is a look at threats and countermeasures from a technical perspective.
The factor to keep in thinking with security is that it’s a matter of people, process, and technology. However, focusing on a particular slice, in this case the technical slice can help you get results. two The issue to hold in thinking about protection from a technical aspect is that you also want to think holistically in terms of the application, network, and host, as nicely as how you plug it into your product or improvement life cycle. For data on plugging it into your lifestyles cycle, see the Security Development Lifecycle.
While many of the identical security troubles that apply to running purposes on-premise additionally apply to the cloud, the context of jogging in the cloud does alternate some key things. For example, it may suggest taking a deeper look at claims for identity administration and get entry to control. It would possibly mean rethinking how you suppose about your storage. It can imply wondering greater about how you access and control virtualized computing resources. It can suggest thinking about how you make calls to services or how you shield calls to your own services.
The National Institute of Standards and Technology is a non-regulatory government agency that develops technology, metrics, and requirements to power innovation and economic competitiveness at U.S.-based companies in the science and technological know-how industry. As phase of this effort, NIST produces requirements and suggestions to help federal businesses meet the requirements of the Federal Information Security Management Act (FISMA). NIST also assists these groups in defending their records and information structures via in your price range programs. (Wang, J., & Kissel, Z. A. 2015).
Specifically, NIST develops Federal Information Processing Standards (FIPS) in congruence with FISMA. The Secretary of Commerce approves FIPS, with which federal companies ought to comply federal agencies might also now not waive the use of the standards. NIST additionally offers practice files and pointers through its Special Publications (SP) 800-series. The Office of Management and Budget (OMB) policies require that businesses have to comply with NIST guidance, except they are national protection packages and systems.