7.4.8 Lab – Recommend a Cloud Security Solution Answers

7.4.8 Lab – Recommend a Cloud Security Solution

Objectives

• Part 1: Research and Recommend a Cloud Model and a Cloud Service ModelPart 2: Identify Shared Responsibility for Cloud Services and Cloud Security
• Part 3: Identify Five Security Threats Related to Cloud Computing
• Part 4: Identify Five Security Measures for Deploying eCommerce in Cloud

Background / Scenario

In this research-oriented lab, you will research information about cloud computing security and prepare for a recommendation for an organization that is deploying their eCommerce option to the cloud.

A startup company is considering a cloud solution for their eCommerce business. The company designs and sells customized clothing and home decoration items to customers around the world. The company hopes the cloud solution can provide key functions including:

• Product search and display with multiple presentations (searching, zooming, and viewing from different angles, etc.)
• Product ordering (order confirmation, delivery tracking and notification, order history, etc.)
• Customer service
• Advertising and promotion
• Sales tracking and reporting

As an IT security specialist, you are asked to research and prepare a report evaluating potential cloud solutions and their security implications.

Required Resources

A computer with internet access

Instructions

Part 1: Research and Recommend a Cloud Model and a Cloud Service Model

Cloud models include public cloud, private cloud, hybrid cloud, and community cloud. Cloud service models include Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).

Which cloud service model would you recommend to meet the feature requirements of the company? Explain.

Answer may vary. Typical answer for cloud model should be public cloud because the customers are around the world. The cloud service model should be SaaS.

Part 2: Identify Shared Responsibility for Cloud Services and Cloud Security

Think about shared responsibility for security between the company and a cloud provider for the cloud service model recommended. Use the table below and mark each box with Client, Shared, or Cloud Provider.

Record your chosen cloud service model:

Answers will vary. Your choices are SaaS, PaaS, and IaaS. In this example, SaaS is used. For a typical public SaaS model, the cloud provider is responsible for the operation and uptime for all cloud services the company uses. For security implementation, the shared security responsibility should be similar to the table below.

Enter the security responsibilities for your chosen cloud service model:

Part 3: Identify Five Security Threats Related to Cloud Computing

List at least 5 security threats related to cloud computing.

Part 4: Identify Five Security Measures for Deploying eCommerce Cloud Solution

Perform an internet search to find out security measures required to secure an eCommerce cloud solution.

Answer may vary. From the company (cloud service user) perspective, there are several security measures that are critical to the success of eCommerce, including:

• Company Security Policy
• Proper and sufficient IAM configuration
• Firewall (deny/allow rules) and virtual IPS configuration
• Data security (encryption, digital signature, digital certificate)
• Use secure web interface, HTTPS with SSL/TLS
• VPN for remote access to manage services
• VM hardening measures

Reflection Questions

What are some benefits of deploying online services in cloud?

Answer may vary. Some benefits of using cloud computing include:

• Cost Savings
• Security
• Flexibility
• Mobility
• Increased Collaboration
• Disaster Recovery
• Automatic Software Updates

Can the company rely on the cloud solution provider for everything including services and security? Explain.

Answer may vary. The answer should be no because, due to the cloud computing nature, it is a shared responsibility between a cloud service provider and its customers (clients).