Merits Of Cloud Computing
Cloud Computing could be defined as the process of providing certain technological features such as high capacity data storage, contemporary software, massive databases and servers, complex networks and data analytic tools to end users (Armbrust et.al, 2008). Cloud computing services are provided by companies which are termed as “cloud providers”. These services provide an economic way for companies like Aztek in availing vital technological tools, as they are billed for only the services being provided to them. Cloud computing could also be used to host extensive and unceasing access of a shared collection of resources for the end users. These shared resources are made available to the users by the help of the internet. The advantage for the customer in using the public cloud is the ability to access new features and functionalities of state-of-the-art tools and services that may not be availed otherwise. The services offered by the cloud can be accessed in a ceaseless way, without spending a considerable amount on expensive, state of the art hardware, software or other services (Qian et.al, 2009). There are few other reasons why companies like Aztek decide to migrate towards a cloud environment. The expectation that Aztek had while shifting their business critical application and data sources to a cloud based system was that they could gain access to the infinite volume of data that could be availed with no extra effort or budget on maintenance. The ease of use was also crucial in taking the decision for the migration to the cloud based architecture. The speed and bandwidth of a high speed internet connection was considered as the only decisive factor in getting the advantages out of a cloud service. Like most other big corporate companies that serve its customers in the financial sector, Aztek also plans to shift its operations from a dormant working atmosphere based at the office to a ‘work on the move’ model. This shift would have been the major driving force in the management’s decision to migrate its critical applications to an external Cloud based solution. Since Aztek runs its business in a Customer Relationship Management application, it is highly necessary that the users have access to the software and its major functionalities available to them consistently, without any fail. This also happened to be another major influencing factor for the management to take the decision to shift its operations to a cloud hosting service.
Cloud service providers for companies in the financial domain have stringent policies on security issues and make it their prime obligation. The service providers have modern technologies built into the cloud resources that are capable of fighting security breaches and attacks by viruses, malware and other spam (Zhang et.al, 2010). The CSP’s also provide state-of-the-art mechanisms to protect the data and secure them by having efficient backup means.
By migrating to cloud based architecture, Aztek plans to reduce the costs involved in having extra hardware for storing data and business critical technological services. The costs and risks involved in maintaining such a huge repository of hardware could be avoided if the cloud based architecture is adopted (Hayes, 2008).
The Security Concerns Are Answered
The scope of development and expansion would be more if cloud based architecture is adopted. As technology and Information technology innovations are making rapid changes, it is well advised to shift over to the cloud as the company does not have to research or invest on the technological updates and breakthrough designs in hardware (Subashini and Kavitha, 2011).
The financial service sector has always been dynamic in nature, and one that modifies and adapts itself quickly to the changes in the economy. The companies in the financial sector have to stay up to date in technologies mandatorily, that would help them stay ahead of the competitors. Along with these technologies, these companies have to use other state of the art solutions also to serve the customers in a better fashion. It requires a lot of planning and forecasting in the part of the executives and managers of Aztek to stay ahead of its competitors. The major reason for these financial companies in adopting a cloud hosting solution was for revamping and upgrading the business process to meet the growing demand of an ever dynamic economic environment. Cloud computing also helps in better collusion for the clients by allowing constant and ceaseless data access mechanisms (Catteddu, 2010). There is also an increasing demand from the stake holders of companies in the financial domain for better returns of investments. The customers also demand for better services from companies in a cost effective manner. This has forced a lot of businesses like that of Aztek to concentrate on a new model that accommodates and incorporates modern technological tools that are designated to satisfy the needs of the customer. Companies in the financial domain like those of banks or insurance companies find it necessary to advance their operations further and become more customer-centric by catering to the needs of the customer in a more cost effective manner.
The major transition that is expected to happen on companies in the financial sector once they adopt cloud services is the digitizing of trading. Apart from this it is also expected that a better management of wealth and assets, and an improved customer relationship can be attained by utilizing the full facilities offered by adopting the cloud services (Rimal et.al, 2009). Inspite of the various advantages that has been listed out, there has been a certain level of scepticism for the directors of Aztek, just like few other companies around Australia, in the financial domain, to make a complete change and adopt themselves to a cloud based environment. Being in the financial sector, a major cause of concern for Azteks management before the full transition was planned, was to be aware of the industry regulations and the compliance procedures. Being in the financial domain, Aztek’s management had to take into consideration the high level of risks and the strict compliance procedures, according to the government norms and procedures. Since the adoption of the new technology could put the compliance procedures at risk, companies including Aztek seemed to be hesitant at the start, to adopt the cloud technology completely.
Minimal Costs And Risks
The major regulatory authorities for the companies in Australia regarding financial issues are the Australian Securities and Investments Commission (ASIC). The ASIC is responsible for setting forth certain rules and regulations that are intended for protecting the rights of the customer and ensure that the shareholders does not suffer if the company fails to perform according to the expectations. Similarly other governing authorities like the Australian Prudential Regulatory Authority and the Australian Securities Exchange also puts forward a few compliance standards for companies regarding the financial transactions and activities within the country. The Australian Government Information Technology Security Manual (ACSI) is another governing body that pertains to the compliance procedures that are to be followed regarding the Information and Communication technology (ICT) procedures within the country (Ferris and Riveros, 2009). Freedom of Information Act that was passed in 1982 and the Archives Act passed in 1983 also deals with the regulatory norms of Information Technology related norms within the country. The strict compliance procedures put forth by these regulatory bodies and few other rules that pertain to the Information technology procedures were always a stumbling block in the minds of companies in the financial domain to adopt new technologies. The same could be told about Aztek too.
Following these scepticism and indecision in the parts of companies like Aztek in the financial domain, the onus was on the government’s part to make it clear that there was no major reason why companies in the financial could not adopt the cloud based technology services as long as it did not violate any compliance standards.
Though there are innumerable benefits of Cloud Computing which have been already pointed out and discussed, security issues are always a glaring factor for companies who decide to avail the cloud computing facilities. Since cloud computing revolves around the data saved in the internet, there are always chances of a security breach, or the data being tampered by an unauthorized entity (Beard, 2008). A few best practices adopted by cloud computing strategists help in bypassing these security issues and enable the IT personnel to come up with a model that would provide secure data transmission. Any company in the financial domain which decides to adopt the cloud computing services could follow these best practices to overcome the security issues.
- Gain timely and contemporary information about the security issues in cloud computing and be aware of the methods to overcome these issues.
As cloud computing hosts its information in the internet and transmits its services in cyberspace, security issues cannot be ignored. The risks of data being hacked are very much relevant and it can be avoided only by being well informed about the contemporary issues of security in a cloud based environment.
- Provide a mechanism for backing up the data and files in the cloud.
When data and files are being stored in the cloud, it would always be recommended to have a backup mechanism in case of a disruption or a failure. Since the cloud computing mechanism is completely dependent on external entities such as the internet, power supply and back up, a mishap in any of these resources should not affect the progress of the project to any extent (Varia, 2011). A caching mechanism for storing the data and files would be a practical solution in such a scenario to provide a ceaseless and uninterrupted running of the business.
- Realizing the risk factors in storing data in cloud service providers
Scope Of Development
Though security is one the main features that is being concentrated on in the cloud computing technology nowadays, there is an inherent risk of data being lost if a major interruption occurs. Understanding the risk elements in accessing data and services from the cloud helps in assessing alternative options for securing and backing up the critical data.
- Being aware of the changes and new technological updates
Companies like Aztek should focus on the technological modifications and changes in the protocols that the cloud service provider undergoes once the service is offered. There should be a dedicated communication channel within the organization to have the relevant information passed on about the changes that are carried out by the cloud service provider.
- Have a clear segregation of the data and the services that are being accessed from the cloud
There should be a clear understanding of the data and the services that are being provided by the cloud service. Maintaining a clear segregation about the data and the services that are being stored and accessed in house, from the ones that are being accessed from the cloud helps in keeping record of the data that has to be accessed from the backup sources in case of a security breach (Menken, 2008).
The Risk Assessment Plan discussed here intends to create a systematized way to perceive and forecast the risks, evaluate and assess the risks, and determine mechanisms to counter the possible risks. The document is intended to help the managers and the stake holders in identifying the potential threats that Aztek may face during a business critical decision like the transition of their technology to a cloud based environment. The risks that are analyzed here evaluate the different reasons that restrict the decision making capabilities of the management while migrating towards a cloud based environment. The Risk assessment plan compares and quantifies the potential risks to the advantages and convenience which the company may garner in terms of revenue and technological advancements. As discussed earlier the adoption of a cloud based environment would not only increase the storage capacity of their existing repositories for data storage but also increases intercommunication and transmission capabilities and make these channels more effective (Mosher, 2011). While preparing the risk assessment plan a comparison chart has been used to correlate the trade off between the data saving methods. An analysis has been made to check whether saving the business critical data and files in an in house storage is more convenient to a storage mechanism in the cloud servers. The risks being analyzed in the plan pertains to the operations within Aztek and not the cloud provider. But a certain number of risks that are being analyzed in the document could be transferred to the capabilities of the cloud provider and could be considered as the benefits drawn out of the cost spent on availing the cloud services. But the risk assessment plan does not guarantee a relief for other serious calamities in the business such as an unexpected loss or other serious judicial issues.
As a part of a survey that was made by the major players in the financial sector, it was identified that higher authorities of a company were most concerned about security threats in the cloud computing architecture. The other major concern that followed the apprehension about security threats were the compliance procedures that had to be adhered to. These compliance procedures are legal statutes set forth by the government while adopting certain Information and technology tools and services adopted by companies (Tucker and Li, 2012). The IT compliance standards are normally deemed to be intricate in nature and requires an in depth analysis before deciding to start any project or an undertaking that is new. The third prevalent concern for the administration was the security breach notification. These are laws that safeguard the privacy of a customer while using personal or private data. These laws enforce a company to notify and take remedial measures if a breach in data security occurs. In the modern digitized world, data breach is considered as a serious offence and requires prompt remedial measures for rectifying them.
Why To Adopt a Cloud Hosting Solution For The Financial Services Sector?
In the risk assessment plan all these issues are considered in a comprehensive and exhaustive way before discussing on the corrective measures to counter these impending risks.
One of the major risk that Aztek has to face while shifting its IT operations to an exclusively cloud based technology is the lock in procedures followed by the cloud service providers. A lock in is a procedure adopted by the cloud service provider to make the customer completely bank on the services provided by them exclusively. The lock in strategy is adopted in most cases so that customers such as Aztek would remain with the cloud service providers for a long duration without shifting to other vendors fearing the mammoth charges involved in such a migration. From the previous analysis and market studies, it has been inferred by the IT executives and management in Aztek that a lock in can be a cumbersome process which is difficult to be disentangled from. As per the managements studies, it has been proved that once a lock in happens, a further migration to a new service provider is almost completely impractical and extortionate in terms of the costs involved (Leavitt, 2009). Is cloud computing really ready for prime time. Growth, 27(5), pp.15-20.. Considering the impending scenario of Aztek deciding to bypass the lock in restrictions provided by its current cloud service provider and decides to change its data and service repositories to a new service provider, there would be many operation and technological complications to be considered. The major problem that would be faced by Aztek would be that all the data and related service oriented statistical inputs should be transferred to an in house repository first. Once the data has been moved to an in house repository, further measures could be taken to transfer the information and data back to the new cloud service provider’s data repositories. This would involve a lot shuffle and technological changes that would prove to be extremely cumbersome.
While doing a risk assessment of the above problem, it could be inferred that by following certain measures the impending risks could be countered effectively or prevented altogether.
- By having an in depth analysis about the cloud service providers guidelines and instructions about data migration procedures the management of Aztek can have an estimate of the costs that would be involved in case of an impending lock in issue with the vendor.
- Have a prior enquiry about the procedures and methods that the cloud service provider follows currently for its present customers. Scrutinize and evaluate the tools that are being offered for the migration of data that happens in a large scale.
- Enquire about the requirements and specifications that the service providers are following at present. Analyze and evaluate the tools that are being used by the provider for data management also.
One of the major impending threats that Aztek had to take into consideration was the impending loss of governance that companies usually face while migrating to the cloud based architecture. It would always be challenging for a company’s administration, especially one in the financial domain to loss control of crucial elements like the data and services which are provided by the cloud service providers (Khan and Malluhi, 2010). The major things which are deemed to be as risky by the management are listed out as follows:
- The cloud service provider would be holding the control over most of the crucial hardware resources like the data repositories and other storage mediums.
- The components that are being provided by the cloud service provider would not be dedicated to Aztek alone.
- There is no effective mechanism to review the potential clients or the new consumers who would be using the components in the cloud architecture provided by the CSP (Cloud Service Provider).
- The cloud architecture which is being offered to Aztek as SaaS (Software as a service) is not easy to change or personalize as they are already structured according to certain predetermined features.
- The intricate details of the resources that are being offered cannot be seen or reviewed by the cloud service providers. The cloud services are more or less viewed as an end product rather than a technological component that can be altered or managed personally.
The risks that are associated with the loss of control can be countered by having certain strategies that are planned well before the shifting happens to the cloud based architecture.
- The first step to be taken by Aztek in assessing this risk is to have a clear outline about the cloud based architecture and the services that are being availed. Having a clear and better view of the internal working within the black box of the cloud would help the management to have better assurance and to retain control over the cloud services.
- Monitoring the activities and the services of the cloud service provider would also help in securing better control over the assets being accessed by the company.
- Authorize and appoint resources within Aztek, like a dedicated IT team for being answerable for the specific services that are being availed by the cloud. This would enable a closer review of the cloud services being accessed and would also help in regaining control over the resources.
Being in the financial domain, one of the major compliance standard that Aztek had to consider was the PCI security standard. The PCI security standard stands for the Payment Card Industry Data Security Standard that sets forth the compliance and regulations for branded credit cards. Some of the risk factors that Aztek has to take into consideration while keeping in mind the compliance procedures were the location of the data and the way it is going to be stored or sent. The risks associated with the compliance procedures could be bypassed by taking into consideration the following points.
- Organize and segregate the data in such a way that the data that has to be kept very securely has to be kept within the premises and not to be transferred to the cloud (Popovi? and Hocenski, 2010).
- Having an effective incidence response plan would help the company to recover from the threats or any impending risks and analyze on the measures to counter them.
Compliance And Other Regulatory Bodies
Apart from these common issues there are a few other threats that are to be considered before migrating to the cloud based architecture. These risks and the potential mitigation plans are enumerated in the table below:
Risks |
Mitigation plan |
Data corruption while being transferred from the CSP |
A continuous monitoring of the data for violation of its integrity. |
An interruption in the services offered by the CSP |
Analyze the different technological aspects that would help in recovering the data. Provide effective disaster recovery mechanisms for a ceaseless flow of business operations. |
An interruption caused due to a disruption at the Internet Service provider or due to a power failure. |
Have a backup option for restoring the business critical information. Maintain a backup power supply for unexpected power outages. |
A security breach while attempting to access the password protected resources. |
Have a common password protection mechanism enabled in the system which limits the number of times the password can be attempted. |
An attempt to download the secure cloud data through unauthorized access. |
Have a proper channel to review the download procedures. Giving access to only authorized personnel to download the information. |
The major challenge that Aztek has to face while implementing the cloud based strategy is the issue of security that has been already analyzed and discussed. Though an extensive study about the risks and the management of the risks has been done while changing to a cloud based infrastructure, there is always an impending threat in cloud computing. The major threat is that all the data and the resources are stored in the web and could be accessible by any entity that is connected to the same cloud service provider. There will be an attempt to access vital data such as financial information by outside entities that are in the form of rogue projects and malicious users. There is also another relevant problem of having very limited control over the data and the infrastructure of the resources that is being hosted by the cloud service provider. The costs of maintaining a cloud architecture and the maintenance costs for the same are also considerably high.
The flow of data and data security risks are very prevalent in the cloud computing architecture. The major cause of concern in terms of data in the cloud based architecture is because the cloud architecture hosts services or hardware resources externally which have unlimited access to the users private data (Chen and Zhao, 2012). There are a number of issues to be addressed in a cloud based framework which would improve the security of the cloud architecture as a whole
The main issues to be addressed in terms of data in a cloud based architecture is
- Data integrity
- Data privacy
- Data confidentiality
- Data availability
All these issues are concerned with a security breach or an unauthorized access to data. There can be many security issues in case of an unauthorized access happens. There may be issues such as accessing the data or tampering it by malicious users. Most cloud service providers provide security to the data by providing mechanisms to safe guard the data. This could be commonly done by encryption methods. Similarly the other cause of concern is the loss of data due to a catastrophe such as a hard disk or storage failure. There should be enough counter measures to restore the business critical data. As financial data are of utmost importance, these issues should be addressed by Aztek before moving the data to external repositories in the cloud.
References
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I. and Zaharia, M., 2010. A view of cloud computing. Communications of the ACM, 53(4), pp.50-58.
Beard, H., 2008. Cloud Computing Best Practices for Managing and Measuring Processes for On-demand Computing, Applications and Data Centers in the Cloud with SLAs. Emereo Pty Ltd.
Catteddu, D., 2010. Cloud Computing: benefits, risks and recommendations for information security. In Web application security (pp. 17-17). Springer, Berlin, Heidelberg.
Chen, D. and Zhao, H., 2012, March. Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on (Vol. 1, pp. 647-651). IEEE.
Ferris, J.M. and Riveros, G.E., 2009. Methods and systems for verifying software license compliance in cloud computing environments. U.S. Patent Application 12/627,643.
Hayes, B., 2008. Cloud computing. Communications of the ACM, 51(7), pp.9-11.
Khan, K.M. and Malluhi, Q., 2010. Establishing trust in cloud computing. IT professional, 12(5), pp.20-27.
Leavitt, N., 2009. Is cloud computing really ready for prime time. Growth, 27(5), pp.15-20.
Menken, I., 2008. Cloud Computing-The Complete Cornerstone Guide to Cloud Computing Best Practices Concepts, Terms, and Techniques for Successfully Planning, Implementing... Enterprise IT Cloud Computing Technology. Emereo Pty Ltd.
Mosher, R., 2011. Cloud Computing Risks. ISSA Journal, July Issue, pp.34-38.
Popovi?, K. and Hocenski, Ž., 2010, May. Cloud computing security issues and challenges. In MIPRO, 2010 proceedings of the 33rd international convention (pp. 344-349). IEEE
Qian, L., Luo, Z., Du, Y. and Guo, L., 2009. Cloud computing: An overview. Cloud computing, pp.626-631.
Rimal, B.P., Choi, E. and Lumb, I., 2009. A Taxonomy and Survey of Cloud Computing Systems. NCM, 9, pp.44-51.
Subashini, S. and Kavitha, V., 2011. A survey on security issues in service delivery models of cloud computing. Journal of network Catteddu, D., 2010and computer applications, 34(1), pp.1-11.
Tucker, G. and Li, C., 2012, January. Cloud Computing Risks. In Proceedings on the International Conference on Internet Computing (ICOMP) (p. 1). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).
Varia, J., 2011. Best practices in architecting cloud applications in the AWS cloud. Cloud Computing: Principles and Paradigms, pp.457-490.
Zhang, Q., Cheng, L. and Boutaba, R., 2010. Cloud computing: state-of-the-art and research challenges. Journal of internet services and applications, 1(1), pp.7-18
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2022). Cloud Computing And Its Applications In The Financial Domain: An Essay.. Retrieved from https://myassignmenthelp.com/free-samples/itc596-it-risk-managemnet/merits-of-cloud-computing-file-A97ACD.html.
"Cloud Computing And Its Applications In The Financial Domain: An Essay.." My Assignment Help, 2022, https://myassignmenthelp.com/free-samples/itc596-it-risk-managemnet/merits-of-cloud-computing-file-A97ACD.html.
My Assignment Help (2022) Cloud Computing And Its Applications In The Financial Domain: An Essay. [Online]. Available from: https://myassignmenthelp.com/free-samples/itc596-it-risk-managemnet/merits-of-cloud-computing-file-A97ACD.html
[Accessed 19 August 2024].
My Assignment Help. 'Cloud Computing And Its Applications In The Financial Domain: An Essay.' (My Assignment Help, 2022) <https://myassignmenthelp.com/free-samples/itc596-it-risk-managemnet/merits-of-cloud-computing-file-A97ACD.html> accessed 19 August 2024.
My Assignment Help. Cloud Computing And Its Applications In The Financial Domain: An Essay. [Internet]. My Assignment Help. 2022 [cited 19 August 2024]. Available from: https://myassignmenthelp.com/free-samples/itc596-it-risk-managemnet/merits-of-cloud-computing-file-A97ACD.html.