An introduction to web applications architecture



Yüklə 1,71 Mb.
səhifə16/18
tarix02.06.2023
ölçüsü1,71 Mb.
#121991
1   ...   10   11   12   13   14   15   16   17   18
an introduction to web applications architecture

Risks of the cloud
Moving applications, services and data from a closed private environment onto the public cloud presents a complex set of issues for developers. Instead of dedicated IT equipment under close supervision, applications, services and data are hosted on shared resources with little direct control of where those resources are located.
Arising from this move to shared resources, here’s one possible list of risks – you may have come up with something different.
1 Unauthorised access to applications, services and data
Once an organisation moves applications, services and data onto a public cloud, they now have to worry about not only unauthorised access by their own staff but also the vendor’s staff. More people have access to the applications, services and data, and systems that support these, which means the organisation has to extend trust to people they have no control over.
The risk of intrusion by other organisations resulting in the loss or theft intellectual property, for example, also increases when they use a public cloud.
2 Legislation and regulation
Organisations that are subject to data security legislation are required not only to protect the data, but also typically required to know: (1) Where the data resides; (2) Who is allowed to access it; and (3) How it is protected.
If an organisation moves the processing and storage of data that it is required to protect onto a public cloud, then it is relying on a cloud service provider to maintain their compliance. If the organisation does not have adequate legal protections, then it may be liable when there is a data breach at the cloud service that exposes the organisation’s data.
In other words, although an organisation’s data is residing on a provider’s cloud, the organisation is still accountable to their clients for any security and integrity issues that may affect their data and therefore the organisation must know the standards and procedures the provider has in place to mitigate the organisation’s risk.
Back to Session 2 Activity 2

Yüklə 1,71 Mb.

Dostları ilə paylaş:
1   ...   10   11   12   13   14   15   16   17   18




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin