Response 7-1 (DR)
Note: Need to respond to this post whether we are agreeing or not. If so why we are agreeing if not why we are not agreeing. Need it with peer reviewed refernces in 200 words.
Using the cloud environment provides user with added benefits such as minimizing costs of IT, ease in collaboration with others, updates are automatic and so on, due to these advantages’ organizations are moving to a cloud environment. But as we have positives of using cloud environment there is also a downside to using it which can be a challenge for organizations and needs to be taken care of. “Security incident handling, an integral part of security management, treats detection and analysis of security incidents as well as the subsequent response (i.e., containment, eradication, and recovery.) Existing processes and methods for incident handling are geared towards infrastructures and operational models that will be increasingly outdated by cloud computing.” (2010)
As cloud environment is a technology that is shared between different users and using the resources freely and using them without paying for it is a task for incident handlers. As the resources are being share among multiple users it can be difficult and can make things complicated for everyone. To understand the challenges better and to overcome that incident handlers need to understand the basics of cloud computing along with knowledge of the network configurations and cloud infrastructure. The security measures and parameters of cloud environment are a difficult concept and can be challenging for incident handlers. Cloud environment has various security concerns as it includes number of technologies within it such as databases, operating systems, network, resource, load balancing etc. This can put lot of responsibility onto the incident handlers as security becomes a big issue and they need to take measures to minimize issues that might arise and work to solve them.
The organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a cloud environment are –
1. The incident handler needs to be communicated so that they can contain the incident and organizations needs to be aggressive with the communication so that they can stop user access to cloud services.
2. In case situation can’t be solved immediately, organizations can set up alternative environment for the meantime as it will not delay important work.
3. The recover can be easier if there is a proper recovery plan, sometimes its easier to instantiate new service until services are restored.
Deepak Kumar, Amit Kumar Tyagi , Sadique Nayeem Handling of Incident, Challenges, Risks, Vulnerability and Implementing Detection approaches inside the Cloud retrieved from https://pdfs.semanticscholar.org/9067/ecd8f0c1dfe81d4825f6259e816dd12e462c.pdf
Ab Rahman, Nurul. (2014). A survey of information security incident handling in the cloud. Computers & Security retrieved from https://www.researchgate.net/publication/269403060_A_survey_of_information_security_incident_handling_in_the_cloud
Grobauer, Bernd & Schreck, Thomas. (2010). Towards incident handling in the cloud: Challenges and approaches. Proceedings of the ACM Conference on Computer and Communications Security retrieved from https://www.researchgate.net/publication/221609800_Towards_incident_handling_in_the_cloud_Challenges_and_approaches