Disaster recovery plan
Develop a Complete Disaster Recovery Plan to be submitted to the executive board of your company.
Only MS Word ( , x) and Adobe Acrobat (PDF) formats are acceptable. Please note that this is a formal writing, all references (peer-reviewed) mostly must be cited appropriately within the text and clearly avoid plagiarism. The paper should have a minimum of 10 pages, 1.5 spacing and Times New Roman font. A minimum of 5 peer review references must be provided. Reference style is APA. You can also have some web references alongside the stated requirement. Please see class syllabus for additional details
Discussion
Discuss how organizations have faced the challenges that incident handlers are challenged with in identifying incidents when resources have been moved to a cloud environment.
Assignment
Project Strategies for disaster recovery
Cloud is a huge network environment that is very difficult to handle. Many organizations face a lot of challenges as the incident handler’s face when the event resources have moved to the cloud environment. The first problem is the lack of network device control. With all the resources moving to the cloud, it is less accessible and lack of control of network device. This is because, there are no firewalls, intrusion detection sensors or other proxies to detect any anomaly of events. Another issue could be with access to the security information in log management and correlation because most of the logs generated from the activities within the environment are stored in the cloud. The next issue is not knowing the location of data in the cloud. When we use the cloud, we probably won’t know exactly where our data is hosted (Kandukuri, B. R., & Rakshit, A., 2009). One of the most important challenges could be the inability to access event data. Some of the attacks could include Denial of Service (DoS) attacks where you cannot access your own cloud infrastructure. Application attacks are in which to access the event information you have to install a web application firewall. It is not easy to determine, which data sources are relevant for incident detection especially for SaaS and PaaS (Tyagi, A. K., & Niladhuri, S., 2016). Misdirection of abuses/incident reports is another issue faced by the customers of an organization. There should be a clear understanding between the CSIRT handling team of a customer and some incident handling capability of the CSP. Because of resource pooling, it may be difficult for the CSP to find out, to which of his customers the report refers (Tyagi et al., 2016). Cloud computing also has numerous security issues as it encompasses several technologies like networks, databases, operating systems, resource scheduling, load balancing, concurrency control, and management.
References
Tyagi, A. K., & Niladhuri, S. (2016, August). Providing trust enabled services in vehicular cloud computing. In Proceedings of the International Conference on Informatics and Analytics (pp. 1-10).
Kandukuri, B. R., & Rakshit, A. (2009, September). Cloud security issues. In 2009 IEEE International Conference on Services Computing (pp. 517-520). IEEE.