Report/Journal
2500 words
– Intent:
Analyzing Cloud Risks and Regulations to build competency in the legal and
regulatory compliance requirements and the analysis of security risks and threats for
cloud computing.
Tasks
– Individually analyze cloud risks and threats. Then investigate how these are
related to government regulations for a cloud system.
– Include awareness of local and international differences in legal requirements
on cloud data security, privacy and storage.
– How do you plan to drive and articulate concerns that must be considered with
any cloud solution?
– What are your main concerns with moving to a cloud environment?
– What are the initial steps you will take in this evaluation?
– What aspects does the management need to consider and analyze?
– What aspects does the operation team need to consider and analyze?
– What issues from a legal and regulatory standpoint will this move incur?
– What privacy acts and regulatory requirements are you subjected to? Include
awareness of local and international differences in legal requirements on cloud data
security, privacy and storage.
– What technical concerns and issues will likely come into play with this scenario?
– Investigate critical cloud security threats and risks associated with relevant
aspects of the possible move from a traditional data center to a cloud environment.
– How do you formulate a plan to consider a cloud for Business
Continuity/Disaster Recovery (BCDR) solution, and what impacts might this have on
the current hosting model being employed?
– Articulate your understanding of contractual security service level agreement
(Sec SLA) between a cloud customer and its cloud provider in establishing their
respective roles and responsibilities in relation to the regulatory and legal
requirements in searching, identifying, collecting and securing electronic data and
records. Please note that your report is about addressing the issues raised in the
questions above in a coherent manner and presenting the findings and
recommendations in the manner that assists the
management to make the right decision. The report is not about answering these
questions directly point by point.
References
References to Australian Government’s Cloud Computing and Cloud security.
ACSC Cloud Computing Considerations.pdfDownload ACSC Cloud Computing
Considerations.pdf
ACSC Providers.pdfDownload ACSC Providers.pdf
ACSC-for tenants.pdf Download ACSC-for tenants.pdf
AWS References:
AWS Cloud SecurityLinks to an external site.
AWS Risk and ComplianceLinks to an external site.
AWS ComplianceLinks to an external site.
AWS Threat Detection and MonitoringLinks to an external site.
Report
You have just been hired to lead the security team for a major cooperation. Your
company is just
beginning the evaluation of public cloud platforms to determine the feasibility of
moving its
traditional data center to a cloud environment. You have been asked to evaluate these
platforms
from a security perspective.
You are to investigate all relevant aspects associated with the move to a cloud
environment with an
emphasis on analyzing and assessing security risks and threats of cloud environment,
investigating
how these risks are related to legal, policy and regulatory requirements associated
with the cloud
environment.
You are to present a comprehensive report that includes adequate analysis to the
management of
your company for its final decision on the move with a clear understanding of the
costs and the
NOTE: Refer to the AWS references and use AWS security models in your research,
data collection and analysis.
Plagiarism
We take plagiarism very seriously. Why you shouldn’t plagiarize?
• I will use plagiarism detection software to check that you did not copy parts of
the solution from previous submissions, other students in the
class, online forums and other online resources.
• You could receive 0 marks for the assignment or fail the unit if you plagiarize.
• If one student in the group commits plagiarism in this group assessment, all
group members maybe subject to the formal misconduct procedure of the
University.