This research paper aims to examine the security aspect within the Cloud computing model with emphasis on measures to protect sensitive customer centric data hosted in the Cloud. Cloud computing is a relatively new technology that provides users with the means of storing and retrieving data anytime and from any location. It is a model for enabling ubiquitous computing access to a shared pool of configurable computing resources. Cloud computing is designed and organized in a manner to purposely allow users to leverage full customization benefits as per their requirements. However, certain architectural qualities of this model can cause weaknesses and flaws in the Cloud environment thus, allowing potential attackers to benefit through use of loopholes in the system. These loopholes provide opportunities to attackers allowing them to abuse the system in ways such as generating botnets quickly, hijacking accounts and account information and leaving vulnerabilities for malicious hackers to use to their advantage in attacking the system. This paper therefore focuses on security measures like Data Storage, Regulatory Compliance, Intellectual Property Rights Protection, Reliability, Infrastructure Downtime, Redundancy and Data Backup issues that further need to be addressed in detail and in accordance to one's risk appetite. It is the level of security and safety, which information technology (IT) managers and professionals expect for protecting data and software applications, including privacy of personal data, as well as safety and security of the hardware equipment. While a day to day user might be oblivious to the importance of security considerations in a Cloud environment, organizations involved in the management of sensitive data would consider it worthwhile to diligently implement provisions to ensure their sensitive data is not breached in any way either by the Cloud provider or while data is in transit. Financial organizations in particular seem to be paranoid by such security considerations and invest substantially to ensure the required Service Level Agreements (SLAs) along with proven security measures such as Asymmetric Encryption based on Advanced Encryption Standard (AES), Hashing, Digital Signature and Hardened Virtual Server Images etc. are in place before moving data to the Cloud provider.
Cite this article:
Sunil K. Bedi. Security Measures to Protect Sensitive Customer Data in Cloud Computing. Asian J. Management; 2017; 8(1):12-18. doi: 10.5958/2321-5763.2017.00003.8