Machine Learning Techniques and Analytics for Cloud Security. Группа авторов
Читать онлайн книгу.
AWS Outpost: The pricing of Amazon is very inscrutable. Though it offers a cost calculator, many variables involved here make it very difficult for proper estimation [23].
Azure Stack: Microsoft Azure is also complicated software. The licensing options and their uses are applicable in specified case discounts. The pricing structure is also difficult to understand of this provider.
Google Cloud Anthos: The pricing of Google is different. It offers are customer-friendly. So, it provides the least price than that of the other providers. It also provides huge discounts and flexible contracts to fulfill the purpose of customers.
1.4 Hybrid Cloud in Education
Apart from business sectors, educational institutions can also take help of the hybrid cloud for extending their on-premise legacy system [31]. They can build some application on to the public cloud to student data management, resource management, employee data management, etc., at ease releasing their IT team to do some other jobs. An example can be some database of the student can be kept on-premise server while front end web applications for the students can run onto the public cloud. Based on specific performance or regularity needs, they can also move workloads dynamically between public and private cloud may be for the specific period of time. Student and staff and institutional data are very sensitive; they can be kept secure behind with their own firewall and antivirus. Whereas with the help of the public cloud, several attractive features can be provided, like job getting opportunity trend, research work prospect, and study and lecture material of renowned professors, virtual labs, etc., without installing any additional hardware or software solution system. Thus, by using “Build the base rent the spike” deployment model, they can save the money. But security policies have to be strict. Applications and infrastructures should be guided by different security policies. Edge systems like email server, web server, and routers should be kept protected as they can communicate with inside and outside the organization.
1.5 Significance of Hybrid Cloud Post-Pandemic
Adaptation of cloud-based services has grown tremendously after pandemic. Due to COVID-19, every sector faces losses. Rapid shifting of business into online mode is the current requirement. Organizations that have legacy infrastructure on premise cannot shift to public cloud in a day and security also is a matter of consideration. As a result, hybrid cloud is the most preferred solution.
In COVID-19 pandemic situation, the world is compelled to move for remote work. So, the video conferencing is tremendously increasing and all the related data moves to the cloud. Enterprises are considering the cloud as a digital transformation engine and as well. As the work is done remotely, the jobs are majorly done in cloud infrastructure. Collaboration with Microsoft Teams or Google Meet becomes very strong with the companies in broader cloud ecosystem [17].
Hybrid cloud has an aspiration to achieve target for companies. Companies are well aware about their vendors and they want to transfer their applications to clouds. The multi-cloud conception is yielded among different vendors. The vendor plug with many clouds like VMware or Red Hat [17, 18].
Customers are getting tackier to the cloud service providers as more and more corporate data are stored on the cloud. It is known that cloud computing vendors are trying enterprises to use their platforms to accumulate data from everywhere.
IoT, AI, edge computing, and data analytics will make difference among the top cloud service providers. The market share grab has largely gone to AWS, which was early, adds services at a rapid clip, and is the go-to cloud service provider. AWS’ ability to upsell to AI, IoT, and analytics will be critical. Microsoft Azure Stack is also looking to differentiate via AI and machine learning [18].
If we look at the records provided by IDC, in the year 2020, public cloud expenses have made a mark, for the first time, it has left behind old-style IT structure. An increase of 34.4% has been recorded in cloud including private and public. Whereas traditional IT infra fall out by 8%.
Public hybrid cloud providers have the gap of capability between hyper scale cloud providers. Competition for enterprise workloads yields secondary markets throughout the world. The cloud service providers like Microsoft Azure Stack, AWS Outpost, and Google Cloud Anthos have become financially strong.
1.6 Security in Hybrid Cloud
A properly designed, managed, and integrated hybrid cloud is considered to be as secure as on-premise infrastructure. But reality is bit different. Gartner and WSJ [7] have recently reported that 95% data breaches occur in cloud computing due to human error. Here, in hybrid cloud, also human error plays a crucial role. Misconfiguration, misunderstanding of system use, and accidental data sharing all results threat to security. Security is essential in all application areas. Suppose in healthcare organizations patients’ data should be kept hidden. Pathological reports of any patient are not expected to be accessed by any unauthenticated person. Similarly in financial industry, trust is the most important factors. Details of all customers’ sensitive data have been kept like their income related info; their identification info their tax related document everything has been kept there. Customer should feel protected about their data. It happens in all sectors. With the help of public server and data centers, the business world is forwarding toward a new server free era but security measures have to be adjusted so that it can reap up ultimate technological and financial benefits. Since hybrid cloud is a “one size fits for all” solution for business development, it is advisable to look into the security issues more closely as threats to sensitive data might cause problem. Here is a list of issues specific to hybrid cloud security [11]:
Authority: In hybrid environment, multiple functioning components scattered through private and public cloud. Multiple services can also be taken from multiple public clouds. So, customers of hybrid cloud should decide the governance rule for components, functions, and data beforehand both for private and public cloud.
Portability: Supporting infrastructure must be there so that applications and data may move between public and private cloud. Data portability causes additional risk in hybrid cloud. Private data can be made secure by applying encryption techniques but when portability is allowed then who will be responsible for the protection of data in transit need to be addressed.
Presence of multiple interface: Multiple cloud may be present in a network and each of them most likely is to have their own set of security and privacy policy compounds. This acts as a back door for data breaching in case of hybrid cloud.
Lack of separation wall: Cloud customers have seamless access to private and public resources. As a result of that, sometimes, intruders take an indirect entry to penetrate the delicate data.
Security issues handling: Reporting and subsequent measures for security issues need to be shared to the customer as well as service providers so that they will be extra cautious from the next access. Sometimes, customers face unacceptable delay due to security issues, so in the SLA, it should be mentioned when and how they will be notified.
Application and data protection: Protections offered by the cloud providers are getting stronger day by day but still they are not enough. Advanced security information and event management (SIEM) solution need to be implemented.
Vendor lock-in: Sometimes, due to lack of scalability or security issues, cloud needs to be shifted from one vendor to other vendor. If the cost of switching is so high that the customer is forced to stick to the origin, it is known as vendor lock-in. Avoiding vendor lock-in needs to be included in the business policy.
Guard against shadow IT practice: Sometimes, within the organization, some person or departments are using sensitive data without the knowledge of the security group. This is called shadow IT practice, and often severe risks are associated with it.
Although