Machine Learning Techniques and Analytics for Cloud Security. Группа авторов

Читать онлайн.
Название Machine Learning Techniques and Analytics for Cloud Security
Автор произведения Группа авторов
Жанр Программы
Серия
Издательство Программы
Год выпуска 0
isbn 9781119764090



Скачать книгу

is considered more secure than public cloud as it provides greater control over the data but still data leakage, corruption, improper or unauthorized access, and data deletion can only be handled by secure channel, access control, data validation, and encryption. By doing the vulnerability management also security can be enhanced [32]. Risk assessment is often done to reduce vulnerability.

      1.6.1 Role of Human Error in Cloud Security

      As discussed, 95% of error in cloud security happens because of human error. Most of the time errors are not intentional but lack of seriousness, lack of overall knowledge of the system, poorly configured servers, misconfiguration, absence of proper authorization, etc., are players behind error generation. As a result, human expertise is not always believed to make safeguards against security threats. New kind of services and technologies are evolving every day for providing better services. There are automated security tools which can scan cloud configuration regularly and can enforce security policies which will not let intruders to get access.

      1.6.2 Handling Security Challenges

      When any organization is planning to deploy hybrid cloud, some box of tricks needs to apply to reduce the security threats. Though cloud vendors generally provide security measures but still they see the task as shared responsibility, also in case of multi-tenant cloud security algorithms are not same for all vendors. So, planning and standardization of all activities can handle security challenges to a great extent. Some best ever practices are as follows:

       Encrypt all data: Best possible means to secure data is to do the encryption. Encrypt all data irrespective of their location. In hybrid cloud, data often move between two or more clouds and in transit data is vulnerable. Encrypted data is less likely to be compromised. Selective encryption can be more vulnerable as it is easy to identify which is encrypted and which is not. Target selection becomes easier in this case and data becomes more susceptible to threats.

       Strengthen authentication and authorization process: Access to data should only be provided to authenticated user. Unnecessary and unauthorized access has to be prevented. In hybrid cloud, different applications run on different cloud, so access rights of different customer will not be same.

       Customer awareness: One of the most important part in security as it can reduce human error to some extent. Customers should follow common guidelines for accessing data and services. They should be aware of the security threats and will take measures accordingly. They should use strong passwords and prevent access to sensitive data by any unauthenticated application.

       Application of standardized process: Uniform standards have to be maintained; it should not be like any one can use anything. Network configuration, password structure, firewall setup, auditing and monitoring, and database maintenance everything need to be regulated. Regular updation of OS and applications is essential.

       Strong disaster recovery plan: Though event of system or application failure in hybrid cloud is much less than other cloud, but still it can happen. Disaster recovery plans should take action in those scenarios. Regular backup and configuration of failover system should be a part of disaster recovery plan.

       Employ right security personnel: Infra and network administrators have the most vital role to play in hybrid cloud computing. Employment of correct personnel with adequate knowledge and experience can apprehend potential threats beforehand and therefore can accommodate the system accordingly.

       Endpoint security: Hybrid cloud has more endpoints than on-premise system. Each open endpoint is also entrance for potential attackers. Strict security measures should be application for all inbound data.

       Multi-faced approach: It basically deals with both internal and external vulnerabilities. Protecting our network from external threats is not enough here, we need to concentrate on the internal threats also as the frequency of internal threats is higher than external and also it has bigger effect onto the organization.

       Pervasive encryption: It is a consumable approach for in flight and in rest data encryption. Huge amount of data can be encrypted easily and in cost-effective way. IBM Z15 is a platform which provides pervasive encryption in digital enterprise [26].

      1.7 Use of AI in Hybrid Cloud

      But is this adaptation sustainable is a million dollar question. Some experts commented that use of AI is a fashion. But the easy-to-use nature and strong data mining methods makes is worthy. Now, what about data privacy? Is the use of AI has any role to play in data privacy? The answer is yes. In this case, AI has a major role to play. It can analyze the attacker’s behavior and attacking pattern and accordingly can guide the network admin to take corrective steps and measures.

      Mainly, AI requires large amount of data for their data mining operations and these data may come from several sources some internal and some external. When AI is used in public cloud, we might hesitate to use the data which is highly secure. But the quest for data of an AI engine is huge, as a result potential threats may arise. In July 2019, an incident was happen between AWS and financial giant Capital One. A person was arrested for hacking the data from the server of Capital One containing customer financial information. That person was a former employee of AWS. Capital One uses AWS for sorting the data and also on top of cloud; they built their app for analyzing the data. FBI then called and they investigated that there was some issue in the firewall of Capital One, buy using which the intruder has gain access to the data. AWS quickly responded that there was no issue from their end and Capital One rectifies the misconfiguration in the firewall. But the data breach has already happened. So, cloud security still in immature state as old approaches for securing internal data does not go the cloud. Here comes the hybrid cloud. Data security can be ensured efficiently and adaptation of AI-based technologies is also possible as internal data are kept hidden in private data centers, public cloud has no access to it.

      Nutanix [27] provides a solution which is a turnkey for infra, aps, ops, and disaster recovery. A ready-made platform which helps to make a secure private cloud, streamline manual boring data operations, provides less complex management of database by using a single policy for all data, manages data in a better way by storing all data in a single storage, secures all data by providing visualization of policy and traffic works in different segments, detects and quarantines infected portion of the network, automates IT operations with the help of AI and ML, and does periodic backup of all data. This type of solution is highly