Information Technology Reference
In-Depth Information
A major DDoS attack will quickly load up the servers with requests and perceived traf-
fic, which would make the system provision more and more resources in order to cope. The
problem here is that the attack will not exactly cripple the system; it will just keep on pro-
visioning more resources. The result is a massive spike in cost due to the spike in resource
provisioning. If this goes unnoticed, it could really rack up costs, so it is important to
watch out and plan for potential risks in a system that seems foolproof because sometimes
strengths can be turned into weakness.
All systems have vulnerabilities; the most secure ones are simply the ones that are best at
hiding them. In this regard, the practice of vulnerability management should be considered.
It is a security practice that has been specifically designed to proactively mitigate or totally
prevent the exploitation of IT assets by external or internal threats. Vulnerabilities are first
identified and classified, and then solutions are formulated. The solutions are then applied
as patches on those vulnerabilities.
Because vulnerability management and other security measures are ongoing and we are
unable to bring a system offline, properly scheduled server maintenance for patching should
be considered. The fixes to vulnerabilities should also be well tested before application to
prevent unexpected results, especially downtime.
Securing Data in the Cloud
Information has always been the biggest source of power in the history of man, and it is
no surprise that people are always trying to steal it. To counter that, we are inventing new
ways of keeping it safe. In the modern computer age, we became good at keeping data safe
within our own cavernous data centers, away from prying eyes and sticky fingers. But the
age of cloud computing threatens to destroy this security and expose our precious data
by hiding it in public, in plain view of anyone who knows what to look for. That notion
is indeed warranted, so we have to find new and unique ways for data management and
security in the cloud.
Data becomes vulnerable in the cloud mostly during transport because it has to travel
through public channels like the Internet. However, when it reaches its destination, which
is most likely a remote cloud data center, then it is just as safe as if it were in the company's
in-house data center, so the problem now is how to secure data for transport when it needs
to be out of the firewall.
Transporting data via a virtual private network (VPN) is often the best way to make
your transported data invisible because you are essentially making the public web your own
private network. Of course, encryption has to be put in place, and the complexity of that
encryption would depend on the governance requirements of the data being transported.
Some organizations will probably opt for a private cloud infrastructure so they can main-
tain control of their data while enjoying most of the functions of a cloud infrastructure, but
not necessarily all of the benefits. A hybrid cloud can also be good choice, to have the best of
both worlds. Sensitive data can be safe within the private cloud, while other data can come
and go through the public cloud.
Search WWH ::




Custom Search