Cloud Computing Essay -- Technology, Cyber Criminals

IntroductionOver the past several years the term veil computing has gravel common in homes and organizations alike. obnubilate computing can be defined as a pooled set of computing resources that atomic number 18 furnished via the internet. There atomic number 18 three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and parcel as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an feat cuts cost it leaves organization victim to the vulnerabilities and holy terrors that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come along with the adoption of cloud computing. In addition, I will discuss standards and policies that effectively manage the risk associated with cloud computing.Threats & VulnerabilitiesThe abuse and nefarious use of cloud computing is a threat to any organization that takes advantage of cloud services. Most providers of cloud services make it all too easy for cyber criminals to history for service, all that is need to register for service with many providers is a valid credit card (Cloud Security Alliance, 2011). In addition to the ease of registration providers offer free trials of their services allowing aggressor to carry out attacks covertly on cloud services. By gaining such access cyber criminals can deploy malicious code, abuse known exploits, and send junk e-mail messages to those that are sharing the same resources.Organizations are aware that threats can be internal as well as external, those that provide cloud services are no exception. The people who the service providers employ can pose... ...ncy use(CIO, 2011).FedRAMP is not alone in the effort to create standards regarding cloud computing. The National Institute of Standards & Technology (NIST) has publish two draft publications spe cifically related to cloud computing. The first document, Special Publication 800-145 (Draft), has been created provide the NIST definition of cloud computing. The NIST has defined as the followingCloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal wariness effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models. (NIST, 2011)