Cloud Computing Essay -- Technology, Cyber Criminals

IntroductionOver the past several years the term cloud cipher has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. in that respect are three types of cloud function typically available, these operate are Platform as a helper (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the pauperism to buy and manage physical resources. Although much(prenominal) an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come along with the adoption of cloud computing. In addition, I will discuss standards and policies that effectively manage the risk associated with cloud computing.Threats & VulnerabilitiesThe abuse and nefarious use of cloud computing is a threat to any organization that takes advantage of cloud services. Most providers of cloud services make it all too easy for cyber criminals to register for service, all that is need to register for service with many providers is a valid credit card (Cloud Security Alliance, 2011). In addition to the ease of registration providers offer free trials of their services allowing attacker to carry out attacks covertly on cloud services. By gaining such access cyber criminals can deploy malicious code, abuse known exploits, and shoot spam messages to those that are sharing the same resources.Organizations are aware that threats can be internal as well as external, those that provide cloud services are no exception. The people who the service providers employ can pose... ...ncy use(CIO, 2011).FedRAMP is not alone in the effort to create standards regarding cloud computing. The National Institute of Standards & applied science (NIST) has published two draft publications specificall y related to cloud computing. The first document, Special Publication 800-145 (Draft), has been created provide the NIST definition of cloud computing. The NIST has defined as the followingCloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with marginal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models. (NIST, 2011)