Applying Security Policies in Small Business Utilizing Cloud Computing Technologies

Applying Security Policies in Small Business Utilizing Cloud Computing Technologies

Louay Karadsheh (ECPI University, USA) and Samer Alhawari (Applied Science Private University, Jordan)
Copyright: © 2011 |Pages: 12
DOI: 10.4018/ijcac.2011040103
OnDemand PDF Download:
No Current Special Offers


Over a decade ago, cloud computing became an important topic for small and large businesses alike. The new concept promises scalability, security, cost reduction, portability, and availability. While addressing this issue over the past several years, there have been intensive discussions about the importance of cloud computing technologies. Therefore, this paper reviews the transition from traditional computing to cloud computing and the benefit for businesses, cloud computing architecture, cloud computing services classification, and deployment models. Furthermore, this paper discusses the security policies and types of internal risks that a small business might encounter implementing cloud computing technologies. It addresses initiatives towards employing certain types of security policies in small businesses implementing cloud computing technologies to encourage small business to migrate to cloud computing by portraying what is needed to secure their infrastructure using traditional security policies without the complexity used in large corporations.
Article Preview

1. Introduction

At this time, organizations are expected to gain an increased in competitiveness and chances to focus their efforts and use their resources on their core competence. Therefore, cloud computing is defined as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” (Mell & Grance, 2010). Furthermore, cloud computing enables dynamic provisioning of resources based on the requirements of the user (Yogesh & Navonil, 2010). In a recent study, Cloud computing is not a new technology, but it is a new way of delivering technology. It is a new way of executing business applications by relying more on a third party’s infrastructure, then local infrastructure (Srinivasan, 2010). In addition, the implementation of cloud computing is definitely accelerating (Cervone, 2010) and much of this is being motivated by new business requirements and enabled by information technology (IT).

Most importantly, Katharine and David (2010) explained that in concepts of the cloud, while widespread usage is not yet common, some governments are taking stages to guarantee their information remains authentic and accessible. For this viewpoint, cloud computing is increasingly being considered as a technology that has the possible of changing how the internet and the information systems are presently operated and used (Amir, 2010).

Lately, governments of several countries have realized the potential of cloud computing in offering enhanced services to its citizens. For example, UK Government is developing a secure cloud infrastructure called “G-Cloud” for public sector bodies. More significantly, the strategy will also provide some standardization for capabilities for the promotion of shared services with accredited cloud service providers (Heath, 2010).

However, a client computer on the Internet can communicate with many servers at the same time, some of which may also be exchanging information among themselves (Hayes, 2008). Furthermore, the cost of this service can be determined by several factors such as an hour of usage, software type, and storage space utilization (Srinivasan, 2010). Therefore, this can be translated into saving of the software license, number of support labor, maintenance, office space and utilities.

Recently, Wittow and Buller (2010) stated that traditional computing model is based on using hardware and software resources, which required on-site computing power and disk storage space, as well as the technical human expertise necessary to implement, maintain and secure those resources. Also, complicated and expensive upgrade procedures were necessary to take advantage of new developments and features available for software applications in the traditional computing model (Wittow & Buller, 2010). In addition, the upgraded software or/and hardware often required upgrading licenses and increasing backup and recovery capabilities to reduce the downtime that users would experience should a software or hardware failure occur. Furthermore, local administrators with specialized, technical skill-sets were historically responsible for application and hardware maintenance (Wittow & Buller, 2010). In addition, the “traditional model” often involved managing a large hardware infrastructure with dissimilar operating systems and applications that required individual backups, monitoring and software updates (Wittow & Buller, 2010). The traditional computing model required companies (and individuals) to make a significant financial commitment to set up software and hardware resources, and these were frequently difficult to expand when the needs of users changed (Wittow & Buller, 2010).

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 12: 4 Issues (2022): 2 Released, 2 Forthcoming
Volume 11: 4 Issues (2021)
Volume 10: 4 Issues (2020)
Volume 9: 4 Issues (2019)
Volume 8: 4 Issues (2018)
Volume 7: 4 Issues (2017)
Volume 6: 4 Issues (2016)
Volume 5: 4 Issues (2015)
Volume 4: 4 Issues (2014)
Volume 3: 4 Issues (2013)
Volume 2: 4 Issues (2012)
Volume 1: 4 Issues (2011)
View Complete Journal Contents Listing