Security problems described in the case study
One of the security issues associated with cloud computing is that it distributes work over many data centers around the globe to enable easy data accomplishment. As a result, people who try to use the cloud may not know where data is being hosted and may not know the country where the data is stored.
The other security issue associated with cloud computing is that its dispersed nature makes it difficult to track unauthorized activities. There is need to ensure that data stored in other devices that store other companies’ data are encrypted in the same way that other providers use encryption. Companies that rely on cloud softwares are also vulnerable as the software provider and there is need to ensure this vulnerability is dealt with (Cervo, 2011).
People, organizations and technology factors that contribute to these problems
Furthermore, there are laws restricting where a company is allowed to send and store certain types of information. These include employment of certain encryption algorithms that companies are required to meet. These regulations also require that a proof be made regarding the security of systems by independent confirmation through independent auditing.
Cloud providers services are not provided all time during the day or the week. This is contrary to the expectation that companies expect their systems to be operational 24 hours a day and 7 days a week. For instance, subscribers suffered outage effects in January 2009 while they needed to the data to communicate with their customers (Jill, 2008). In addition, businesses using applications for small business operations were unable to access these services for two consecutive days in June 2010 because of power outage.
A technological factor that contributes to these problems is the need to ensure costs are minimized and money saved. As a result, computing providers have distributed the work to data centers in many areas of the globe. This has made it difficult to track unauthorized activities.
Security level of cloud computing
There are also certain organizations that require compliance with security levels recommended from these softwares and proof of security can only be done by auditors. These measures are enforced under personally identifiable information in the European Union (EU) and encryption algorithms of the government of the United States (Loshin, 2009).
In addition, there are agreements such as Amazon EC2 and Microsoft Azure that companies that provide cloud-computing softwares should not be held liable for the data that gets lost or fines or any other legal penalties when other companies use their services.
By using certain cloud computing softwares, companies have confidence that their data is secure and fully protected. Furthermore, the vendors provide guidance on how to use their cloud platform securely as well as ensuring data is protected compared with come companies’ home-grown facilities.
Issues that need to be addressed in a company’s information system department
One of the issues that need to be addressed in a company’s information system is data security and cannot be accessed by unauthorized persons. There is also the need to ensure that the company infrastructure is not vulnerable irrespective of the vulnerability of the provider’s side. The information system will also be designed such that customers are allowed to choose from a number of alternatives where cloud-computing work takes place (Mohapatra, 2008).
It would also be necessary to determine ways of making the services accessible all time when needed or alternatives for access such as in times of power outage. Furthermore, a back up system will need to be developed that duplicate database is developed so that similar data is obtained in case of data loss.
Why I would or would not entrust my corporate systems to cloud computing providers
I would entrust because by using these softwares, leaves a certain amount of confidence concerning the company and client security. Besides, it would be easy to provide information to a large number of clients by using this service.
However, its not advisable to entrust corporate systems to cloud computing technologies because its work is distributed in many areas of the globe and it would be difficult to know where my data is stored (Jill, 2008). This would make it difficult to track unauthorized activities. Furthermore, there are certain encryption algorithms that need to be complied with making it difficult to design the company’s corporate system according to the company’s preference.
Security measures that have been developed by Salesforce.com and their importance include ensuring secure data centers. These include provision of physical security, environmental controls such as control of humidity, power control and network control. These controls ensure that datacenters are always accessible at all time and the data is not destroyed (Loshin, 2009).
Other security measures include ensuring secure transmission and protection of the network by constructing perimeter firewalls and recovery of data that has been transmitted across encrypted links. These measures ensure that any unauthorized user of the data is prevented from accessing the data and the subscriber’s information is protected.
MIS in action
According to Saleforce.com, companies should provide education to their employees to be aware of suspect emails to ensure phishing attempts are prevented; apply security solutions from major vendors such as Symantec to ensure spam software is scanned. It is also recommended that two-factor authentication system is developed. These include the use of techniques such as RSA tokens or Smart cards (Mohapatra, 2008).
Using the on-demand service guidelines because they provide solutions to problems such as access of information by unauthorized persons. However, I would not be comfortable in using them because it would require skilled expertise in learning and implementing them which may be costly.
References
Cervo, D. &. (2011). Master Data Management in Practice: Achieving True Customer MDM. New Jersey: John Wiley & Sons.
Jill, D. (2008). On-demand Data Management. London: Cengage Learning Center.
Loshin, D. (2009). Master Data Management. New York: Morgan Kaufmann.
Mohapatra, G. (2008). Business Process Automation. London: PHI Learning Pvt. Ltd.