Storing the data outside the organizational network and accessing it through the internet poses several security challenges.
By: Dr. Manju Jose
Department of Computing
In this data-centric world, the data storage landscape continues to evolve. Organizations that need to store large amounts of data have embraced cloud storage solutions. Cloud computing is a technology where computing is used as a utility. It offers a pool of resources facilitating storage and services that can be allotted dynamically to the users as per their needs. Storing the data outside the organizational network and accessing it through the internet poses several security challenges.
The world surrounding us amazes us with emerging technologies such as cloud computing, data storage, security, IoT communication technologies, machine learning, artificial intelligence, etc. Hence, a more focus from the educational institutions on the emerging technologies is required to prepare and equip the students for the work environments.
Middle East College (MEC) addressed these needs by offering the required and suitable academic programmes and training courses and workshops for its student. In the endeavor to inculcate research culture among students, faculty members guide them in submitting their research work for funding under various research grant schemes offered by The Research Council (TRC), Oman. Several students could accomplish funding for their final year project under various TRC schemes during the past years. Journal of Big Data and Smart City (www.mjbdsc.org), the journal of MEC is an excellent platform for students to publish their research work.
The college also conducts industry visits and lectures by industry experts to make the students industry-ready with knowledge and skills on these latest technologies and incorporate them into the assessments. This article aims to explore the emerging cloud data storage solutions and security aspects.
The following are the top two enterprise data storage solutions:
Amazon Web Services (AWS)
AWS is a subsidiary of Amazon. It dominates the cloud-based data storage market, providing scalable and secured cloud computing platforms and APIs (Application Programme Interface). The following are the different types of storage services available from AWS:
• Simple Storage Service (Amazon S3): This is the largest and most supported storage platform built with an object storage model. This platform is used to store and retrieve data from IoT (Internet of Things) sensors, mobile apps, websites, etc. S3 is a highly secured platform with three different encryption forms and optional security features using Multi-Factor Authentication (MFA).
• Amazon Glacier: This storage service is basically for long term storage or data archiving, providing analytics on archived data. This low-cost storage service allows only the account owner to access the Amazon Glacier data by default. Besides, data access controls can be set up using the Identity and Access Management (IAM) system of Amazon Web Services.
• Amazon Elastic File System (Amazon EFS): This is a highly available and durable network file system as a service to elastic computing instances. The storage capacity is flexible such that it can grow to petabytes and facilitates enormous parallel access. Amazon EFS has three security levels: security groups for the elastic compute instances and mount targets, IAM permissions, network file system level users, groups, and permissions.
• Amazon Elastic Block Store (Amazon EBS): This is a highly reliable and available service. It provides block-level storage with volumes that can automatically replicate within the open zones. IAM service can be used to specify who can access which volumes. Encryption, along with access control, offers better security for EBS.
• Amazon EC2 Instance Storage: This offers temporary block-level storage using disks that are physically attached to the host computer. This storage is protected with the IAM service to specify which users can accomplish the instances' launch and termination.
• Amazon Storage Gateway is a hybrid service. It provides on-premises applications to deploy unified and secured storage integrated with AWS cloud storage using industry-standard storage protocols. Encryption and IAM service ensures this storage gateway services.
• AWS Snowball: This service provides secure transfer of a large quantity of data in and out of the Amazon cloud services. IAM and encryption are used for security and industry-standard Trusted Platform Module (TPM) for physical security.
• Amazon Cloud Front: This is a global Content Delivery Network (CDN) service that supports all files over HTTP. It can securely deliver the website’s static, dynamic, and streaming content to end-users. In addition to network and application-level protection, it also has a web application firewall and Shield Advanced to protect from threats and distributed denial of service attacks.
It is Microsoft’s cloud computing platform, providing a wide range of cloud services such as storage, computing, analytics, and networking. It is available in five different plans: Basic, Developer, Standard, Professional Direct, and Premier. This will be recommended if you are presently using other Microsoft solutions as the integration would be easy. Azure provides IAM and security controls integrated with hardware and firmware to protect from threats and distributed denial of service attacks.
Maintaining owned infrastructure for data storage results in highly costing. Most enterprises utilize cloud-based storage systems, an affordable way of preserving and protecting data on a virtual infrastructure. The enterprise has to choose the best storage solution considering the security and scalability factors with support on multiple platforms.
The Bachelor of Engineering in Computer Engineering programme with a pathway in Information Security has been recently offered by MEC to boost the job market with qualified and highly skilled students. The programme has modules such as Data Storage, Introduction to Information Security, Cryptography, and Information Assurance, aligned to the themes mentioned above.