Incident Response: Computer Security System and Data

994 Words4 Pages
3.6 Incident Response

Incident response is the method for dealing with the security of a computer system when there is an attack. Incident response activities include incident verification, analyzing and containing the attack, collecting and preserving data, fixing the problem, and restoring services. Hence it is very essential to revise the organization's incident response plan and ensure that the differences between the computing environment of the organization and the cloud are addressed. This is a prerequisite for transitioning of applications and data but it is overlooked most of the time.
To ensure security and privacy in cloud computing, it is important for the service provider and the subscriber to collaborate and formulate a well-defined incident response plan. The provisions and procedures of the incident response plan must be finalized before entering into a service contract in order to avoid issues later on. In a particular case, it reportedly took a provider almost eight hours to recognize and start taking action on a denial of service attack against its cloud infrastructure, after the issue was reported by the subscriber.
Incidence response has to be handled such that there is limited damage and with reduced recovery time and cost. For effective incidence response, it is essential to quickly convene a team of representatives that includes members from both the cloud provider and the service subscriber. This is important as the remedy for an attack may involve a single party or require the participation of both parties. Another possible issue that may arise during incidence response is that, resolving the current issue may affect other subscribers of the cloud service. To address this issue, it is vital that the clo...

... middle of paper ...

...rging area of cryptography with little results to offer.

Data Sanitization - Sanitization can be defined as the removal of sensitive data from a storage device. This can occur in different scenarios such as when a storage device is taken out of service or when it is moved somewhere else. Data sanitization also applies to copies taken as a backup for recovery and restoration, and also on the data that is remaining after the services are terminated. Hence, what kind of data sanitization practices a cloud provider implements have a great impact on security. In a cloud computing environment, what makes data sanitization complex is that data from one subscriber is physically mixed with the data of other subscribers. This can lead to cases where large amounts of sensitive information can be recovered from purchased used drives or from improperly disposed failed drives.

More about Incident Response: Computer Security System and Data

Get Access