BSIT400-T301 Cloud Computing & Governance (2257-1)

  Documentation Amazon EC2 User Guide Security in Amazon EC2 Cloud security at AWS is the highest priority. As an AWS customer, you benefit from a data center and network architecture that are built to meet the requirements of the most security-sensitive organizations. Security is a shared responsibility between AWS and you. The  shared responsibility model  describes this as security of the cloud and security in the cloud: Security of the cloud  – AWS is responsible for protecting the infrastructure that runs AWS services in the AWS Cloud. AWS also provides you with services that you can use securely. Third-party auditors regularly test and verify the effectiveness of our security as part of the  AWS Compliance Programs . To learn about the compliance programs that apply to Amazon EC2, see  AWS Services in Scope by Compliance Program . Security in the cloud  – Your responsibility includes the following areas: Controlling network access to your in...

  Step 1: Confirm and Diagnose Capacity Overload Identify affected capacity and error time: Obtain workspace name, capacity name, and exact error occurrence time. Use monitoring tools: For Microsoft Fabric, open the Microsoft Fabric Capacity Metrics app and navigate to the Compute page to check capacity utilization and system events at the error time. Look for overload signs: Confirm if the capacity was overloaded by checking status changes to "Overloaded" and observe resource consumption spikes to understand the timing and severity of the issue (e.g., 100% CU utilization). Step 2: Check for Throttling and Resource Rejections Inspect throttling metrics (interactive delay/rejection and background rejection) via the Throttling tab in monitoring tools. Verify if throttling corresponds to the error time, indicating resource exhaustion leading to delayed or rejected operations. If no throttling is detected, consider that the error might have other causes or anothe...

  Azure Storage platform is a Microsoft’s cloud storage solution for modern data storage. What Azure Storage contains a very available, a storage that is scalable, durable, and secure for many different data objects in the cloud. Azure Storage data objects are accessible from anywhere in the world over HTTP or HTTPS via a REST API. Azure Storage also offers client libraries for developers building applications or services with .NET, Java, Python, JavaScript, C++, and Go. Developers and IT professionals can use Azure PowerShell and Azure CLI to write scripts for data management or configuration tasks. The Azure portal and Azure Storage Explorer provide user-interface tools for interacting with Azure Storage.   Reference: https://learn.microsoft.com/en-us/azure/storage/common/storage-introduction  

 Implement secure password policies. 1. Foundational Principles Modern password policies must balance security with usability, guided by evidence-based standards (e.g., NIST SP 800-63B). Key shifts include: Eliminating periodic resets: Research shows forced changes lead to weaker passwords (e.g., "Spring2023!" → "Summer2023!"). Prioritizing length over complexity: A 12-character passphrase ("PurpleTiger$Rides@9am") is stronger than "P@ssw0rd1" and easier to remember. Banning compromised passwords: Use databases like Have I Been Pwned to block common/breached passwords. 2. Policy Components Technical Requirements Minimum length: 12+ characters (NIST recommends 8, but 12+ resists brute-force attacks). No arbitrary complexity: Allow spaces, all Unicode characters, and passphrases. Multi-factor authentication (MFA): Mandate for all accounts, using FIDO2/WebAuthn or TOTP apps (e.g., Google Authenticator). Account lockouts: Temporary lock after 5–10 fa...

  **Cloud computing comes with risks such as security breaches, service outages, cost overruns, performance bottlenecks, and management complexities, which require careful planning and ongoing oversight to mitigate**.       ### Common Cloud Computing Problems     **1. Security Risks: **   Data stored in the cloud can be vulnerable to unauthorized access, breaches, and attacks if security measures are inadequate. Misconfigurations, improper access controls, and lack of encryption increase these risks. Cloud environments are frequent targets for cyberattacks, and insider threats from cloud provider employees can also pose privacy concerns [^5^] [^9^]. **2. Service Outages and Downtime: **   Despite high reliability claims, cloud services can suffer outages due to hardware failures, software bugs, or automated system errors. For example, major providers like AWS have experienced outages caused by overwhelmed networking devices or tr...

  Cloud Computing Challenges 1 2 Cloud computing has revolutionized the IT industry by providing on-demand resources like data and storage. However, it also presents several challenges that need to be addressed to ensure smooth operations and security. Data Security and Privacy Data security is a significant concern in cloud computing. User or organizational data stored in the cloud is critical and private. Issues such as identity theft, data breaches, and malware infections can decrease user trust and lead to potential revenue loss 1 . To mitigate these risks, it is essential to implement user authentication, data encryption, and access control measures. Cost Management While cloud service providers offer a "Pay As You Go" model, hidden costs can arise from under-optimized resources, degraded application performance, and unused resources 1 . Regular auditing and resource utilization monitoring can help manage these costs effectively. Multi-Cloud Environments Many enterprises...