How to Manage Cloud Risks Based on the BMIS Model
نویسندگان
چکیده
Information always comes with security and risk problems. There is the saying that, “The tall tree catches much wind,” and the risks from cloud services will absolutely be more varied and more severe. Nowadays, handling these risks is no longer just a technology problem. So far, a good deal of literature that focuses on risk or security management and frameworks in information systems has already been submitted. This paper analyzes the causal risk factors in cloud environments through critical success factors, from a business perspective. We then integrated these critical success factors into a business model for information security by mapping out 10 principles related to cloud risks. Thus, we were able to figure out which aspects should be given more consideration in the actual transactions of cloud services, and were able to make a business-level and general-risk control model for cloud computing. Keywords—Cloud Risk, Risk Control, Cloud Computing, BMIS, CSFs
منابع مشابه
A risk model for cloud processes
Traditionally, risk assessment consists of evaluating the probability of "feared events", corresponding to known threats and attacks, as well as these events' severity, corresponding to their impact on one or more stakeholders. Assessing risks of cloud-based processes is particularly difficult due to lack of historical data on attacks, which has prevented frequency-based identification...
متن کاملLeveraged BMIS Model for Cloud Risk Control
Cloud computing has increasingly been drawing attention these days. Each big company in IT hurries to get a chunk of meat that promises to be a whopping market in the future. At the same time, information is always associated with security and risk problems. Nowadays, the handling of these risks is no longer just a technology problem, with a good deal of literature focusing on risk or security ...
متن کاملA Model for Prioritizing the Risks Associated with Road Construction Projects Based on Generalized Secondary Goal
This paper aims at providing a new model based on Data Envelopment Analysis (DEA) to prioritize project risks. It is clear that the large amounts of involved capitals, the long term of infrastructure projects’ implementation, and the project management problems in on-time completion of projects indicate the necessity of paying particular attention to this issue and conducting applied researc...
متن کاملA survey on impact of cloud computing security challenges on NFV infrastructure and risks mitigation solutions
Increased broadband data rate for end users and the cost of resource provisioning to an agreed SLA in telecom service providers, are forcing operators in order to adhere to employment Virtual Network Functions (VNF) in an NFV solution. The newly 5G mobile telecom technology is also based on NFV and Software Define Network (SDN) which inherit opportunities and threats of such constructs. Thus a ...
متن کاملDeveloping a Risk Management Model for Banking Software Development Projects Based on Fuzzy Inference System
Risk management is one of the most influential parts of project management that has a major impact on the success or failure of projects. Due to the increasing use of information technology (IT) systems in all fields and the high failure rate of IT projects in software development and production, it is essential to effectively manage these projects is essential. Therefore, this study is aimed t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JIPS
دوره 10 شماره
صفحات -
تاریخ انتشار 2014