Free Essay in IT: Database and Storage Solutions

The world of computer document storage is currently experiencing an ever-increasing volume of sensor data by the internet of things (IoT) stored for processing and usage in the manufacturing fab for real-time usage. It is more common in semiconductor manufacturing fab, where detection of real-time abnormality and the identification of probe that contributes to the abnormality by critical analysis and study of the collected data are needed, as well as several other cases of control and analysis that have been identified. However, a common storage system with Relational Database (RDB) cannot access certain data which are non-structural such as documents and graphics. Also, there are some problems which hinder the maximum performance, capacity and increase the costs of Relational Database. These problems include the inability to make a disk extension when its capacity is full; degradation of performance as a result of increased data storage and lastly, the necessity of making a total renewal in a situation where applications used are renewed. To effectively handle such problems, the paper focuses on the architecture and platform that could store, process the stored data and high speed as well as analyze large volumes of big data files in real-time in the structured IT infrastructure and manufacturing fab which combines them for maximum performance (Isaac, 2015).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

Assess WLAN and mobile devices

The society is currently experiencing an advancement in the Wireless Local Area Networks ( WLANs) with many users giving more attention to this technology. The main reason for the increased utilization of this technology is, as a result, the advantages that WLANs provides compared to traditional wired LANs. These advantages are basically, their range of coverage, mobility, low cost, scalability and its simplicity while using among others. These advantages have enabled many enterprises to erect WLANs environment to access information system. Even with this advantages, the main challenge and weakness of WLANs increased vulnerability in the security of the data. This is because of the weaknesses in the system which may include potential attackers to get access to information systems and cause far-reaching harms to the other individual using the network as well as the enterprises which own the network. To effectively reduce such harms, it is important to carry out a risk assessment to limit the risks of an information system to a level that is acceptable and implement appropriate countermeasures (Mkwawa & Sun, 2012). There are three common threats in the WLAN system, namely eavesdropping, spoofing and denial of service. In the denial of service threat, an attacker floods the system with unnecessary messages which affect the availability of the resources in the network. The risk can be minimized by using a powerful transceiver, which can generate radio interference which enables the wireless network to communicate while using radio path. The second threat of spoofing often occurs when the attacker gets access to the privileged resources and data which enables him to assume the identity of the valid user. Such cases are enabled by the fact that the source address is not authenticated by the 802.11 networks. However, this threat can be eliminated by placing access control and authentication within the WLAN. Lastly, Eavesdropping involves lack of confidentiality of the transmitted information where unwanted person intercepts the transmission of data from a distance. In general, the weaknesses of WLANs can be minimized by changing the default SSID, using VPN, using Static IP, using Access Point Placement and reducing radio wave propagation areas where the service is not necessary.

Audit virtualized environments

Virtualization is the process of separating the hardware from the operating system used to run the hardware. This is enabled by introducing a layer called hypervisor which sits between the operating system and the hardware. This layer abstracts the hardware and presents the hardware specified by the user to the operating system. This abstraction provides increased creative freedom for copying, restoring, backing up and moving operating systems that are running together applications installed.

Virtualization software is often installed as an application on top of an operating system or onto a bare metal server. The software is designed with the ability to use the embedded processor instructions specifically developed to support many operating systems. To effectively carry out auditing virtualized environment, it is important that the major trends in the technology sector with pose a challenge to virtualization models. Important issues include business alignment, performance management, capacity planning, and security models. Larger environments are composed of many virtually hosted servers and computers which are operating on a complex infrastructure connected by Storage Area Network (SAN) which are massive in size and operation, while the smaller environment is characterized by few hosted servers on a single physical server. The entire Audit process involves several steps and checklists which will enable the auditor to effectively separate the operating system and the hardware (Han, Hao, Cui, Wang, & Sang, 2016).

Evaluate risks associated with cloud computing and outsourced operations

Cloud computing the process of utilizing a network of servers hosted remotely on the internet to store, manage and process data, instead of using personal computers or local servers. This new method of computing has some considerable benefits such as improved accessibility, low capital expenses, reduced cost of operation, licensing and maintenance. However, like any other new technology, cloud computing comes with risks, thus making it important to identify and include those risk the firm's risk assessment on issues related to the cloud. The risk assessment should deal with whether the cloud service provider will have access to the firms' data, important applications or both. Also, it is important to identify the impact of the data stored for the business if the data are compromised or information compromised to the extent that the business activities slow or stop functioning. After determining the operations to be outsourced, it is important to identify risks of using a cloud service provider. These risks include the inability to access the application or data because of poor connectivity. This is a big challenge since without good network connectivity the business operation will come to a halt. It is, therefore, important to ensure that the firm has a reliable network provider which can provide high-speed network even when there is network congestion. The second risk is the security of the stored applications and data against unauthorized access. If the data store has sensitive, private and confidential information, any unauthorized access may cause damage to the firm. It is, therefore, essential that the cloud provider guarantee its customers that the information is safe and if possible all information to be encrypted to reduce the damage that may occur in case of any unauthorized access. The third risk of using cloud computing is the risk of corruption of data and poor data backup. Since the information is out of control of the firm, it is the responsibility of the cloud provider to ensure that the data stored are safe and secure against any unauthorized manipulation by any unauthorized individuals and malware found on the network.

Also, there are other risks such as data destruction and retention which are not in accordance with the company expectation and policy requirements. No data should be retained against the expectation of the customer if the customer wishes to have such data destroyed and at the same time, data should be destroyed against their wishes. This is a major risk issue because the data may be lost, yet the same data is of crucial necessity to the operation of the firm.

All data transmission process should be private and confidential; the risk of intercepting information must be minimized to the level. However, since the information to and from the cloud to the user' computer is through the internet, the risk of intercepting data is higher compared to while using a personal computer or a local server (Streif, 2016).

The last risk of using cloud computing is service provider ability to fulfill terms of the contract in accordance to the law and regulations of the country where such data is accessed, as well as ensuring the security, confidentiality and availability of the service. The effectively choose the correct cloud service provider; the prospective customer evaluates the service provider to ensure that the following key questions are answered. Where will the data be stored? What are the options for ending the contract? Who will have access to the data as well as how will the data be controlled? Will the transmission be secure and encrypted?

Drill down into applications to find potential control weaknesses

In conclusion, any company wishing to outsource cloud computing and IT service should request written documentation which describes the provider control structure such as SOC1 Type 2 and SOC2 Type 2 report to ensure that no issue exists. Having a vast knowledge of the effectiveness and design of controls of the provider is important when outsourcing data and information that is subject to governmental compliance regulation and requirements. Equally important is to research on the service provider history on issues that may be of important concern such as financial issues, financial and breaches issues. Personal health and credit card data information are often subject to compliance policies, and outsourcing processing and handling of data will not relieve the company its compliance requirement. In this situation, the service provider is required to be compliant and must be able to confirm that they are. To be sure legal requirements are met, it is important to ensure that the service provider will comply with all legal laws and regulation related to the data being outsourced. The other document is the annual audit documentation that service providers often undergo to confirm that they comply with the law (Su, Tien, & Ha, 2017).

References

Han, Y., Hao, Z., Cui, L., Wang, C., & Sang, Y. (2016). A Hybrid Monitoring Mechanism in Virtualized Environments. 2016 IEEE Trustcom/BigDataSE/ISPA. doi:10.1109/trustcom.2016.0173

Isaac, D. (2015). Hierarchical storage management for relational databases. [2015] Proceedings Twelfth IEEE Symposium on Mass Storage systems. doi:10.1109/mass.1993.289767

Mkwawa, I., & Sun, L. (2012). Power-driven VoIP quality adaptation over WLAN in mobile devices. 2012 IEEE Globecom Workshops. doi:10.1109/glocomw.2012.6477765

Streif, J. (2016). IEEE Cloud Computing Call for Papers Connecting Fog and Cloud Computing. IEEE Cloud Computing, 3(4), c2-c2. doi:10.1109/mcc.2016.83

Su, W., Tien, T. H., & Ha, T. (2017). Power Control Weakness in Long Term Evolution Network. 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud). doi:10.1109/cscloud.2017.33