Reference no: EM133697516

Cloud Security and Privacy

Assessment - Cloud Infrastructure Security Enhancement

Learning Outcome 1: Analyse the security models in cloud computing

Learning Outcome 2: Evaluate and adapt cloud data protection platforms

Learning Outcome 3: Investigate and analyse security risks for cloud data storage and cloud-based applications

Learning Outcome 4: Critically review cloud security threats, propose protection solutions

Learning Outcome 5: Evaluate Cloud security and well-architected design principle in cloud design.

Cloud Infrastructure Security Enhancement

Background:

You are part of a cloud security team responsible for overseeing the security of a critical cloud infrastructure supporting a multinational e-commerce platform. The infrastructure hosts sensitive customer data, financial transactions, and various applications essential for the company's operations.

Problem Statement:

The cloud infrastructure has recently experienced security incidents, including unauthorized access attempts and irregularities in data access patterns. The incidents have raised concerns about the overall security posture of the environment. Your task is to conduct a thorough security analysis and propose a design solution to enhance the security of the cloud infrastructure.

Instructions:

Security Analysis:

Investigate recent security incidents and identify vulnerabilities and risks in the existing cloud infrastructure.
Prioritize the identified threats based on potential impact and likelihood.
Consider aspects such as unauthorized access, data breaches, and potential service disruptions.

Design Solution:

a) Propose a comprehensive design solution to address the identified security vulnerabilities.
b) Justify the use of AWS CloudWatch or AWS GuardDuty as a key component of your security enhancement strategy.
c) Clearly outline how the chosen service will contribute to threat detection, monitoring, and incident response.

AWS Cloud Implementation:

a) Utilize AWS services, specifically focusing on AWS CloudWatch or AWS GuardDuty, to implement the proposed security design.
b) Provide detailed configurations, policies, and settings for the chosen service.
c) Explain how the chosen service integrates with other security measures in your design.

Documentation:

a. Prepare a well-structured report with a maximum word limit of 3,000 words.
b. Clearly present the security analysis, design solution, and AWS CloudWatch or GuardDuty implementation details.
c. Include diagrams, tables, and relevant visuals to enhance the clarity of your presentation.

Security Analysis:

a. Depth and accuracy of the identified vulnerabilities and risks.
b. Consideration of relevant security principles and standards.

Design Solution:

a. Effectiveness and feasibility of proposed security measures.
b. Justification of the use of AWS CloudWatch or GuardDuty.

AWS CloudWatch or GuardDuty Implementation:

a. Quality of AWS configurations and settings.
b. Demonstration of how the chosen service enhances security.

Documentation and Presentation:

a. Clarity, organization, and adherence to the specified word limit.
b. Submission Guidelines:

• Submit a single document (PDF format) via the designated online platform.
• Ensure the document is clearly labeled with the names of all group members.
• Include citations for external sources used in your analysis.
• This assignment challenges you to not only identify security issues but also to implement a practical solution using AWS services.