Challenges in incident handling in a cloud-based environment
The cloud-based system enables multiple users to work on a system simultaneously. While some of them may have paid for the system, others may not pay for the services used. This results in a vast array of users, which is very problematic for the incident handler (IH). Cloud computing has individual components such as user databases, virtual machines, operating systems, and others. They may face their security glitches and issues, which makes it difficult for the IH to identify the real incident (Manral et al., 2019). Many cloud system providers provide interfaces that are directly controlled by them, which may not be sufficient for delivering relevant incident data that is required to compile incident reports.
Interfaces provided by the CSPs are weaker and cannot integrate the user data and feed them to the monitoring systems, prompting the IH to check the data manually. Also, cloud systems do not offer the addition of security-specific event sources, which can be very much useful in installing a web-based application firewall to minimize the risks through web-based applications. Incident Handlers need to be familiarized with the cloud system and their configuration before working on them. Furthermore, incident reports could be misdirected in a cloud-based system, and the wrong party might get it instead of the party concerned. For example, incident reports pertaining to customers might get redirected to the cloud service provider.
Many methods can overcome these shortcomings of the cloud business model, some of which include installing a cloud system that is within the infrastructure of the Cloud Service Provider (CSP), installing of proper intrusion detection services, accepting external incident reports, and by enabling host-based security (which may include host-based firewall that makes the cloud management more manageable). Also, incident detection services might be updated and well defined so that relevant data can be accessed when needed.
Conclusion:
While cloud-based systems might come with various advantages, it has its shortcomings in the field of incident management. With the recommended changes, incident management might get a boost, and incident handlers might be able to carry on with their work with relative ease and comfort. Most organizations come up with their way of reducing the incident management risks so that their operations are smoother and competent work is produced. Incident handlers come up with their solutions to the problems and may pitch them to the company for relative ease of work and proper time management.