Forensics Journal - Stevenson University 2015 | Page 30
STEVENSON UNIVERSITY
Godwin, 2007). As technology evolves, NFAT systems are becoming
more effective and easier to use. Both NFATs and IDS are critical
components of computer systems when attempting to detect network
attacks and maintain cloud security.
professional organizations and government agencies offer their
guidance to cloud users for protecting themselves against malicious
attacks. The Association of Certified Fraud Examiners (ACFE)
is another organization that offers tips to minimize data fraud.
Some of their fraud prevention guidelines for cloud users include:
FRAUD PREVENTION IN THE CLOUD
•
“Provide regular training sessions to increase data risk awareness
and ensure that every employee feels a tangible responsibility for
keeping data secure;
•
Categorize all data to determine who should have access to
what information and on which storage mediums it is allowed
to be stored;
•
Develop written policies regarding the use of cloud services;
•
Implement encryption on sensitive data stored in the cloud;
•
Restrict admin privileges where possible; and
•
Consider software to monitor the data transmission of all ports”
(Capers, 2013).
With an increased number of data fraud attacks occurring in the
United States, many organizations focus on proactive efforts. By
utilizing data fraud attack prevention techniques and educating the
nation about cyber security threats, organizations are able to prevent
threats and minimize the damages and costs associated with an attack.
One form of fraud prevention that cloud providers and users
utilize is high-level encryption software. Encryption is used as a
preventative measure by converting data into a form of text that
cannot be understood by unauthorized users. Encryption software
is used on a variety of platforms, such as physical, virtual and cloud
environments. In order to convert encrypted text back into legible
form, the authorized user must enter a recognized password (“Data
Encryption,” 2014). It is critical that cloud users maintain strong
passwords in order to protect electronically stored information.
By following some of these recommendations, cloud users may be
able to prevent dangerous data fraud attacks and aid the government
“to help Americans understand not only the risks that come with
using the Internet, but also the importance of practicing safe online
behavior.” (DHS Cyber Security, n.d.)
Cloud users must also implement techniques to prevent data fraud
attacks. The Department of Homeland Security (DHS) believes
that preventing threats requires the cooperation of the government,
law enforcement, the private sector, and the public (DHS National,
n.d.). Spreading cloud security awareness to these individuals helps
“increase the resiliency of the nation in the event of a cyber incident”
(DHS National, n.d.). The Department of Homeland Security offers
publications directed at various age groups to increase awareness on
the types of cyber risks or threats and tips to prevent attacks from
occurring. The government understands “no country, community, or
individual is immune to cyber risk,” but certain steps may maximize
online safety (DHS National, n.d.) Some of the steps aimed toward
businesses include the following prevention techniques:
CONCLUSION
The cloud computing industry is on the verge of becoming a $100
billion dollar industry by the year 2017. The cloud has become
appealing to businesses because of its cost efficiency, faster response
times, and flexible support. Individuals and businesses, which utilize
cloud services, each contribute different types of data depending
on their nature of business or purpose for using the cloud. The
amount of data stored on cloud servers has grown substantially as
businesses begin to convert their data processing to cloud providers.
Approximately ninety percent of digital data has been created in
the last two years (SINTEF, 2013). The vast amounts of data stored
on cloud servers throughout the world makes cloud servers an ideal
target for fraud.
• strong passwords [change them regularly], and don’t
Set
share them with anyone;
•
Keep your operating system, browser, and other critical
software optimized by installing updates;
•
Maintain an open dialogue with your colleagues about
Internet safety…. (DHS Cyber Security, n.d.)
Advancements in technology allow criminals to target cloud
servers and access an abundance of information and resources
across the globe. Everyday, there are more intruders attempting
to gain unauthorized access onto secure networks. Some of the
major concerns in the cloud computing industry are access controls,
authentication, and encryption. Unauthorized users work to exploit
weaknesses i.e. access controls, authentication, and encryption to gain
access to valuable data stored on the cloud.
Because it is extremely difficult to prevent attacks from occurring,
the United States government educates citizens and organizations
through program awareness. The DHS program is called “Stop.
Think. Connect” as a part of President Obama’s Cyberspace Policy
Review. “Stop. Think. Connect” aims to help Americans understand
the risks associated with using the Internet. The government also
designated October as National Cyber Security Awareness Month
(DHS Stop, n.d.). During National Cyber Security Awareness month,
The market provides various tools and detection systems to ensure
network intrusions are identified on a timely basis and network
security is maintained. As technology evolves, it is important to
implement detection techniques to maintain adequate cloud
28