Issues with Cloud Computing for Project Implementation

Dsicuss about the Literature Review Of Cloud Computing Project Adoption.

The aim of the report is to conduct a literature review to find necessary insights to implement a project based on the cloud computing technology. There are various issues associated with the cloud computing that needs to be addressed properly to implement the project with success. The literature review is aimed at identifying the risk associated with cloud implementation technology and how those drawbacks can be addressed so that the project can be managed properly. The report outlines those issues based on the literature review along with the recommendations in accordance with the findings from the review. The report concludes with the summary of the overall findings, discovered by doing the literature review.

The company is growing both in terms of size and workforce which involves dealing with lots of customers and serving them effectively is indeed a challenging task. In order to bring better workflow for the organization, the company is considering for automation so that more number of customers can be accommodated without compromising in the service quality. With cloud, it is possible to handle a large amount of data with efficiency and accuracy. The service is fully managed by the service provider, which reduces the cost for the infrastructure. However, the service, despite of many benefits brings some additional drawbacks with it. There are issues related to security like data breaches, less data controls and legal issues as well. In order to mitigate with the issues and rectify them there should be proper risk management that identifies those problems and helps to deal with them effectively. Currently, the company does not have such measures in practice to deal with risks that cloud computing project may impose. The report will review the risk and propose effective risk management technique to rectify those issues. 

The report considers various peer-reviewed literatures in order to identify various risk associated with adoption of various cloud technology. The technology itself is so evolving in nature, that there is a continuous change not only in the standard and requirements of the technology but the implementation techniques as well. In order to get a more modern approach of cloud technology and various associated risk with it,   it is important to choose more recent versions of the articles that discusses the technology in a contemporary context. The articles that have been chosen is very recent and from reliable sources. In order to ensure the quality of the articles scholarly literature databases like IEEE Xplore, ScienceDirect have been chosen. These databases have various peer reviewed, high quality, authentic sources from where standard information can be gathered.

Risk Management Techniques

Unauthorized access of data and less control over data authorization:

According to Wang et al. (2017), Cloud computing projects are likely to face various issues. However, the authors suggested that unauthorized access of sensitive data, less control over the authorization of data make cloud computing adoption more risky for the organization.

The authors describe that in cloud service data is stored in the cloud. Hackers continuously makes effort to get access to the data for executing various unethical activities to meet their requirements  When the hackers successfully make an unauthorized access to the cloud storage there is risk of data to be hacked . This information is valuable and sensitive in nature.

While discussing the issues of less control over data authorization, the authors mention that cloud service is provided by a certain vendors. These vendors are responsible for making decision regarding the data access and data storage (Sookhack 2015). Due to this the organizations has less control over the data that is highly sensitive from the organizational point of view (Ramchandran and Chang 2016). When the organization does not have clear and concise idea about the access of the data, it becomes difficult for them to get to know how the data is being stored and accessed in the cloud (Almorsy, Grundy and Muller 2016).

Although Somu, Kirthivasan and VS (2017) have agreed upon the issues raised by Wang et al., but according to the authors less knowledge about the vendors make the adoption of cloud more risky for the organizations. The authors has stated that many companies have very less or no knowledge about the vendors of the service provider. The organization rarely considers the factors like employee character of the vendor, the technology that the vendors use for their services and most importantly vendors often hide the details like what kind of access the service provider has to the data they store and deals with (Hassan , Nasir and Khairuddin 2017).  Lack of knowledge about these factors is likely to put the project at risk and it has the most intense impact while considering the risk identification of cloud computing (Juliadotter and Choo 2015).

Dove et al. does not agree completely with the previous authors mentioned in the previous sections. According to the authors, legal risk is the most important aspect of cloud computing risk assessment.  It is important to make sure that the service provider takes adequate measure to comply with various rules and regulations applied to the access of various data. However, if the vendor fails to ensure enough security measures against the data storage and access, then the organization has full right to take legal action against the service provider (Dove et al. 2017). In case there is no written agreement between the vendor and the customer, then the customer will not be able to sue the service provider for misuse of their data or accuse the vendor of data breaches (Djemame et al. 2016).

Literature Review

It is clear from the above discussion that different authors have different views on the risk factors of cloud computing and rate them according to their own point of view on the topic. However all the authors has agreed upon one thing that  the various issues related to the cloud services are needed to be analyzed to create an effective plan to deal with them during the project taken into consideration .

According to Wang et al. (2017) whenever there is a successful attempt to steal sensitive data of any organization, there are certain consequences the organization is likely to face. The authors have given the monetary impact the major preference. According to the authors many organizations store data that is not only valuable but also highly sensitive in nature. These data includes details like organizational structure, the employee details, fund transaction and even more sensitive data (Wang et al. 2017). This data is worth millions depending on the volume and nature of the data. Theft of this data will create a monetary impact on the organizational structure (Wang et al. 2017).

In contrast to Wang et al. (2017), the authors of the other two articles have given preference to the customers trust. The authors have made it clear that customer always trust company on the basis of their services and this trust can only be retained if the organization can provide enough assurance that the data they are submitting to the company is secured with highest level of security technologies. This makes it clear that whatever be the cause the  misuse of the customers’ data will not only affect the reputation of the company, but also the trust that people used to have will be lost. Once the customer is determined not to use the service, it is difficult to convince them with the effort that will be made to ensure that this kind of events will not take place in future which may violate user security. It will significantly reduce the customer strength which is essential for any business irrespective of the field (Albakri et al. 2014).

There are various risk identification tools that are used for managing a project as suggested by Wang et al. (2017). However, the authors have given significant and specific attention to some techniques due to its importance and effectiveness of the tools in risk identification. These tolls are document reviews and various information gathering tolls have been also included.  

Unauthorized access of data and less control over data authorization

The organization must document the issues that are being encountered by digital means for better access and security purposes. Then the organization should review documents that are related to the project to identify various risks in the project.

Following are the tools that are recommended for gathering information about various topic related to the project risk identification.

Brainstorming:

Brainstorming involves various people in a group who identify the risks that the project may encounter.

A team comprises of experts who has previous knowledge about the topic is consulted on a daily basis to deal with the various issues during the project. The requirements as mentioned by the article are sent to them for review and upon receiving the feedback the comments and suggestion are analyzed to check whether the suggestions are relevant or not (Kerzner and Kerzner 2017).   

Project participants, stakeholders as well as project experts are interviewed for risk identification.

Root causes are evaluated which is related to the risk identified. These root causes that are identified helps to figure out any additional risk that may affect the project (Martinelli and Milosevic 2016).

However according to Somu, Kirthivasan and VS (2017) SWOT analysis is the preferred tool for risk identification.  SWOT Analysis helps to identify risk factors involved in a project. SWOT analysis refers to analyzing the STRENGTH, Weakness, Opportunities and Threats. According to the authors, SWOT analysis helps to determine risk by identifying Strengths and weaknesses of any project.

Dove et al. (2015) has suggested for checklist analysis and risk register for identifying the risk. These techniques are discussed in details in the following section:

The checklist that basically categories the project associated risk is beneficial in determining additional risk of the project.

A regular is up gradation is provided to the risk register during the entire project frame. Following information is included in the register:

• List of the Risks
• List of various Potential Responses
• Root Causes regarding the Risks
• Updated Risk Categories

According to the work done by Wang et al. (2017) and based on the information provided by the authors in their article some tools are recommended here for risk analysis. These tolls are :

Probability And Impact Matrix:

Risks that need urgent actions are identified with this technique. The matrix supports customizations that are necessary for the project.

Risk Data Quality Assessment:

Data regarding to the risks is collected. The Risk Data Quality Assessment, requires the involvement of the manger to determine:

• Level of the understanding to deal with the risk
• Data availability
• Quality and reliability of the data
• Integrity of the data

Somu, Kirthivasan and VS (2017) have mentioned Monte Carlo Analysis or SIMULATION Technique in this context. The simulation technique is also recommended as the toll is very effective in analyzing the risks involved in the project.

Monetary Impact vs. Customer Trust

The Monte Carlo analysis helps in cost simulation or realizing the project results in a schedule.  In order to perform the Monte Carlo analysis a computer-based program is needed. The analysis helps to evaluate the overall risk of a project (Fang, Marle and Xie 2017). The probability that a project will complete or not in a specified time frame or cost can be effectively determined with this technique.

Dove et al. (2015) however suggested for decision tree and risk register update as the effective techniques for analyzing project risk. These tools also make entry in the recommendation list:

Decision Tree:

Decision tree analyzes many alternatives at a single time to find the nature of the risk and also categorize them in terms of complexity and importance.  

RISK REGISTER Updates:

According to the authors, the process helps to prioritize the risk identified in the analysis.

Conclusion:

The report concludes that cloud-computing projects have lot of benefits in terms automation and cost reduction. However, the service has lot of disadvantage too that leads to security issues. In order to effectively use the service it is not only important to identify those issues, there should be proper measurement to deal with the risks associated with the service for effective use of the technology.  The company however does not has proper techniques and guide lines to deal with the project that needs  implementation guide for the service being new and highly  advanced in nature. It is very important to adopt the suggested techniques mentioned in the report for better management of the project.

References:

Albakri, S.H., Shanmugam, B., Samy, G.N., Idris, N.B. and Ahmed, A., 2014. Security risk assessment framework for cloud computing environments. Security and Communication Networks, 7(11), pp.2114-2124.

Almorsy, M., Grundy, J. and Müller, I., 2016. An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107.

Bull, J.W., Jobstvogt, N., Böhnke-Henrichs, A., Mascarenhas, A., Sitas, N., Baulcomb, C., Lambini, C.K., Rawlins, M., Baral, H., Zähringer, J. and Carter-Silk, E., 2016. Strengths, Weaknesses, Opportunities and Threats: A SWOT analysis of the ecosystem services framework. Ecosystem services, 17, pp.99-111.

Djemame, K., Armstrong, D., Guitart, J. and Macias, M., 2016. A risk assessment framework for cloud computing. IEEE Transactions on Cloud Computing, 4(3), pp.265-278.

Dove, E.S., Joly, Y., Tassé, A.M., Burton, P., Chisholm, R., Fortier, I., Goodwin, P., Harris, J., Hveem, K., Kaye, J. and Kent, A., 2015. Genomic cloud computing: legal and ethical points to consider. European Journal of Human Genetics, 23(10), p.1271.

Fang, C., Marle, F. and Xie, M., 2017. Applying importance measures to risk analysis in engineering project using a risk network model. IEEE Systems Journal, 11(3), pp.1548-1556.

Ghosh, N., Ghosh, S.K. and Das, S.K., 2015. SelCSP: A framework to facilitate selection of cloud service providers. IEEE transactions on cloud computing, 3(1), pp.66-79.

Hassan, H., Nasir, M.H.M. and Khairudin, N., 2017. Cloud Computing Adoption in Organisations: Review of Empirical Literature. In SHS Web of Conferences (Vol. 34). EDP Sciences.

Kerzner, H. and Kerzner, H.R., 2017. Project management : a systems approach to planning, scheduling, and controlling. John Wiley & Sons.

Latif, R., Abbas, H., Assar, S. and Ali, Q., 2014. Cloud computing risk assessment: a systematic literature review. In Future information technology (pp. 285-295). Springer, Berlin, Heidelberg.

Martinelli, R.J. and Milosevic, D.Z., 2016. Project management toolbox: tools and techniques for the practicing project manager. John Wiley & Sons.

McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts, techniques and tools. Princeton university press.

Ramachandran, M. and Chang, V., 2016. Towards performance evaluation of cloud service providers for cloud data security. International Journal of Information Management, 36(4), pp.618-625.

Somu, N., Kirthivasan, K. and VS, S.S., 2017. A computational model for ranking cloud service providers using hypergraph based techniques. Future Generation Computer Systems, 68, pp.14-30.

Sookhak, M., Gani, A., Talebian, H., Akhunzada, A., Khan, S.U., Buyya, R. and Zomaya, A.Y., 2015. Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Computing Surveys (CSUR), 47(4), p.65.

Wang, L., Ranjan, R., Chen, J. and Benatallah, B. eds., 2017. Cloud computing: methodology, systems, and applications. CRC Press.