Which of the following describes a risk and mitigation associated with cloud data storage?

Which of the following describes a risk and mitigation associated with cloud data storage?
A . Risk: Shared hardware caused data leakage Mitigation: Strong encryption at rest
B . Risk: Offsite replication Mitigation: Multi-site backups
C . Risk: Data loss from de-duplication Mitigation: Dynamic host bus addressing
D . Risk: Combined data archiving Mitigation: Two-factor administrator authentication

View Answer

Answer: A

Explanation:

With cloud data storage, the storage provider will have large enterprise SANs providing large pools of storage capacity. Portions of the storage pools are assigned to customers. The risk is that multiple customers are storing their data on the same physical hardware storage devices. This presents a risk (usually a very small risk, but a risk all the same) of other customers using the same cloud storage hardware being able to view your data.

The mitigation of the risk is to encrypt your data stored on the SAN. Then the data would be unreadable even if another customer was able to access it.

Incorrect Answers:

B: Offsite replication is used for disaster recovery purposes. It is not considered to be a risk as long as the data is secure in the other site. Multi-site backups are not a risk mitigation.

C: Data loss from de-duplication is not considered to be a risk. De-duplication removes duplicate copies of data to reduce the storage space required for the data. Dynamic host bus addressing is not a risk mitigation.

D: Combined data archiving is not considered to be a risk. The archived data would be less accessible to other customers than the live data on the shared storage.