Risk managments strategy of applaying open stack system Essay

Risk managments strategy of applaying open stack system - Essay Example t an open source cloud computing solution that is built on precise components such as storage and network components that are integrated with each other to make a complete open source cloud computing solution. Accordingly, the source code is shared with the vendors as well as the development team. Consequently, the usability of Open stack can lead to unpredictable risks. Organization try to mitigate the risks associated with this unpredictable environment may create new risks by exposing the cloud on the Internet instead of utilizing an industry compliant standardized solution. The complex customization and flexibility of opens tack that can be specific to an organization may lead to a conflict with the external open stack infrastructure. Therefore, the internal and external semantics of the cloud infrastructure is hybrid (Mears, J. 2007). Likewise, there is a risk of implementing changes on the open stack without performing impact analysis due to informal change management process. For instance, a patch needs to be deployed on the open stack and testing is required before implementation. The IT department will test the patch and attach the results in the change management form with formal approvals. After the approvals, the patch can be deployed only if the test results are all correct. Similarly, patch management for open stack can also lead to vulnerabilities that can be exploited any time. For mitigation, effective patch management process needs to be in place for testing and applying patched in the production environment. The same change management process can be adopted for patch management. However for tracking end of life and end of service for information technology assets, an asset register is require for keeping track. Ideally, an IT asset coordinator is a key person who performs these tasks (KLEPS 2015). After establishing an asset register, all the assets are now identified and ready for risk assessment. In the first step, the confidentiality,