Is Cloud Computing Experiencing The Same Security Threats As Enterprise Computing?

Is Cloud Computing Experiencing The Same Security Threats As Enterprise Computing?

Is Cloud Computing Experiencing the Same Security Threats as Enterprise Computing?

People have always feared that cloud computing is inherently lacking in security because of the distribution methods used, allowing it to be more public than necessary. But research and reports indicate that it is not less secure than enterprise computing as they actually both suffer from the same types of attack. And it does not matter if you are a small organization or a large one you will still be the target of cyber-attacks as most of them are opportunistic in nature.security threats report

While organizations and businesses are the target of online attacks, the real entryways for these attacks are unsecured personal computers. These form the backbone of the cyber-criminal’s arsenal. Hijacked computers referred to as zombies or bots are being used to make brute force attacks on different networks both within the cloud infrastructure and on-premise infrastructure. No one is actually safe, whatever kind of infrastructure that they are using. Others might be more privy to attacks due to the nature of their service like banks or the possible wealth of information that they bring, like government networks and industry leaders in technology research.

According to Alert Logic’s Fall 2012 State of the Cloud Security Report, the variations in the threat activity across the industry is not as important as where the infrastructure is located. Attacks are not industry specific or organizational size specific, they depend on the infrastructure. This means that anything that can be possibly accessed from outside, whether enterprise or cloud, has equal chances of being attacked because as mentioned, attacks are opportunistic in nature.

The reason why cyber-attacks are indiscriminate to industry and size would be due to the nature of the attacker’s weapon, the internet. Web application-based attacks hit both service provider environments (53% of organizations) and on-premise environments (44% of organizations). But as a plus for cloud computing’s side, on-premise environment users or customers actually suffer more incidents than those of service provider environments. On-premise environment users experience an average of 61.4 attacks while service provider environment customers averaged only with 27.8 while on-premise environment users also suffered significantly more brute force attacks compared to their counterparts.

Despite real research and facts being provided by security service providers like Alert Logic, many organizations still base their infrastructure decisions on the “myth” that cloud computing is inherently less secure compared to enterprise computing or on-premise services. But instead of focusing their attention to these perceptions, organizations should be focusing on leveraging factual data to evaluate their own vulnerabilities and then create a better plan for their security.

By Abdul Salam

About Abdul

Abdul is a senior consultant with Energy Services, and author of numerous blogs, books, white papers, and tutorials on cloud computing and accomplished technical writer with CloudTweaks. He earned his bachelor’s degree in Information Technology, followed by an MBA-IT degree and certifications by Cisco and Juniper Networks.

He has recently co-authored: Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification (Wiley).

View All Articles

One Response to Is Cloud Computing Experiencing The Same Security Threats As Enterprise Computing?

  1. I think this is a relevant question “Is Cloud Computing Experiencing The Same Security Threats As Enterprise Computing?” First and foremost is that the architecture is fundamentally based on sharing resources and moving data around for collaboration and scalability.  This contradicts the basic principles of data security and compliance, which focus on restricting access and controlling data flow.  Once the data is out of organizations’ hands and into the cloud, how can security be assured?
    If the platform cannot be protected by the organization, then the data itself must be secured before it reaches the cloud.  The primary means to this is in granular, selective data protection, via tokenization or masking, to allow different classification levels.  Tokenized or masked data holds no value to a potential thief, and allows applications to operate on selective portions of the data that bleed through.
    The data will then be secured across the enterprise and into the cloud, and only via policy retained at the organization’s security center can the sensitive data ever be revealed to authorized parties or applications that require it.  A separation of duties, isolating security administration to security personnel, can ensure protection from internal threats.
    Since the data itself is secured, this can reduce the requirements for auditing and monitoring, which are also issues in a cloud environment.
    Practicing in this way can allow organizations to rest easy, knowing that their data is safe wherever it goes, and continue to take advantage of the numerous efficiencies in cloud computing.
    Ulf Mattsson | CTO | Protegrity (m) +1.203.570.6919

Immune Systems: Information Security And Risk In 2016

Immune Systems: Information Security And Risk In 2016

Information Security And Risk C-suite executives have woken up to the threat posed by data theft, denial-of-service attacks and vulnerable systems. In 2015, for example, a series of high-profile cases illustrated the degree to which such attacks can damage a company’s reputation, brand and, ultimately, profits. Where businesses once undervalued cybersecurity, considering it the domain of CIOs and…

The Rise of Fintech and the End of Traditional Banking

The Rise of Fintech and the End of Traditional Banking

The Rise of Fintech Developments in financial technology, or fintech, are changing the way we make payments, with new products gradually transforming how personal and commercial transactions are processed. The pace of these developments has opened up a whole range of opportunities for fintech start-ups and new players; but the arrival of cutting-edge technology has…

The Implication Of Consumers Not Having Their Heads In The Cloud

The Implication Of Consumers Not Having Their Heads In The Cloud

Customers CAN Better Protect Themselves The majority of cloud consumers don’t understand what cloud is let alone what the implications of transacting in the cloud or of having their data and digital assets stored in the cloud. As a result most consumers are their own worst enemy when it comes to putting themselves at risk…

Even Companies With A “Cloud First” Strategy Have Lingering Security Concerns

Even Companies With A “Cloud First” Strategy Have Lingering Security Concerns

Lingering Security Concerns Considering the cost and time-to-market advantages of SaaS applications in particular, it’s no surprise that companies are looking to the cloud to meet their business objectives. But what happens when a ‘cloud first’ company must also put security and compliance first? In a recent Bitglass survey report from a cloud access security…

Risks Of Virtualization In Public And Private Clouds

Risks Of Virtualization In Public And Private Clouds

Risks Of Virtualization Server virtualization is one of the cornerstone technologies of the cloud. The ability to create multiple virtual servers that can run any operating system on a single physical server has a lot of advantages. These advantages can appear in public, Infrastructure as a Service (IaaS), as well as in private clouds. However,…

The Evolution Of The Connected Cloud

The Evolution Of The Connected Cloud

The Connected Cloud Cloud computing is interesting first, but not only, because of the prevalence of cloud projects. There are many of them launched every day. Some have lofty expectations for business benefits (cost saving of 20 percent or more) and others carry even more intriguing goals. In 2005 “the cloud” was new. Shared computing…

Dissecting Mr. Robot TV Series: Spotlight On Burning Online Privacy Risks

Dissecting Mr. Robot TV Series: Spotlight On Burning Online Privacy Risks

Mr. Robot And Burning Online Privacy Risks Despite the rapid development of web tools and computer security systems, online privacy remains a serious issue for most web users. According to some statistics provided by isaca.org, the total number of online security incidents worldwide grew to 42.8 million, leaving a great number of victims behind. As one…

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor