Some Reasons Behind Cloud Security Vulnerabilities

Some Reasons Behind Cloud Security Vulnerabilities

Some Reasons Behind Cloud Security Vulnerabilities

We have debated back and forth that the Cloud is just as safe as the traditional enterprise option, and even more so. Combined with all the advantages, it is a better option for today’s business world. But the security fears are always just around the corner and pops up again every time there is a discussion about Cloud migration. These fears are not unfounded however; they are very real but quite containable unless they were not considered during migration to the Cloud.

Organizations looking into Cloud security like HP have found very simple and obvious yet often overlooked reasons for the security vulnerabilities that happen when applications and data are migrated to the Cloud. Most of the vulnerabilities are caused by overlooked and unchanged settings when applications and data have been migrated. Here are a few of them.

1) Unchanged hardcoded communication channels

Most enterprises have data policies that have been enforced in their data centers and have been considered as fairly secure. Settings like encrypted or unencrypted data channels, harcoded IP addresses and hardcoded hostnames. These are all fine internally because the data center environment has been evaluated for security and these settings were made for exactly that. But when the data is moved to the Cloud, all the channels become public so internally secure processes like passing plain text content over the network suddenly becomes a huge vulnerability. That is why all migrated programs and applications should conduct all the previously safe intra-component communication over secured and encrypted channels. All of these settings have to be changed to accommodate the change in the control of the network infrastructure.

2) Unsecured logging system

InfoSec

Logs are very important for the enterprise. It allows administrators to diagnose problems and as a forensic tool to find evidence in the event of an attack. Enterprises often have strict rules which govern their logging system and dictates what exactly can be logged and who are privy to this sort of information. These rules are strictly policed and enforced regularly. But when the system is migrated, these rules do not apply anymore. And to avoid repercussions and accusations later on, these rules must be reviewed and reapplied to the Cloud environment through the SLA with the Cloud vendor. This ensures that data logging cannot accidentally leak towards malicious individuals. Attackers can use the log data to determine the vulnerabilities of the system; it is very rich and for hackers. The logging should be minimized, reconfigured and controlled, or even turned off.

3) Adjusting encryption for virtualization

Mirroring of an entire system is a very common practice when provisioning virtual environments. This means that a specific vulnerability with the parent system will ensure that all virtual mirrors will have that same vulnerability, giving an attacker hundreds of doors which can be opened by a single key. Virtual instances must have different encryption keys, so they should never be hardcoded. Hardcoding in an internal data center environment might be fine, but that should be changed when the system goes Cloud.

All of these vulnerabilities are because of the difference in the environment that the system will be residing in. Most of the time migration is so painless because systems work immediately without much tweaking that these very important security liabilities which were not issues before have been ignored and carried over in the public environment. The only solution is a reevaluation of the system’s security after migration and changing all of these variables.

By Abdul Salam

About Abdul

Abdul is a senior consultant with Energy Services, and author of numerous blogs, books, white papers, and tutorials on cloud computing and accomplished technical writer with CloudTweaks. He earned his bachelor’s degree in Information Technology, followed by an MBA-IT degree and certifications by Cisco and Juniper Networks.

He has recently co-authored: Deploying and Managing a Cloud Infrastructure: Real-World Skills for the CompTIA Cloud+ Certification (Wiley).

View All Articles

Sorry, comments are closed for this post.

E-Commerce Advances For Savvy Marketers

E-Commerce Advances For Savvy Marketers

Digital Marketing Platforms Advertising and marketing techniques have progressed rapidly in the last decade with both channel focus and the direction of content shifting considerably due primarily to advances in cloud technology. Gartner’s Magic Quadrant for Digital Commerce 2016 singles out a few ecommerce providers who are topping their sector in both ability to execute…

The Lighter Side Of The Cloud – Energy Battle

The Lighter Side Of The Cloud – Energy Battle

By David Fletcher Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via@cloudtweaks) to our original comic sources is greatly appreciated.

Recent Articles - Posted by
Cloud Comings and Goings

Cloud Comings and Goings

Cloud Power Amazon Web Services – the giant of cloud computing – is on track to do $10 Billion in revenue this year. Yet, rumors swirl that Apple may take a huge chunk of business away from them and Dropbox has definitely left AWS. Is something wrong at AWS? Wait, Salesforce.com (SFDC) – the granddaddy of…

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation: Not Just For Large Enterprises Anymore

Digital Transformation Digital transformation is the acceleration of business activities, processes, and operational models to fully embrace the changes and opportunities of digital technologies. The concept is not new; we’ve been talking about it in one way or another for decades: paperless office, BYOD, user experience, consumerization of IT – all of these were stepping…

Connecting the Digital Dots with the Internet of Things

Connecting the Digital Dots with the Internet of Things

The IoT Explosion In The Cross-Industry Category Gartner estimates that 6.4 billion Internet of Things (IoT) devices will be in use in 2016, nearly a third more than last year, and with attentive patrons such as Samsung, recently committing to invest $1.2 billion into IoT research in the US over four years, we can happily…

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology: Where To Next?

M2M, IoT and Wearable Technology Profiling 600 companies and including 553 supporting tables and figures, recent reports into the M2M, IoT and Wearable Technology ecosystems forecast opportunities, challenges, strategies, and industry verticals for the sectors from 2015 to 2030. With many service providers looking for new ways to fit wearable technology with their M2M offerings…

5 Surprising Ways Cloud Computing Is Changing Education

5 Surprising Ways Cloud Computing Is Changing Education

Cloud Computing Education The benefits of cloud computing are being recognized in businesses and institutions across the board, with almost 90 percent of organizations currently using some kind of cloud-based application. The immediate benefits of cloud computing are obvious: cloud-based applications reduce infrastructure and IT costs, increase accessibility, enable collaboration, and allow organizations more flexibility…

The Questions of Privacy In The Internet of Things Revolution

The Questions of Privacy In The Internet of Things Revolution

Privacy in the Internet of Things Revolution The Internet of Things (IoT) has been promising a lot to consumers for a few years and now we’re really starting to see some of the big ideas come to fruition, which means an ever-growing conversation around data security and privacy. Big data comes with big responsibilities and…

Cloud Infographic – What Is The Internet of Things?

Cloud Infographic – What Is The Internet of Things?

What Is The Internet of Things? “We’re still in the first minutes of the first day of the Internet revolution.”  – Scott Cook The Internet of Things (IOT) and Smart Systems are based on the notions of Sensors, Connectivity, People and Processes. We are creating a new world to view and measure anything around us through…

Cloud Infographic – Cloud Computing And SMEs

Cloud Infographic – Cloud Computing And SMEs

Cloud Computing And SMEs SMEs (Small/Medium Sized Enterprises) make up the bulk of businesses today. Most cloud based applications created today are geared toward the SME market. Accounting, Storage, Backup services are just a few of them. According to the European Commission, cloud based technology could help 80% of organisations reduce costs by 10-20%. This infographic provided…

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus For Both Cloud Vendors And CIOs

Shadow IT To Remain A Focus Shadow IT, a phenomenon defined as building internal IT systems without the official organizational approval has been a growing concern for CIOs over the last few years. In 2015, it climbed to the top of the list of the emerging IT threats, with as much as 83% CIOs reporting…

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Driven by Cloud, Big Data and IoT

Digital Marketing Successful digital marketing campaigns are being driven largely by trending technologies, specifically the Internet of Things (IoT), Big Data, and The Cloud. These may be used for a huge number of marketing applications, from optimizing the performance of sports teams to improving science and research, even helping to aid law enforcement. Amazon Web…