Challenges Faced By Cloud Security

Challenges Faced By Cloud Security

Challenges Faced By Cloud Security

Cloud Infographic_001

Cloud computing has revolutionized the way businesses manage their data. The amount of data produced by the corporate sector has increased at a rapid rate over the past few years. In order to handle this exponential need for storage space, organizations need a reliable and secure approach with which they can use to optimize their operations, which in turn will reduce costs. Cloud computing provides suitable development environments, rapid resources for operating platforms, application environments and backup and storage of data at low costs. But, some of the factors that make cloud computing such a convenience for managing resources also raise considerable security concerns.

Challenges Faced by Cloud Security

Cloud computing inherits the security issues pertaining in the technologies that it uses, which consists chiefly of the risk of a breach in the integrity or confidentiality of information. One security measure is encrypting stored data, but there are drawbacks with encryption and it does not always protect data. This presents a very challenging situation for cloud security professionals. Seven of these challenges are discussed below:

1) Breach of Trust

In cloud services, it is very important that the service provider has the trust of his customer and he does not exploit this in any way. There is no way to be 100% sure of your cloud service providers being trustworthy. There are certain legal issues entangled with cloud security as well, because there are certain laws that cloud service providers should comply with and these laws vary from country to country. Users have no idea or control over where or in what jurisdiction their data is being physically stored over the cloud.

2) Maintaining Confidentiality

Preventing improper disclosure of information is maintaining confidentiality of data. Service providers have full access to your data, so they have the opportunity to misuse this information. This issue requires proper attention from an information security analyst in order to ensure your data is not being shared without your permission.

3) Preserving Integrity

Integrity is preventing illegal modification of data or its instances. Users with privilege to your data can easily modify it unless it is encrypted. One entity with such privilege is a cloud service provider. Preserving integrity of data over the cloud is a viable challenge to security researchers.

4) Authenticity and Completeness

In a cloud, there may be multiple users with varying levels of access privilege to your data. A user with limited access may have access to a subset of data, but he needs to be assured that this subset is valid and verified. Digital signatures are used for providing a validation, proof of authentication for access to a superset of data. Certain approaches inspired by Merkle trees and signature aggregation are used for digital validation of data. But still there are vulnerabilities for this issue in cloud security.

5) Risk Factors Associated with Virtual Machines

In a typical cloud model application, processes are run from within virtual machines. These virtual machines are on a shared server with other virtual machines running as well, some of which may be malicious. Security researchers have proved that attacks from one virtual machine to another is possible. Therefore, cloud security experts consider this a serious issue.

6) Vulnerabilities from Shared Resources

Cloud data running on multicore processors is vulnerable to application data being compromised, because, as researches have shown, applications can communicate through the cores and may exchange data as well. With the multi tenancy architecture of a cloud server in which many applications are stored on the same server, it is always possible for malicious users to intercept data from the network channel.

7) Issues with Encryption

Although encrypting data seems like the solution for preserving confidentiality, integrity and authenticity on the cloud, this approach does have shortcomings. For one, this is not a cost effective method because to decrypt data, an enormous amount of computational time is added to the processing time. Each time a query runs in the database, both the cost and time increases dramatically, especially if the amount of data is very large. Encryption algorithms are subject to get tracked down as well. Cloud security professionals have the challenge of continuing to reinforce this technique.

Cloud computing can be used for carrying out various IT functions, and providing security to the cloud is not an easy task for cloud security professionals as there are various security concerns.

There are many benefits to cloud computing. Cloud computing provides a viable means for building cost effective solutions which are substantially flexible. By using virtual servers on internet, cloud computing provides easy delivery platforms for serving business and eases out more expensive consumer IT services.

However, there are serious risks of integrity and confidentiality for data shared on a cloud. This is because required services are often outsourced from a third party, which makes it difficult to ensure security and privacy of data.

Security professionals still need to deal with the architectural flaws of the cloud computing model so that cloud computing can be made more reliable and trustworthy.

By Chetan Soni

Sorry, comments are closed for this post.

Comic
Pitney Bowes Selects Aria Systems for Billing on the New Commerce Cloud

Pitney Bowes Selects Aria Systems for Billing on the New Commerce Cloud

Top-Ranked Cloud Billing Company Enables Greater Speed and Frictionless Billing for Unparalleled Customer Experience San Francisco, CA – August 23, 2016 – Aria Systems, which helps enterprises grow subscription and usage-based revenue, today announced that Pitney Bowes has selected Aria’s cloud-based monetization platform as the key billing and monetization component of their new Commerce Cloud…

The Golden Age of Wearable Technology

The Golden Age of Wearable Technology

The Golden Age One of the biggest fads in the technology sector right now is wearable tech. From Smartwatches that let you check your emails, chat with friends and search the web, to fitness accessories that monitor your heart rate and your sleep patterns, this is truly the Golden Age of wearable technology. But some…

Marketing Execs Beefing Up on Martech Strategies

Marketing Execs Beefing Up on Martech Strategies

Martech Strategies As budgets shift from traditional marketing streams to marketing technology, it’s essential that both marketers and business leaders understand marketing technology and keep up with the developments. According to eMarketer, 78% of US senior marketers surveyed believe gaining this understanding of marketing technology is increasingly relevant to their success, and the majority of…

4 Monetization Models For The Digital Business Era

4 Monetization Models For The Digital Business Era

4 Monetization Models Digital business is expected to generate billions in new revenue in the next four to five years. However, MGI Research predicts that digital businesses will need to increase their time to market by 40 percent. Many global executives admit they are unprepared to monetize their operations. The million dollar question is: how…

Cybersecurity Experts Racing to Keep Pace with Growing Cyber Threats

Cybersecurity Experts Racing to Keep Pace with Growing Cyber Threats

The cyberwar is on! At this stage of the game, the stakes are higher than ever, and safeguarding networks from cyberattacks is a devilish combination of Chicken and Cat-and-Mouse. Attacks are now so commonplace that many events of serious cybersecurity breaches go uncovered by mainstream media. Despite the rapid advancements in IT security technology, hackers…

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And The Extension/Expansion Of Virtual Reality

Virtual Immersion And Virtual Reality This is a term I created (Virtual Immersion). Ah…the sweet smell of Virtual Immersion Success! Virtual Immersion© (VI) an extension/expansion of Virtual Reality to include the senses beyond visual and auditory. Years ago there was a television commercial for a bathing product called Calgon. The tagline of the commercial was Calgon…

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

5% Of Companies Have Embraced The Digital Innovation Fostered By Cloud Computing

Embracing The Cloud We love the stories of big complacent industry leaders having their positions sledge hammered by nimble cloud-based competitors. Saleforce.com chews up Oracle’s CRM business. Airbnb has a bigger market cap than Marriott. Amazon crushes Walmart (and pretty much every other retailer). We say: “How could they have not seen this coming?” But, more…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and orchestration. Although it has been mature for decades, the network security market had to transform rapidly with the advent of the BYOD trend and emergence of the cloud, which swept enterprises a few years ago.…

5 Things To Consider About Your Next Enterprise File Sharing Solution

5 Things To Consider About Your Next Enterprise File Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large number of sites, whereas small businesses may only need to support a handful of users in a single site. Construction or advertising firms require sharing and collaboration with very large (several Gigabytes) files. Financial services…

7 Common Cloud Security Missteps

7 Common Cloud Security Missteps

Cloud Security Missteps Cloud computing remains shrouded in mystery for the average American. The most common sentiment is, “It’s not secure.” Few realize how many cloud applications they access every day: Facebook, Gmail, Uber, Evernote, Venmo, and the list goes on and on… People flock to cloud services for convenient solutions to everyday tasks. They…

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications In A Hybrid Cloud Environment

Protecting Your Web Applications It’s no secret that organizations are embracing the cloud and all the benefits that it entails. Whether its cost savings, increased flexibility or enhanced productivity – businesses around the world are leveraging the cloud to scale their business and better serve their customers. They are using a variety of cloud solutions…

The Internet of Things Lifts Off To The Cloud

The Internet of Things Lifts Off To The Cloud

The Staggering Size And Potential Of The Internet of Things Here’s a quick statistic that will blow your mind and give you a glimpse into the future. When you break that down, it translates to 127 new devices online every second. In only a decade from now, every single vehicle on earth will be connected…

Cloud Infographic – The Data Scientist

Cloud Infographic – The Data Scientist

Data Scientist Report The amount of data in our world has been exploding in recent years. Managing big data has become an integral part of many businesses, generating billions of dollars of competitive innovations, productivity and job growth. Forecasting where the big data industry is going has become vital to corporate strategy. Enter the Data…

Cloud Infographic – Big Data Predictions By 2023

Cloud Infographic – Big Data Predictions By 2023

Big Data Predictions By 2023 Everything we do online from social networking to e-commerce purchases, chatting, and even simple browsing yields tons of data that certain organizations collect and poll together with other partner organizations. The results are massive volumes of data, hence the name “Big Data”. This includes personal and behavioral profiles that are stored, managed, and…

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Why Cloud Compliance Doesn’t Need To Be So Overly Complicated

Cloud Compliance  Regulatory compliance is an issue that has not only weighed heavily on the minds of executives, security and audit teams, but also today, even end users. Public cloud adds more complexity when varying degrees of infrastructure (depending on the cloud model) and data fall out of the hands of the company and into…