Challenges Faced By Cloud Security

Challenges Faced By Cloud Security

Challenges Faced By Cloud Security

Cloud Infographic_001

Cloud computing has revolutionized the way businesses manage their data. The amount of data produced by the corporate sector has increased at a rapid rate over the past few years. In order to handle this exponential need for storage space, organizations need a reliable and secure approach with which they can use to optimize their operations, which in turn will reduce costs. Cloud computing provides suitable development environments, rapid resources for operating platforms, application environments and backup and storage of data at low costs. But, some of the factors that make cloud computing such a convenience for managing resources also raise considerable security concerns.

Challenges Faced by Cloud Security

Cloud computing inherits the security issues pertaining in the technologies that it uses, which consists chiefly of the risk of a breach in the integrity or confidentiality of information. One security measure is encrypting stored data, but there are drawbacks with encryption and it does not always protect data. This presents a very challenging situation for cloud security professionals. Seven of these challenges are discussed below:

1) Breach of Trust

In cloud services, it is very important that the service provider has the trust of his customer and he does not exploit this in any way. There is no way to be 100% sure of your cloud service providers being trustworthy. There are certain legal issues entangled with cloud security as well, because there are certain laws that cloud service providers should comply with and these laws vary from country to country. Users have no idea or control over where or in what jurisdiction their data is being physically stored over the cloud.

2) Maintaining Confidentiality

Preventing improper disclosure of information is maintaining confidentiality of data. Service providers have full access to your data, so they have the opportunity to misuse this information. This issue requires proper attention from an information security analyst in order to ensure your data is not being shared without your permission.

3) Preserving Integrity

Integrity is preventing illegal modification of data or its instances. Users with privilege to your data can easily modify it unless it is encrypted. One entity with such privilege is a cloud service provider. Preserving integrity of data over the cloud is a viable challenge to security researchers.

4) Authenticity and Completeness

In a cloud, there may be multiple users with varying levels of access privilege to your data. A user with limited access may have access to a subset of data, but he needs to be assured that this subset is valid and verified. Digital signatures are used for providing a validation, proof of authentication for access to a superset of data. Certain approaches inspired by Merkle trees and signature aggregation are used for digital validation of data. But still there are vulnerabilities for this issue in cloud security.

5) Risk Factors Associated with Virtual Machines

In a typical cloud model application, processes are run from within virtual machines. These virtual machines are on a shared server with other virtual machines running as well, some of which may be malicious. Security researchers have proved that attacks from one virtual machine to another is possible. Therefore, cloud security experts consider this a serious issue.

6) Vulnerabilities from Shared Resources

Cloud data running on multicore processors is vulnerable to application data being compromised, because, as researches have shown, applications can communicate through the cores and may exchange data as well. With the multi tenancy architecture of a cloud server in which many applications are stored on the same server, it is always possible for malicious users to intercept data from the network channel.

7) Issues with Encryption

Although encrypting data seems like the solution for preserving confidentiality, integrity and authenticity on the cloud, this approach does have shortcomings. For one, this is not a cost effective method because to decrypt data, an enormous amount of computational time is added to the processing time. Each time a query runs in the database, both the cost and time increases dramatically, especially if the amount of data is very large. Encryption algorithms are subject to get tracked down as well. Cloud security professionals have the challenge of continuing to reinforce this technique.

Cloud computing can be used for carrying out various IT functions, and providing security to the cloud is not an easy task for cloud security professionals as there are various security concerns.

There are many benefits to cloud computing. Cloud computing provides a viable means for building cost effective solutions which are substantially flexible. By using virtual servers on internet, cloud computing provides easy delivery platforms for serving business and eases out more expensive consumer IT services.

However, there are serious risks of integrity and confidentiality for data shared on a cloud. This is because required services are often outsourced from a third party, which makes it difficult to ensure security and privacy of data.

Security professionals still need to deal with the architectural flaws of the cloud computing model so that cloud computing can be made more reliable and trustworthy.

By Chetan Soni

Sorry, comments are closed for this post.

Principles For Data Protection In The Cloud In 2016

Principles For Data Protection In The Cloud In 2016

Data Protection In The Cloud 2015 ushered in the start of a data economy. As organizations amass more detailed consumer profiles they have begun realizing that data could equal or surpass the value of the products and services they sell, especially in the Internet of Things era with its constant and very personal streams of…

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing Innovation Sao Paulo, Brazil has had trouble with both energy and water supplies as of late. Despite it is the rainy period. Unfortunately Sao Paulo is very dependent on its rain as a majority of its power is generated from large dams. No water, no energy. Difficult situation for a city of some…

Are you SURE you are ready for the cloud?

Are you SURE you are ready for the cloud?

Ready For The Cloud? For several years now, people and organizations have been slowly but surely moving their data and applications to the cloud. Whether it is a local private cloud, Hybrid or a fully hosted one, they all have one thing in common: They are no longer tied to physical hardware. That is how…

DRaaS: Can Make Providers Life Easier

DRaaS: Can Make Providers Life Easier

DRaaS Planning Earlier in Part 1 this week we’ve touched on “What Is DRaaS?”. Now we will explore this a little further.  Disaster recovery situations are always high pressure, stressful affairs which require cool heads and excellent planning. What can service providers of DRaaS to do to make life easier for their customers and to…

5 Tips For Building A High Growth IT Platform

5 Tips For Building A High Growth IT Platform

5 Tips For Building a High Growth IT Platform Building and maintaining today’s enterprise computing platforms is a lot more challenging than it was in the past. The competitive and fast moving nature of business requires a corporate network capable of meeting a company’s ever changing needs and requirements. For IT, this poses difficult challenges…

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Sponsored by Hybrid IT: The Next Evolution in Enterprise IT, NetApp and Verizon. Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry from the closed, controlled environments that most IT departments were created to handle. A hybrid IT infrastructure, drawing services from multiple cloud-based…

Featured Sponsored Articles
The Benefits of Cloud-Based Phone Systems

The Benefits of Cloud-Based Phone Systems

Cloud-Based Phone Systems This article has been sponsored by RingCentral, provider of state-of-the-art cloud infrastructure. Although today’s businesses rely on a host of modern technology, the century-old telephone call is as essential as ever. Of course, businesses today aren’t relying on simple analog voice calls for effective interaction with partners, suppliers, colleagues, and customers, but…

Featured Sponsored Articles
Working With Cloud White Label Partners

Working With Cloud White Label Partners

Cloud White Label Services Sponsored by CloudMGR The benefits of consolidating your cloud to one of the giants such as AWS, Microsoft Azure, and Google Cloud are improving as competition increases, with pricing wars between the service providers meaning better savings for businesses utilizing these services, and an abundance of features at user fingertips as…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor