The Lighter Side Of The Cloud – Whoops!
The Lighter Side Of The Cloud – The Restroom
The Lighter Side Of The Cloud – Techwear
Concerns With Cloud Security

Concerns With Cloud Security

Cloud security is an evolving sub-domain of information security dedicated to the protection of data, applications and infrastructure values associated with cloud computing. It incorporates a broad set of policies that are driven by the security procedures for providing maximum level of assurance for customers of cloud services.

Concerns with Cloud Security

Cloud computing is providing new horizons for maintaining organizational assets. But with ease and the convenience also comes the challenge to secure enterprise data. The biggest reason that raises concerns for security is involvement of third parties, i.e. cloud service providers who can access data stored at remote locations.

Being a form of distributed computing, cloud computing is still waiting for proper standardization. While migrating to cloud services , there are a number of factors to be considered by organization. The organizations need to understand the key benefits along with the risks associated with adopting a particular solution or a service provider. As an evolving security and technological arena, the assessment of risks and benefits keeps on varying depending upon the advancements that are brought by new technological implications.

Cloud security is a shared responsibility model between cloud service provider (CSP) and clients associated with the same. It is important to note that not all cloud service providers provide equal amounts of security measurements and other operational and managerial functions. This should be clearly agreed , defined and discussed between service providers and customers.

More and more organizations are migrating towards the cloud and enjoying the benefits of various service providers. Enterprises are embracing economic and operational advantages of cloud for extending their business to larger scales. But cloud providers like AWS need to meet key security requirements for organizations to be able to trust them with their most confidential data. As malicious attackers are becoming more sophisticated, they are finding new ways to target applications and that data of enterprises. The attacking intentions are fed by the fact that cloud has some architectural flaws inherited from its parent applications that can be easily exploited for one’s own gains. At an unprecedented rate, enterprises tend to shift their resources to cloud. There are many security threats that cloud data is vulnerable to.

Some of them are listed below.

security-workforce

  • Data Breaches: One of the most dangerous shortcoming of having data in the cloud is the possibility of compromised data.
  • Data Loss: Data in the cloud is physically stored on third party servers and given virtual access to the customers. Therefore, there is a good possibility that the data on the remote servers can be lost due to any kind of damage or server hacking.
  • Account Hijacking: Physical access to data is given to clients through user accounts. So all of the data can be accessed only through these accounts on cloud hosting services. In case, any of such accounts are compromised or hijacked by any hacker, all of the important data comes under the risk of being compromised. There is also the possibility of privilege escalation attacks that accounts for exploitation of user level access rights.
  • Insecure API’s: Cloud data is called and managed through Application Protocol Interface (API). The API calls can be spoofed or hijacked for infected data transmission.
  • Denial of Service: Cloud is basically an interface between a user and an application server. If the cloud server is vulnerable or not properly protected from DOS attacks, then it can be a target of Denial of Service attacks. In this attack, legitimate user is deprived of getting services like data access etc. of the server.
  • Malicious Insiders: Sharing data with a third party requires a fair amount of trust to invest. Organizations may be secure from certain attacks from outside the company. However,  it needs to be aware from attacks within the organization as well.
  • Abusing Cloud Services: Legitimate cloud services can be abused by malicious intents for their own monetary or other gains.
  • Shared Technology Issues: Most of the security issues emerge due to shared resources technology adapted by the cloud. All data within one cloud can be attacked by hackers that would render all data on that cloud to be compromised.
  • Insufficient Due Diligence: Paying less attention to diligence can also cause substantial amount of threat to data in the cloud.

At an unimaginable rate, cloud computing is transforming and revolutionizing the way business and government are managing their data. Cloud service development has shown more evolution in terms of service model, creating new security challenges on the way for security researchers. The shift from server to service-based thinking is revolving the terms in which technological departments deal with. The design of the architecture is subsequently affected and governed by the computing technology and applications. But these advances have created substantial new security vulnerabilities, including critical security issues whose impact is emerging and still processing with each passing day.

By Chetan Soni

Follow Me

Chetan Soni

Chetan Soni is the Founder & Admin of Just Do Hackers(JDH), which is rapidly a growing security services & investigation consulting organization focusing on Cyber Crime Investigations, Cyber Law Consulting, Vulnerability Assessment & Penetration Testing, Information Security Training & workshops.

Chetan has conducted more than 100 workshops on topics like “ Botnets, Metasploit Framework, Vulnerability Assessment, Penetration Testing, Cyber Crime Investigation & Forensics, Ethical Hacking ” at various institutions/Colleges/Companies all across the world and is currently a writer for CloudTweaks.com
Follow Me

Latest posts by Chetan Soni (see all)

Sorry, comments are closed for this post.

Support

Recent

Beyond Gaming: Three Practical Applications For Oculus Rift

Beyond Gaming: Three Practical Applications For Oculus Rift

Three Practical Applications For Oculus Rift  Since the announcement of the Oculus Rift in 2012 gamers and game developers alike have been frenzied trying to both get their hands on the unit or build their own proprietary VR machine. The VR gold rush has since lead to the announcement of Project Morpheus from Sony and…

The Lighter Side Of The Cloud – Due Diligence

The Lighter Side Of The Cloud – Due Diligence

By David Fletcher Please support our comics by sharing, licensing or visiting our cloud sponsors (Below). Your support goes a long way in allowing us to continue to produce our lighthearted comics each week.   About Latest Posts Follow MeChetan SoniChetan Soni is the Founder & Admin of Just Do Hackers(JDH), which is rapidly a…

Popular

5 Mistakes That Adversely Impact Seamless Cloud Migration

5 Mistakes That Adversely Impact Seamless Cloud Migration

There is absolutely no doubt migrating a section of your IT assets, non-core business processes or the entire spectrum of business systems to the cloud makes immense sense. There are plenty of business benefits linked to cloud computing; most astute businesses are using cloud computing in some capacity or other and if you aren’t doing…

4 Different Types of Attacks – Understanding the “Insider Threat”

4 Different Types of Attacks – Understanding the “Insider Threat”

Understanding the “Insider Threat”  The revelations that last month’s Sony hack was likely caused by a disgruntled former employee have put a renewed spotlight on the insider threat. The insider threat first received attention after Edward Snowden began to release all sorts of confidential information regarding national security. While many called him a hero, what…

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation…

Cloud Infographic – Interesting Big Data Facts

Cloud Infographic – Interesting Big Data Facts

Big Data Facts You Didn’t Know The term Big Data has been buzzing around tech circles for a few years now. So much, in fact, that you’re probably getting sick of hearing about it. Here are some interesting facts you might not know about big data via The Visual Capitalist: Big Data got its start in the…

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

Forrester Releases Its “15 Emerging Technologies To Watch Before 2020” Report

15 Emerging Technologies To Watch Before 2020 The cloud, big data, the internet of things, and wearable technology have all featured heavily in Forrester’s latest list of fifteen technologies to watch before 2020. It is becoming a reality for businesses that they need to adapt and change to an increasingly technologically-minded customer base. Traditional marketing…

Sponsored Posts

Moving From Email Into The Cloud

Moving From Email Into The Cloud

Mobile Collaboration In The Cloud Imagine that you, as a manager, are told by the powers that be that you have to find “efficiencies” within your department that will result in one million dollars of savings annually. You struggle with this. You send an email to everyone on your senior team. “Where can we save…

Cloud Logo Sponsors

hp Logo CityCloud-PoweredByOpenstack-Bluesquare_logo_100x100-01
cisco_logo_100x100 vmware citrix100
Site 24x7


Contributor Spotlight

Established in 2009, CloudTweaks is recognized as one of the leading influencers in cloud computing, big data and internet of things (IoT) information. Our goal is to continue to build our growing information portal, by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Branded Content Programs

Advertising