The Same Security Threats As Enterprise Computing

Security Threats

People have always feared that cloud computing is inherently lacking in security because of the distribution methods used, allowing it to be more public than necessary. But research and reports indicate that it is not less secure than enterprise computing as they actually both suffer from the same types of attack. And it does not matter if you are a small organization or a large one you will still be the target of cyber-attacks as most of them are opportunistic in nature.

While organizations and businesses are the target of online attacks, the real entryways for these attacks are unsecured personal computers. These form the backbone of the cyber-criminal’s arsenal. Hijacked computers referred to as zombies or bots are being used to make brute force attacks on different networks both within the cloud infrastructure and on-premise infrastructure. No one is actually safe, whatever kind of infrastructure that they are using. Others might be more privy to attacks due to the nature of their service like banks or the possible wealth of information that they bring, like Government networks and industry leaders in technology research.

According to Alert Logic’s Fall 2012 State of the Cloud Security Report, the variations in the threat activity across the industry is not as important as where the infrastructure is located. Attacks are not industry specific or organizational size specific, they depend on the infrastructure. This means that anything that can be possibly accessed from outside, whether enterprise or cloud, has equal chances of being attacked because as mentioned, attacks are opportunistic in nature.

The reason why cyber-attacks are indiscriminate to industry and size would be due to the nature of the attacker’s weapon, the internet. Web application-based attacks hit both service provider environments (53% of organizations) and on-premise environments (44% of organizations). But as a plus for cloud computing’s side, on-premise environment users or customers actually suffer more incidents than those of service provider environments. On-premise environment users experience an average of 61.4 attacks while service provider environment customers averaged only with 27.8 while on-premise environment users also suffered significantly more brute force attacks compared to their counterparts.

Despite real research and facts being provided by security Service Providers like Alert Logic, many organizations still base their infrastructure decisions on the “myth” that cloud computing is inherently less secure compared to enterprise computing or on-premise services. But instead of focusing their attention to these perceptions, organizations should be focusing on leveraging factual data to evaluate their own Vulnerabilities and then create a better plan for their security.

By Abdul Salam

Cloudtweaks Comic Ai
How AI Is Important for Businesses Shifting to Remote Work The Coronavirus Pandemic has taught us that organizations must have remote work choices. It is no longer possible to work in a digital environment. The ...
Martin Mendelsohn
The Colonial Pipeline Dilemma The Colonial Pipeline is one of a number of essential energy and infrastructure assets that have been recently targeted by the global ransomware group DarkSide, and other aspiring non-state actors, with ...
Louis
Manufacturers’ Top Demands For Quality Software Competing on product quality has never been more urgent as rising raw material and component costs continue to squeeze manufacturers’ margins. At the same time, unpredictable supply chains make ...
Mitigation Security
Data scraping solutions When people hear the term data scraping, their first thought is often about how companies use this technology for competitive reasons – specifically to pull publicly-available data from millions of websites in ...
Gary Bernstein
Test Data Management How do you test your data management systems? With Delphix, you can automate your tests by running your data against a virtual copy of your production environment. Today, the amount of data ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.