Cloud computing is such a popular topic, because it was built to reduce cost and save resources. With the growing demand of online presence and digitization of news, it is the need of the hour for Media enterprises and all leading Publishing houses to take it into serious consideration to move a chunk of the work from their data centers and networking centers over to Cloud to reap the benefits of less spends and less maintenance, however the Cloud Technology comes with certain liabilities as threats and vulnerabilities, in this post we go through what exactly to expect from Cloud in terms of security.

Vulnerability: Vulnerability is a prominent factor of risk. ISO 27005 defines risk as “the potential that a given threat will exploit vulnerabilities of an asset or group of assets and thereby cause harm to the organization,” It is seen as an opportunity for attackers to exploit for personal gain, measuring it in terms of both the likelihood of an event and its consequence.

Threat: Threat is an entity that attacks system takes advantage of its vulnerabilities and uses the exploit to his own advantage.

We often tend to confuse and blur the line between security issues in Cloud and security issues in general.

Cloud computing
http://www.ibm.com/developerworks/cloud/library/cl-cloudthreats/

When is a Vulnerability Cloud Specific?

  • If it is intrinsic core cloud computing technology,

  • If it has relation to one of NIST’s cloud characteristics

  • When technology is upgraded in Cloud and that makes security mechanisms tough to be implemented

  • Already present in Cloud

Cloud computing vulnerabilities

When deciding to migrate to the cloud, we have to consider the following cloud vulnerabilities:

  • Session Riding

  • Virtual Machine Escape

  • Reliability and Availability of Service

  • Insecure Cryptography

  • Data Protection and Portability

  • CSP Lock-in

  • Internet Dependency

Cloud computing threats

Before deciding to migrate to the cloud, we have to look at the cloud security vulnerabilities and threats to determine whether the cloud service is worth the risk due to the many advantages it provides. The following are the top security threats in a cloud environment:

  • Ease of Use

  • Secure Data Transmission

  • Insecure APIs

  • Malicious Insiders

  • Shared Technology Issues

  • Data Loss

  • Data Breach

  • Account/Service Hijacking

  • Unknown Risk Profile

  • Denial of Service

Enterprises are adopting the cloud services in every day operations, but it’s often not the case they really understand what sort of thing is coming next. Cloud users should know the good and bad about the attacks and about the links that are weak. There are multiple ways a black hat hacker can do to dig into the system and cause damage. Security awareness is an often overlooked security concern.

Image Credit : http://core0.staticworld.net/

 

comments powered by Disqus