The saying “Every cloud has its silver lining” is true, but I wonder if the cloud with which most of us work in the IT industry actually has a silver-lining. We will be discussing cloud threats and solutions in this post.
Many organizations consider moving their most important data to the cloud, just like parents think about digital independence for their kids. Based on the following points, many organizations will find the cloud environment a boon.
It gives its employees additional flexibility by allowing them to work from anywhere, giving them more freedom
This allows for more efficient processes
The cloud also reduces infrastructure costs significantly
A record number of companies have moved their data to the cloud, largely because flexibility and cost are more important than customers and employers. This is basically giving up control of your data to another security professional.
We have now seen the reasons why corporations use the cloud. Let’s now discuss cloud security threats.
Cloud security threats
According to Cloud security alliance’s report, these are the top five cloud security risks.
Hostage of accounts or services
Denial of Service Attacks (The Notorious Nine-Top Threats to Cloud Computing in 2013)
These threats are discussed in greater detail now.
Data breach: “Data” – This four letter word is full of magic today! This data is being extracted, manipulated, and studied with a lot more scrutiny. This data can cause more misery for CEOs and CIOs. Wikipedia defines a data breach as “a security incident in the event that sensitive, confidential or protected data is copied, transmitted or viewed by an individual who is not authorized to do so”. Cloud data breaches include, among others, the episode from Dropbox in 2012 and the episode from Twitter in 2009.
Data loss: This is the permanent loss or corruption of data that can cripple organizations and bring them to a halt. This can happen because you may reuse passwords for multiple websites. Data loss can also be caused by natural disasters, not just attacks.
Account or service hijacking: This happens again when the same password is used for multiple websites. Once an attacker has access to your cloud account, he/she can manipulate your data and redirect your traffic to other malicious sites.
Malicious insiders: Once an organization has given control over its private data to the CSP, or the ‘cloud provider’, there is always the possibility of malicious insiders altering the data.
Denial of Service Attacks : These attacks prevent legitimate users accessing cloud services, thereby frustrating them and causing additional financial and mental hardships.
We have already discussed cloud security. In a subsequent post, we will discuss countermeasures to combat cloud threats.
The Notorious Nine – Cloud Computing Top Risks in 2013. (n.d.). Retrieved from cloudsecurityalliance.com: