1.877.388.HOST(4678)

Top 5 Threats to Cloud Computing Security

According to the Cloud Security Alliance's (CSA) most recent report, the top five (5) threats to cloud computing security among the nine cited in the report include: Data Breaches, Data Loss, Account or Service Traffic Hijacking, Insecure Interfaces and APIs, and Denial of Service.


According to the Cloud Security Alliance's (CSA) most recent report, the top five (5) threats to cloud computing security among the nine cited in the report include:

1. Data Breaches
2. Data Loss
3. Account or Service Traffic Hijacking
4. Insecure Interfaces and APIs
5. Denial of Service

These threats come as a result of the growing popularity and demand for as-a-Service (aaS) products / services compared to server-based business technologies (of years past). While this shift has many benefits, such as increased efficiency and reduced cost for organizations, these advances have also created new security vulnerabilities which organization must properly plan and be prepared for..

1. Data Breaches

To begin, the top cloud computing security concern is data breaches (which jumped in ranking from the 2010 report). If a multi-tenant cloud service database is not properly designed, a flaw in one client's application could allow an attacker access to not only that client's data, but potentially every other tenant user's data as well. The key challenges remain in mitigating both data leakage and data breach, as security efforts for any one of these often expose the other.

2. Data Loss

The second threat to cloud computing security is data loss. Permanently loosing data hosted on a cloud can result from several reasons; malicious hackers, accidental deletion by the cloud service provider, or a natural disaster could all result in permanent data loss unless adequate measures are taken to backup data, from both the provider and client's initiatives.

3. Account or Service Traffic Hijacking

Account or service traffic hijacking includes attack methods such as phishing, fraud, and exploitation of software vulnerabilities. Most often, this is a result of stolen credentials, which can allow unauthorized users access to critical areas of cloud computing services. With the threat of compromised confidentiality, integrity, and availability of their cloud computing services, companies must be defended with protection strategies to prevent and contain stolen credentials and maintain top cloud computing security.

4. Insecure Interfaces and APIs

Cloud computing providers expose a set of software interfaces or APIs that customers then use to manage and interact with their cloud services. Therefore, the security of the system's APIs and its add-ons determines the security and availability of the cloud services. Weak interfaces and APIs expose organizations to a variety of cloud computing security breaches that can compromise confidentiality, integrity, availability and accountability.

5. Denial of Service (DDoS)

The fifth most reported cloud computing security threat is denial-of-service attacks. These attacks prevent users of a cloud service from accessing their data or their own applications. These attacks force the cloud service to utilize so much of the system's recourses that it becomes slow, bogged down, and inoperable. This can cause decreased productivity, frustration, and increased costs.

Standards and Guidelines

While this wraps up the top five threats to cloud computing, the entire list of cloud computing security threats is included in the full CSA report. The CSA is also active in establishing industry-wide best practices and standards for effective cloud computing security. Prudent hosting companies are aware of these guidelines and incorporate the guidance and recommendations into their cloud strategies. In addition, it is important to share privacy threat concerns and responsibilities with the client organizations of which are utilizing cloud-based platforms. Everyone is responsible for being aware of and preventing these top five threats to cloud computing. At Host.net we have multiple layers of security protocols in place (both physical and digital) as well as fail-safe mechanisms as protecting our client's data to ensure their peace of mind if job 1.


Comments (0)


Add a Comment





Allowed tags: <b><i><br>Add a new comment: