According to a recent study by InfoWorld there are twelve cloud security threats that demand the highest priority for CISOs. They include: Data breaches, compromised credentials and broken authentication, hacked interfaces and APIs, exploited system vulnerabilities, account hijacking, human factors and malicious insiders, Advanced Persistent Threats, permanent data loss, lack of due diligence, cloud service abuses, DoS attacks and shared technologies-shared dangers. The extensive use of virtualization in implementing cloud infrastructure brings unique security concerns for customers or tenants of a public cloud service.
When an organization elects to store data or host applications on the
public cloud, it loses its ability to have physical access to the
servers hosting its information. As a result, potentially sensitive data
is at risk from insider attacks. According to a recent Cloud Security Alliance Report, insider attacks are the third biggest threat in cloud computing.Therefore, Cloud Service providers must ensure that thorough background
checks are conducted for employees who have physical access to the
servers in the data center. Additionally, data centers must be
frequently monitored for suspicious activity. Virtualization alters the relationship between the OS and underlying
hardware - be it computing, storage or even networking. Which threats pose the greatest risks to your cloud software and infrastructure? Share your comments with the Cloud and Cyber Security Center: http://cloudandcybersecurity.blogspot.com/
No comments:
Post a Comment