Cloud Computing Security Threats

In today's circumstance, risk is the effect of uncertainties on objectives. Hackers are continuously exploring new Tools, Techniques and Measures to attack and gain control of sensitive data for their malicious purpose. Hence it is imperative for organizations to keep themselves and their people, aware of the risks and how to mitigate them.

While there are many articles relating to the topic: current topic on cloud technology, the author finds the article titled "The 12 Top Treacherous Cloud Computing Threats". The author sees this article interesting due to its enumeration of the significant challenges in cloud technology today.  The piece talks about twelve main threats witnessed in the field of cloud technology in the year 2016. The article identifies these twelve threats as: shared technology issues, denial of service, nefarious use or abuse of cloud services, insufficient due diligence, data loss, advanced persistent threats (APTs), malicious insiders, account hijacking, application and system vulnerability, insecure interfaces and APIs, credential and access management, weak identity and data threats. For this paper, two of the risks identified (shared technology and the insider threat) are discussed.

            Cloud service suppliers convey their administrations scalable by sharing applications, stages or foundation. Cloud innovation separates the "as a Service" offering without generously changing the off-the-rack equipment/programming—at times to the detriment of security. Fundamental segments such as GPU and CPU stores that involve the framework supporting cloud administrations sending might not have been intended to offer solid detachment properties for a multicustomer application (SaaS), re-deployable platform (PaaS) or multitenant architecture (IaaS). This can prompt the vulnerability of shared innovation that can conceivably be misused in all conveyance models. A resistance in-depth technique is prescribed and should incorporate register, storage, client, application system requirement, monitoring whether the administration model is SaaS, PaaS, or IaaS. The essence is that a single misconfiguration or helplessness can cause a tradeoff over the entire supplier's cloud (Information Management 2016).

            Another challenge identified in the article is the insider threat. Insider threat is the problem caused by individuals within the organization who leak information. Whether this results from negligence or malice, the results can be the same, and cause big problems for a business. For example, organizations can ensure that any emails containing sensitive information such as credit card numbers are automatically encrypted. A tiered authorization approach that ensures users only have the access they need for their work is also essential (Information Management 2016).

A trade-off of a principal shared innovation bit such as an application in a SaaS environment, a common stage segment, or the hypervisor (for example) uncovered more than merely the traded off client; or it uncovered the entire environment to a capacity of bargain or breach. This powerlessness is unsafe since it can affect the whole cloud on the double. Preventing breach in shared assets requires actualization. For example, multi-element verification on all hosts, Host-based Interruption Detection System (HIDS) and Network-based Intrusion Detection Systems (NIDS on inward systems, applying ideas of systems administration minimum benefit and division, and keeping shared assets fixed (Information Management 2016).

To sum up, the use of cloud services is associated with many threats. Sharing of resources remains a threat to everyone not putting security practices into place.  Smarter hardware and software are both needed to help prevent leakage and even future issues.  Therefore, the user have the responsibility to use software to help protect themselves.

References

Information Management.  (March 28, 2016).  "The 12 Top Treacherous Cloud Computing Threats."  Cloudsecurityalliance.org. Retrieved on July 22, 2018 from https://www.information-management.com/slideshow/the-12-top-treacherous-cloud-computing-threats