12 security risks of cloud computing (Part 1)
1. Data leakage
Cloud environments and traditional corporate networks share the same risks, but the excessive treasure of data on cloud server make providers attract more attention than ever. Of course, the level of risk depends on sensitivity level of data. The most attractive information can be personal finance, health, trade secrets, intellectual property…
If leaked, the information will be devastating. When the incident happens, enterprises will have to face many allegations and other legal troubles. The amount spent in leaked data investigation and compensation can make them empty-handed. Not only that, brand damage, partnership loss can also affect their business for many years afterwards.
Providers of cloud computing definitely have their own methods to ensure the safety of customers’ data, but remember, businesses are primarily responsible in protecting themselves on cloud.
2. Password loss
Data leakage and attacks generally aim to obtain login information such as passwords, authentication key or other authentications. Companies often have troubles managing user identifier to identify the right persons to access the data on cloud. More importantly, they often forget to remove access permission after users finish their job or projects.
The multifactor authentication systems (MFA) like one-time password, telephone authentication and smartcard can protect cloud services because they make it very difficult to obtain data even with passwords.
Also, developers need to avoid mistakes like embedding data and encryption keys into source code, and then push the source code up to popular source repository. These keys should be appropriately secured, including public key.
Enterprises need to have plan in conjunction with service providers to understand the security measures that providers use to defend their platform. Centralized authentication in a solution has its own risks. Enterprises should weigh the convenience and the risk that if this solution become the target of attackers.
3. Attacked interfaces and APIs
In fact, almost every cloud service or application has its own API (application program interface). IT team use interfaces and APIs to manage and interact with cloud services, including functions such as management, synchronization and monitoring data on cloud.
Security and data availability of cloud services, from authentication, access control and encryption to operation monitoring… all depend on API security. The security risk will be higher if there is a third party involved, and is difficult for companies to refuse to allow partners collaborating cloud. Consequently, poor security of API and interface will lead disclosing gaps related to consistency, availability, security and reliability of data.
APIs and interfaces tend to be the most “exposed” components in a system, because they are usually public on the Internet. Companies should take measures to manage, and see it as the first step of defense. Also, focus on evaluating and testing your own system regularly to detect vulnerabilities.
4. Discovered system vulnerabilities
System vulnerabilities, bugs in the program are not something new, but they will become a much greater problem if the business is heading up the clouds. Enterprises share memories, databases and other resources together almost seamlessly with cloud computing, creating more and more vulnerabilities.
Fortunately, these vulnerabilities are put in "basic" problems by experts. For a long time, the best way to handle system vulnerabilities is scanning, update patches and monitor security bulletins.
Besides, the cost of patching security vulnerabilities for an enterprise is not high compared to other costs. This amount for IT department in business is nothing compared to compensation for data loss. Vulnerabilities need to be patched as quickly as possible, as soon as they are discovered, like an automated process.
5. Account phishing
Phishing, spoofing and attacking tools have achieved certain success, and cloud services add an object to be "processed" because attackers can "eavesdrop" network activities, intervene in the transaction, and edit data. Attackers may also use other cloud applications to attack.
Ordinary protecting tactics can still have gaps. Enterprises should not use shared account (an account with multiple users) between services, as well as share multi-factor authentication. Account, even when it’s some certain service account, should be monitored carefully, so that all transactions can be tracked, recorded. This is an important factor to protect accounts and data from being stolen.
6. Malicious insiders
Threats from within can be many things: former employees, system administrators, business partners and collaborators... Their purposes are also different, simply to retrieve data, or severely to undermine. In the context of cloud computing, this risk is so much more dangerous because the insiders can destroy the entire system or change all data. The risk is greatest for systems depending on a single service provider only for security, such as encryption.
Enterprises should manage their process and encryption keys, divide parts and minimize the possibility of data access for employees. Always make sure there are features of logging, monitoring, and testing administrators.
By: Daniel Carpenter