ISSUES RELATED TO CLOUD SECURITY
BY – VATSAL LAKDAWALA
Cloud computing is the on-demand availability of computer system resources, especially data storage and computing power, without direct management by the user. The term is generally used to describe data centers available to many users over the Internet. Large clouds, today, often have functions distributed over multiple locations from central servers. If the connection to the user is relatively close, it may be designated an edge server.
In the cloud, data is stored with a third-party provider and accessed over the internet. This means visibility and control over that data is limited. It also raises the question of how it can be properly secured. It is imperative everyone understands their respective role and the security issues inherent in cloud computing. The cloud computing customer is always responsible for protecting their data from security threats and controlling access to it.
CLOUD APPLICATION SECURITY ISSUES EXPERIENCED WITH SOFTWARE AS A SERVICE
1.Lack of visibility into what data is within cloud applications.
2.Theft of data from a cloud application by malicious person.
3.Incomplete control over who can access sensitive data.
4.Inability to monitor data in transit to and from cloud applications.
5.Cloud applications being provisioned outside of IT visibility .
6.Lack of staff with the skills to manage security for cloud applications.
7.Inability to prevent malicious insider theft or misuse of data
8.Advanced threats and attacks against the cloud application provider.
9.Inability to assess the security of the cloud application provider’s operations.
Issues experienced with SaaS cloud application security are naturally centered around data and access because most shared security responsibility models leave those two as the sole responsibility for SaaS customers. It is every organization’s responsibility to understand what data they put in the cloud, who can access it, and what level of protection they have applied.
SECURITY ISSUES EXPERIENCED WITH INFRASTRUCTURE AS A SERVICE
1.Cloud workloads and accounts being created outside of IT visibility.
2.Incomplete control over who can access sensitive data.
3.Theft of data hosted in cloud infrastructure by malicious actor.
4.Lack of staff with the skills to secure cloud infrastructure.
5.Lack of visibility into what data is in the cloud.
6.Inability to prevent malicious insider theft or misuse of data.
7.Lack of consistent security controls over multi-cloud and on-premises environments.
8.Advanced threats and attacks against cloud infrastructure.
9.Inability to monitor cloud workload systems and applications for vulnerabilities.
10.Lateral spread of an attack from one cloud workload to another.
When building infrastructure in the cloud, it is important to assess your ability to prevent theft and control access. Determining who can enter data into the cloud, tracking resource modifications to identify abnormal behaviors, securing and hardening tools .
SECURITY ISSUES EXPERIENCES WITH PRIVATE CLOUD
1.Lack of security controls spanning over traditional server and virtualized private cloud infrastructures .
2.Increasing complexity of infrastructure resulting in more time/effort for implementation and maintenance.
3.Lack of staff with skills to manage security for a software-defined data center .
4.Incomplete visibility over security for a software-defined data center .
5.Advanced threats and attacks .
An important factor in the decision-making process to allocate resources to a public vs. private cloud is the fine-tuned control available in private cloud environments. In private clouds, additional levels of control and supplemental protection can compensate for other limitations of private cloud deployments and may contribute to a practical transition from monolithic server-based data centers.
CONCLUSION
Cloud computing poses privacy concerns because the service provider can access the data that is in the cloud at any time. It could accidentally or deliberately alter or delete information. Many cloud providers can share information with third parties if necessary for purposes of law and order without a warrant. That is permitted in their privacy policies, which users must agree to before they start using cloud services. Solutions to privacy include policy and legislation as well as end-users’ choices for how data is stored.Users can encrypt data that is processed or stored within the cloud to prevent unauthorized access.