Cloud Security Alliance Highlights Top Threats To Cloud Computing
Kevin Tea, 09/03/2010, posted in "Analysis"
Kevin Tea is a journalist and marketing communications professional who has worked for some of the leading blue chip companies in the UK and Europe. In the 1990s he became ...more info
Kevin Tea is a journalist and marketing communications professional who has worked for some of the leading blue chip companies in the UK and Europe. In the 1990s he became interested in how emerging Internet-based technologies could change the way that people worked and became an administrator on the Telework Europa Forum on CompuServe. With other colleagues he took part in a four year European Commission sponsored project to look at the way that the Internet could benefit remote communities. His blog is a resource for SMEs who want to use cloud computing and Web 2.0 technologies. ...less info
A new report commissioned by Hewlett Packard on behalf of the Cloud Security Alliance has revealed – or highlighted – the major challenges facing the adoption of cloud computing technologies. The peer-reviewed research paper, entitled “Top Threats to Cloud Computing Report,” is the result of a broad examination of information security experts across 29 enterprises, solution providers, and consulting firms exposed to some of the world’s most demanding and complex cloud environments.
HP sponsored the research as a member of the Cloud Security Alliance to educate companies about potential cloud service threats so they can enact best practices.
“Cloud services are clearly the next generation of information technology that enterprises must master. We have a shared responsibility to understand the security threats that accompany the cloud and apply the necessary best practices to mitigate them,” said Jim Reavis, founder of the Cloud Security Alliance. “The objective of this report was to not only identify those threats which are most germane to IT organizations but also help organizations understand how to proactively protect themselves. This is the first deliverable in our cloud threat research initiative, which will feature regular updates to reflect participation from a greater number of experts and to keep pace with the dynamic nature of new threats.”
The seven areas of concern are:
- Abuse and Nefarious Use of Cloud Computing
- Insecure Application Programming Interfaces
- Malicious Insiders
- Shared Technology Vulnerabilities
- Data Loss/Leakage
- Account, Service & Traffic Hijacking
- Unknown Risk Profile
The report summary states: “Cloud Computing represents one of the most significant shifts in information technology many of us are likely to see in our lifetimes. Reaching the point where computing functions as a utility has great potential, promising innovations we cannot yet imagine. Customers are both excited and nervous at the prospects of Cloud Computing. They are excited by the opportunities to reduce capital costs.
They are excited for a chance to divest themselves of infrastructure management, and focus on core competencies. Most of all, they are excited by the agility offered by the on-demand provisioning of computing and the ability to align information technology with business strategies and needs more readily. However, customers are also very concerned about the risks of Cloud Computing if not properly secured, and the loss of direct control over systems for which they are nonetheless accountable.”
The full report can be read here.
Subscribe via RSS or via email
