-

 Threats to Cloud Security.

 

Cloud computing is on the rise and becoming popular in the public and business enterprises sector. Many CSPs (Cloud Service Providers) like, Microsoft Azure, AWS (Amazon Web Service), and GCP (Google Cloud Platform) are offering their clients and users the opportunity to migrate the operations to the cloud by subscribing services () that fits their operation needs. There are many activities involved with migrating to the cloud that are important for the public and business enterprises to understand before making such leap (migrate). Speaking of migrating, the term security is one of the most critical aspects that concerns cybersecurity team members, and all proper measures must be taken seriously. The uprising of cyber threats to cloud computing increases by the day just as cloud computing becomes more and more popular. The following are lists of threats to cloud security:

1.      Data Breach - regardless of whether data is accessible through the Internet or private network (on-perm or cloud), they are subject to security risk. Data stored in the cloud has some unique vulnerabilities, however, including risks due to shared hardware resources and vulnerabilities to CSP personnel or third-party providers (West, 2023, p. 217). As much as some customers would like to protect their data in the cloud, unfortunately, they do not have any physical security control over the physical configuration of the “infrastructure supporting their cloud-hosted data.” However, depending on the CSP, customers will be provided virtual security control.

2.      DoS and DDoS – (Denial of Service and Distributed Denial of Service) are methods attackers implement when they want to bring down a network by delaying its operations. Both methods can deny user access to legitimate websites (network server) if properly implemented. For example, an attacker can take down a website simply by deploying DDoS to flood the website with unnecessary traffic.

3.      Poor Account Management – poor account management will eventually lead to accounts being compromised by attackers.  For example, humans have the attitude of using weak passwords because human memory is not capable of memorizing complex characters (mixture of signs, numbers, and letters).

Other threats to cloud security that are not discussed in this blog but are just as important as the three being discussed are: Insider Threat, CSP Change or Outages, Data loss with no backup, Insecure Interface, Advanced Persistent Threat and many more.

 

 

Reference:

West, Jill. CompTIA Cloud+ Guide to Cloud Computing (p. 217). Kindle Edition. Retrieved: October 23, 2023.

Comments

Post a Comment

Popular posts from this blog

-
Image
 Hybrid Cloud and Multi-Cloud Networking Objectives: Hybrid Cloud and Multi-Cloud Networking, The Different Between Virtual Private Network and Direct Connect. 1.       Hybrid Cloud and Multi-Cloud Networking The purpose for this blog article is to discuss some helpful tips regarding hybrid cloud and multi-cloud networking, and the differences between VPN (Virtual Private Network) and Direct Connect – the important role both methods play in connecting network. A hybrid cloud is a network infrastructure that exists in two different places – on-prem and in the cloud. Like hybrid clouds is multi-cloud which is a network infrastructure that’s dedicated to two or many different platforms like, AWS (Amazon Web Service), GCP (Google Cloud Platform), or Microsoft Azure and Salesforce. With all these different platforms, one could wonder about the notable complexity in making these different network services and tools to communicate to and assist each other. The question then is, so why wil
Week One: Safety and Professionalism
-
BSIT 400 - Cloud Computing and Governance.  Migration to the Cloud Technology has transformed and revolutionized our ways of achieving and accomplishing dreams and goals since its existence. The introduction of cloud computing has taken it even further. The purpose for this week three blog topic is center around “Migration to the Cloud.” There are a variety of contents and activities involved with cloud migration, and it’s imperative for one to fully understand all these contents and activities involved for a smooth transition. Some of these contents are but not limited to, Migration Planning, Migration Execution, Deployment Testing and Validation, Cloud Agility, and Planning for Problem. This week three blog is going to focuses on the following contents and activities: 1.       Migration Planning a.        Cloud Migration Phases – this activity involved completing the most important phases contents which are Planning, migrating, validating, and managing. These migration phases
Week One: Safety and Professionalism