What are the Major Security Risks of Cloud Computing?

What are the Major Security Risks of Cloud Computing?

You are here:
← All Topics

We'll start this with a story...

One of our first customers in 2007 was a real estate agency in Vendée, France. This agency was already using digital signage hosted on the cloud to present the properties available for lease and sale, on 6 different screens in its shop window.

However, the company that provided the cloud based display service closed down, and the real estate agency was left in the lurch. They ended up with 6 screens that no longer worked. Our first software, "Vitrine Multimedia" (from the creators of Easy Multi Display) was born from seeing this customers need...

Here are some of the reasons that Cloud based solutions are not always the best way to go.

  • The existence of security breaches both on one of the logical layers of the Data Center and those resulting from human errors;
  • Fragility in access and identity management, although some providers reinforce authentication interfaces with other means such as certificates, smart cards, OTP technology and many others;
  • The use of insecure APIs for integrating applications with cloud services;
  • Exploitation of operating system vulnerabilities on cloud servers and even on hosted applications;
  • Account hacking, which is an old type of computer attack, has come with a strong upsurge since the advent of the Internet and even that of cloud computing;
  • A malicious action initiated internally in the workforce of the supplier. An attacker in the Datacenter management team can easily compromise the confidentiality and integrity of hosted environments;
  • Advanced persistent threats which consist of a form of attack where the hacker succeeds in some way in installing a device in the internal network of the organization, from from which it can extract important or confidential data. It is a form of attack that is difficult to detect for a cloud service provider;
  • Data loss that can be caused by a (logical) computer attack on the Data center, a physical attack (fire or bombardment), a natural disaster, or even simply a human factor at the service provider, for example in the event of bankruptcy of the society;
  • Deficiencies in internal adoption or cloud transition strategies. Companies or organizations do not often take into account all the security factors related to their operation before subscribing to a cloud service. Certain negligence, both in terms of application development and in terms of basic use, is sometimes fatal;
  • Fraudulent use of cloud technologies to hide identity and carry out large-scale attacks. Generally, these are accounts created during evaluation periods (most ISPs offer 30 days of free trial) or accesses purchased fraudulently;
  • Denial of service (DoS) which is an attack which consists in making a service unavailable by an excessive consumption of resources such as processors, memory or the network. The idea for the hacker is to succeed in overloading the resources of the Data center in order to prevent other users from taking advantage of the services;
  • The flaws linked to the heterogeneity of the technologies embedded in the internal architecture of the cloud, and the external architecture of interfacing with users.

According to several audit experts, the risks and losses associated with cloud based solutions are constantly increasing and 8 times out of 10, the hacked company does not know it. Yet, many CIO's are struggling to get new budgets to prevent this increased risk. Some, short of arguments in front of their management, come to wish serious incidents so that the top-management becomes aware of the need to invest a little more in security.

CSI 40 CIO who estimated that the total number of "pirate" SaaS applications in his company was close to 100, learned from an audit that there were actually 2,500...

Unlike the competition, our applications do not use the cloud for all these reasons!

What are the Major Security Risks of Cloud Computing?
Scroll to top