DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Integrating PostgreSQL Databases with ANF: Join this workshop to learn how to create a PostgreSQL server using Instaclustr’s managed service

Mobile Database Essentials: Assess data needs, storage requirements, and more when leveraging databases for cloud and edge applications.

Monitoring and Observability for LLMs: Datadog and Google Cloud discuss how to achieve optimal AI model performance.

Automated Testing: The latest on architecture, TDD, and the benefits of AI and low-code tools.

Related

  • Cloud Computing Security Parameters on Various Cloud Platforms
  • Cloud as an Enabler for Sustainability
  • Why Blockchain-Based Cloud Computing Could Be the Future of IoT
  • What is MuleSoft and Anypoint Platform Capabilities and Strengths

Trending

  • Future Skills in Cybersecurity: Nurturing Talent for the Evolving Threatscape
  • A Complete Guide to Open-Source LLMs
  • Cloud Native Deployment of Flows in App Connect Enterprise
  • Traffic Management and Network Resiliency With Istio Service Mesh
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Cloud Computing Security Challenges and Considerations

Cloud Computing Security Challenges and Considerations

To know cloud is to love cloud, but enterprises should also be mindful of the security issues that cloud computing can potentially pose.

Swapnil Deshmukh user avatar by
Swapnil Deshmukh
·
Sep. 13, 18 · Presentation
Like (3)
Save
Tweet
Share
35.92K Views

Join the DZone community and get the full member experience.

Join For Free

Cloud computing in its many forms, has proven to be a powerful, effective set of technologies which can provide even the smallest enterprise with significant benefits.

However, cloud computing does not come without its own challenges, including those that are security related. Below you will find an overview of the key security challenges faced by cloud computing adopters.

Lack of Visibility and Control

Relating to both public and hybrid cloud environments, the loss of overall service visibility and the associated lack of control can be a problem.

Whether you’re dealing with public or hybrid cloud environments, a loss of visibility in the cloud can mean a loss of control over several aspects of IT management and data security. Where legacy style in-house infrastructure was entirely under the control of the company, cloud services delivered by third-party providers don’t offer the same level of granularity with regards to administration and management.

When it comes to visualizing potential security vulnerabilities, this lack of visibility can lead to a business failing to identify potential risks. In some sectors, such as media, cloud adoption is as low as 17%, which has been blamed on this lack of visibility and control.

Data Breaches and Downtime

Despite the fact that generally speaking, enterprise-grade cloud services are more secure than legacy architecture, there is still a potential cost in the form of data breaches and downtime. With public and private cloud offerings, resolving these types of problems is in the hands of the third-party provider. Consequently, the business has very little control over how long critical business systems may be offline, as well as how well the breach is managed.

In the 12th annual Cost of Data Breach Study, sponsored by IBM, it was found that the global cost of data breaches amounted to $3.62 million, so we can see how this particular issue is a major one with regard to cloud adoption.

Vendor Lock-In

For companies that come to rely heavily on public and hybrid cloud platforms, there is a danger that they become forced to continue with a specific third-party vendor simply to retain operational capacity. If critical business applications are locked into a single vendor, it can be very difficult to make tactical decisions such as moving to a new vendor. In effect, the vendor is being provided with the leverage it needs to force the customer into an unfavourable contract.

Logicworks recently performed a survey that found showed that some 78% of IT decision makers blame the fear of vendor lock-in as a primary reason for their organization failing to gain maximum value from cloud computing.

Compliance Complexity

In sectors such as healthcare and finance, where legislative requirements with regard to storage of private data are heavy, achieving full compliance whilst using public or private cloud offerings can be more complex.

Many enterprises attempt to gain compliance by using a cloud vendor that is deemed fully compliant. Indeed, data shows that some 51% of firms in the USA rely on nothing more than a statement of compliance from their cloud vendor as confirmation that all legislative requirements have been met.

But what happens when at a later stage, it is found that the vendor is not actually fully compliant? The client company could find itself facing non-compliance, with very little control over how the problem can be resolved.

A Lack of Transparency

When a business buys in third-party cloud services as either a public or hybrid cloud offering, it is likely they will not be provided with a full service description, detailing exactly how the platform works, and the security processes the vendor operates.

This lack of service transparency makes it hard for customers to intelligently evaluate whether their data is being stored and processed securely at all times. Surveys have shown that around 75% of IT managers are only marginally confident that company data is being stored securely by their cloud vendor.

Insecure Interfaces and APIs

Cloud vendors provide their customers with a range of Application Programming Interfaces (APIs), which the customer uses to manage the cloud service.

Unfortunately, not every API is entirely secure. They may have been deemed to be initially, and then at a later stage be found to be insecure in some way. This problem is compounded when the client company has built its own application layer on top of these APIs. The security vulnerability will then exist in the customer’s own application. This could be an internal application, or even a public facing application potentially exposing private data.

Insufficient Due Diligence

For companies that lack the internal resources to fully evaluate the implications of cloud adoption, then the risk of deploying a platform that is ineffective and even insecure is real.

Responsibility for specific issues of data security needs to be fully defined before any deployment. Failing to do so could lead to a situation where there is no clearly defined way to deal with potential risks and solve current security vulnerabilities.

Shared Technology Vulnerabilities

Using public or hybrid cloud offerings can expose a business to security vulnerabilities caused by other users of the same cloud infrastructure.

The onus is upon the cloud vendor to see that this does not happen, yet no vendor is perfect. It is always possible that a security vulnerability caused by another user in the same cloud will affect every user.

Other Potential Threats

Alongside the potential security vulnerabilities relating directly to the cloud service, there are also a number of external threats which could cause an issue. Some of these are:

  • Man in the Middle attacks – where a third party manages to become a relay of data between a source and a destination. If this is achieved, the data being transmitted can be altered.
  • Distributed Denial of Service – a DDoS attack attempts to knock a resource offline by flooding it with too much traffic.
  • Account or Service Traffic Hijacking – a successful attack of this kind could provide an intruder with passwords or other access keys which allow them access to secure data.

There can be no doubt that cloud computing is a valuable technology for many businesses. However, as can be seen from this short article, simply buying in cloud services is not a sure-fire way to eliminate data security problems. The business still needs to take responsibility for monitoring its own data security footprint and have processes in place to deal with any vulnerabilities which are discovered. Furthermore, considerations such as vendor lock-in, service transparency, and visibility need to be fully evaluated before making a commitment to a specific cloud vendor.

Cloud computing Data security Computing application Vulnerability

Opinions expressed by DZone contributors are their own.

Related

  • Cloud Computing Security Parameters on Various Cloud Platforms
  • Cloud as an Enabler for Sustainability
  • Why Blockchain-Based Cloud Computing Could Be the Future of IoT
  • What is MuleSoft and Anypoint Platform Capabilities and Strengths

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: