SlideShare ist ein Scribd-Unternehmen logo

The Top Cloud Security Issues

Als PPTX, PDF herunterladen
HTS Hosting
HTS Hosting

There are many threats to cloud security. The main treats arise from account hijacking, data breaches, inadequate cloud security architecture and strategy, insecure interfaces and APIs, insider threats, limited visibility with regard to cloud usage etc.

Technologie
1 von 20
The Top Cloud Security Issues
Table of Contents 2 Cloud Technology Types of Cloud Services Advantages of Cloud Technology The Best Practices for Cloud Security The Main Cloud Security Threats Data Breaches Account Hijacking Lack of Cloud Security Architecture and Strategy Insider Threats Misconfiguration and Inadequate Change Control Insecure Interfaces and APIs (Application Programming Interface) Weak Control Plane Limited Visibility regarding Cloud Usage Criminal Use of Cloud Services Metastructure Failures Inadequate Credential, Identity, Access, and Key Management
 Cloud technology involves on-demand IT resources’ delivery over the Internet. These resources have to do with data storage, servers, databases, networking, and software. Cloud computing enables one to access technology services (computing power, databases and storage) as per one’s need from a cloud service provider instead of owning, buying and maintaining data centers and servers. It usually involves pay-as-you-go pricing.  A remote cloud computing server that is hosted in a data center and is managed by a third party is used to provide cloud services. Cloud services are scalable and in it the users make use of the Internet to access computing services. With the aid of cloud technology any device with an active Internet connection can be used to access files from any location.  One example of cloud servers’ usage is in cloud hosting, which is a type of web hosting. Web hosting is the service that enables websites to be accessible over the Internet. The most reliable web hosting companies are usually known as the “Best Windows Hosting Company”, the “Best Web Hosting Company”, the “Top Cloud Hosting Company” etc. 3 CloudTechnology
There are different types of cloud service models, which are mentioned below.  Infrastructure as a Service (IaaS)  Platform as a Service (PaaS)  Software as a Service (SaaS)  Function as a Service (FaaS) 4 Types of Cloud Services
The main benefits of cloud technology are as follows-  Mobility  Cost savings  Scalability  Security  Enhanced quality control  Flexibility regarding work practices  Better collaboration 5 Advantages of CloudTechnology  Disaster recovery  Data loss prevention  Competitive edge  Sustainability  Automatic software updates
6 1-800-123 -8156 Whoa!That’s a big number, aren’t you proud?
The best practices that need to be followed in order to take care of cloud security are mentioned below, in no particular order.  Regular monitoring of cloud environment for security threats  Performing routine penetration tests  Adequate management of access control  Following cloud data deletion policies  Clarity about the shared responsibilities of the cloud vendor and that of the user  Data encryption in the cloud 7 The Best Practices for Cloud Security
 The main threats to the security of the cloud are caused by data breaches, account hijacking, a lack of cloud security architecture and strategy, insider threats, misconfiguration and inadequate change control, insecure interfaces and APIs (Application Programming Interface), weak control plane, limited visibility with regard to cloud usage, criminal use of cloud services, metastructure failures and inadequate credential, identity, access and key management.  Each of these will be discussed briefly in the following slides. 8 The Main Cloud SecurityThreats
 Data breaches are a threat to cloud security as these can cause financial and reputational damage, loss of intellectual property (IP) and often legal liabilities. 9 Data Breaches
 As a threat to cloud security, account hijacking enables an attacker to gain access to privileged accounts. When an attacker enters a system using a legitimate account, he is able to cause a lot of damage which can include data theft, deletion of important data, disruption of service delivery along with carrying out financial fraud etc. 10 Account Hijacking
 A lack of cloud security architecture and strategy is another major threat to cloud security. This occurs when a user is in a hurry to minimize the time that is needed to migrate data and systems to the cloud. Hence, the user becomes operational in the cloud, using strategies and security infrastructure that are not adequate or haven’t been designed for the cloud. 11 Lack of Cloud Security Architecture and Strategy
 An insider threat can be caused by a business’ former or current employees, contractors etc. Such threats can arise from anyone who has access to a business’ systems. Any damage caused by an insider threat can be either intentional or unintentional. When unintentional, an insider threat results from the negligence of employees and/or contractors and includes storage of sensitive data on a personal device, misconfigured cloud servers etc. 12 InsiderThreats
 Inefficient change control practices cause most of the misconfiguration errors. This threat can not only result in the loss of data for cloud users but also resources’ deletion or modification. 13 Misconfiguration and Inadequate Change Control
 Insecure interfaces and APIs (Application Programming Interfaces) present another threat to cloud security. API vulnerabilities enable attackers to steal user credentials. Since APIs and user interfaces are usually the most exposed parts of a system, their security needs to be a top priority. 14 Insecure Interfaces and APIs (Application Programming Interface)
 A weak control plane results from not having full control over the logic of the data infrastructure, verification and security. A failure to understand the security configuration and the architectural weaknesses can result in data leakage, data corruption, unavailability of data etc. 15 Weak Control Plane
 Limited visibility with regard to cloud usage can be caused by any unsanctioned app’s use or by the misuse of any sanctioned app. It is yet another cloud security threat. 16 LimitedVisibility regarding Cloud Usage
 Legitimate cloud services are often used by attackers in order to carry out their malicious activities. A cloud service might be used by attackers for hosting disguised malware on websites, distribution of phishing emails, launching DDoS attacks, executing automated click fraud, carrying out brute-force attacks etc. 17 Criminal Use of Cloud Services
 The metastructure of a cloud service provider contains security information which is disclosed through API calls. A metastructure can give attackers data access as well as enables them to disrupt cloud customers. Such a vulnerability is usually caused by poor API implementation. 18 Metastructure Failures
 Cloud security threats can arise from inadequate access and key management along with inadequate control with regard to data, systems, server rooms etc. Businesses need to change their practices with regard to identity and access management in order to enhance their cloud security. 19 Inadequate Credential, Identity,Access and Key Management
20 Thanks! ANY QUESTIONS? www.htshosting.org

Empfohlen

Cloud Security - Kloudlearn
Cloud Security - KloudlearnCloud Security - Kloudlearn
Cloud Security - KloudlearnKloudLearn
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 

Empfohlen

Cloud Security - Kloudlearn
Cloud Security - KloudlearnCloud Security - Kloudlearn
Cloud Security - KloudlearnKloudLearn
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefingtechnext1
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cloud Security Introduction
Cloud Security IntroductionCloud Security Introduction
Cloud Security IntroductionGLC Networks
 
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETCLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKET
CLOUD SECURITY IN INSURANCE INDUSTRY WITH RESPECT TO INDIAN MARKETAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
Cyber Security and Cloud Computing
Cyber Security and Cloud ComputingCyber Security and Cloud Computing
Cyber Security and Cloud ComputingKeet Sugathadasa
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloadsRuncy Oommen
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience Integral university, India
 
Cloud security
Cloud securityCloud security
Cloud securityBikashPokharel3
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing Reza Pahlava
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security DemystifiedMichael Torres
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESHappiest Minds Technologies
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalBryan Len
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Thilak Pathirage -Senior IT Gov and Risk Consultant
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 
Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingMervat Bamiah
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudcloudresearcher
 

Weitere ähnliche Inhalte

Was ist angesagt?

Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloadsRuncy Oommen
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing Reza Pahlava
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security DemystifiedMichael Torres
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalBryan Len
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewAllessandra Negri
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityHappiest Minds Technologies
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-UsabilityLarry Wilson
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseMoshe Ferber
 

Was ist angesagt? (20)

Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloads
 
cloud Resilience
cloud Resilience cloud Resilience
cloud Resilience
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
Security on Cloud Computing
Security on Cloud Computing Security on Cloud Computing
Security on Cloud Computing
 
Cloud Security Demystified
Cloud Security DemystifiedCloud Security Demystified
Cloud Security Demystified
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Cloud security training, certified cloud security professional
Cloud security training, certified cloud security professionalCloud security training, certified cloud security professional
Cloud security training, certified cloud security professional
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12Risk based it auditing for non it auditors (basics of it auditing) final 12
Risk based it auditing for non it auditors (basics of it auditing) final 12
 
User Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network SecurityUser Behavior based Anomaly Detection for Cyber Network Security
User Behavior based Anomaly Detection for Cyber Network Security
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
 
Best-Practices-Web-Usability
Best-Practices-Web-UsabilityBest-Practices-Web-Usability
Best-Practices-Web-Usability
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San JoseThe Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
The Notorious 9 Cloud Computing Threats - CSA Congress, San Jose
 

Ähnlich wie The Top Cloud Security Issues

Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingMervat Bamiah
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudcloudresearcher
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfTechugo
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfTechugo
 
IRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future DirectionsIRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future DirectionsIRJET Journal
 
Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...iosrjce
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDSweta Kumari Barnwal
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET Journal
 
9 Things You Need to Know Before Moving to the Cloud
9 Things You Need to Know Before Moving to the Cloud9 Things You Need to Know Before Moving to the Cloud
9 Things You Need to Know Before Moving to the Cloudkairostech
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfDataSpace Academy
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challengesbornresearcher
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertChapter247 Infotech
 
The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration Protected Harbor
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfsarah david
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekEr. rahul abhishek
 

Ähnlich wie The Top Cloud Security Issues (20)

Seven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud ComputingSeven Deadly Threats and Vulnerabilities in Cloud Computing
Seven Deadly Threats and Vulnerabilities in Cloud Computing
 
Seven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloudSeven deadly threats and vulnerabilities in cloud
Seven deadly threats and vulnerabilities in cloud
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
 
A017130104
A017130104A017130104
A017130104
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud Computing
 
Cloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdfCloud Application Security Best Practices To follow.pdf
Cloud Application Security Best Practices To follow.pdf
 
IRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future DirectionsIRJET- A Survey on Cloud Data Security Methods and Future Directions
IRJET- A Survey on Cloud Data Security Methods and Future Directions
 
N017259396
N017259396N017259396
N017259396
 
Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...Internal & External Attacks in cloud computing Environment from confidentiali...
Internal & External Attacks in cloud computing Environment from confidentiali...
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
UNIT -V.docx
UNIT -V.docxUNIT -V.docx
UNIT -V.docx
 
Module 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUDModule 5-cloud computing-SECURITY IN THE CLOUD
Module 5-cloud computing-SECURITY IN THE CLOUD
 
IRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security MechanismIRJET- Security Concern: Analysis of Cloud Security Mechanism
IRJET- Security Concern: Analysis of Cloud Security Mechanism
 
9 Things You Need to Know Before Moving to the Cloud
9 Things You Need to Know Before Moving to the Cloud9 Things You Need to Know Before Moving to the Cloud
9 Things You Need to Know Before Moving to the Cloud
 
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdfCloud Security - Types, Common Threats & Tips To Mitigate.pdf
Cloud Security - Types, Common Threats & Tips To Mitigate.pdf
 
Cloud implementation security challenges
Cloud implementation security challengesCloud implementation security challenges
Cloud implementation security challenges
 
The ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expertThe ultimate guide to cloud computing security-Hire cloud expert
The ultimate guide to cloud computing security-Hire cloud expert
 
The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration The Top 5 Risks of Cloud Migration
The Top 5 Risks of Cloud Migration
 
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdfthe_role_of_resilience_data_in_ensuring_cloud_security.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pdf
 
Security Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishekSecurity Issues in Cloud Computing by rahul abhishek
Security Issues in Cloud Computing by rahul abhishek
 

Mehr von HTS Hosting

Web Hosting and WordPress Hosting
Web Hosting and WordPress HostingWeb Hosting and WordPress Hosting
Web Hosting and WordPress HostingHTS Hosting
 
Availing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingAvailing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingHTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated ServersHTS Hosting
 
Linux Dedicated Server Plans
Linux Dedicated Server PlansLinux Dedicated Server Plans
Linux Dedicated Server PlansHTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated ServersHTS Hosting
 
Common Web Hosting Solutions
Common Web Hosting SolutionsCommon Web Hosting Solutions
Common Web Hosting SolutionsHTS Hosting
 
Basic Web Host Manager Setup
Basic Web Host Manager SetupBasic Web Host Manager Setup
Basic Web Host Manager SetupHTS Hosting
 
Essential Features in Web Hosting Plans
Essential Features in Web Hosting PlansEssential Features in Web Hosting Plans
Essential Features in Web Hosting PlansHTS Hosting
 
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingDifference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingHTS Hosting
 
Web Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreWeb Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreHTS Hosting
 
Know about Hosting a Business Website
Know about Hosting a Business WebsiteKnow about Hosting a Business Website
Know about Hosting a Business WebsiteHTS Hosting
 
Web Hosting Terms
Web Hosting TermsWeb Hosting Terms
Web Hosting TermsHTS Hosting
 
Reseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersReseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersHTS Hosting
 
Reseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingReseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingHTS Hosting
 
Backup Tarball Contents
Backup Tarball ContentsBackup Tarball Contents
Backup Tarball ContentsHTS Hosting
 
VPS and Dedicated Servers
VPS and Dedicated ServersVPS and Dedicated Servers
VPS and Dedicated ServersHTS Hosting
 
Best WordPress Hosting Plans
Best WordPress Hosting Plans Best WordPress Hosting Plans
Best WordPress Hosting Plans HTS Hosting
 
Best Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansBest Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansHTS Hosting
 
Different Types of Web Hosting Services
Different Types of Web Hosting ServicesDifferent Types of Web Hosting Services
Different Types of Web Hosting ServicesHTS Hosting
 

Mehr von HTS Hosting (20)

Web Hosting and WordPress Hosting
Web Hosting and WordPress HostingWeb Hosting and WordPress Hosting
Web Hosting and WordPress Hosting
 
Availing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS HostingAvailing Windows Dedicated Servers of HTS Hosting
Availing Windows Dedicated Servers of HTS Hosting
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated Servers
 
Linux Dedicated Server Plans
Linux Dedicated Server PlansLinux Dedicated Server Plans
Linux Dedicated Server Plans
 
HTS Dedicated Servers
HTS Dedicated ServersHTS Dedicated Servers
HTS Dedicated Servers
 
Common Web Hosting Solutions
Common Web Hosting SolutionsCommon Web Hosting Solutions
Common Web Hosting Solutions
 
Basic Web Host Manager Setup
Basic Web Host Manager SetupBasic Web Host Manager Setup
Basic Web Host Manager Setup
 
Essential Features in Web Hosting Plans
Essential Features in Web Hosting PlansEssential Features in Web Hosting Plans
Essential Features in Web Hosting Plans
 
VPS Hosting
VPS HostingVPS Hosting
VPS Hosting
 
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS HostingDifference Between Managed VPS Hosting Self-Managed VPS Hosting
Difference Between Managed VPS Hosting Self-Managed VPS Hosting
 
Web Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and MoreWeb Hosting, Web Servers, Web Hosts and More
Web Hosting, Web Servers, Web Hosts and More
 
Know about Hosting a Business Website
Know about Hosting a Business WebsiteKnow about Hosting a Business Website
Know about Hosting a Business Website
 
Web Hosting Terms
Web Hosting TermsWeb Hosting Terms
Web Hosting Terms
 
Reseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web ServersReseller Hosting and Dedicated Web Servers
Reseller Hosting and Dedicated Web Servers
 
Reseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS HostingReseller Hosting and Managed VPS Hosting
Reseller Hosting and Managed VPS Hosting
 
Backup Tarball Contents
Backup Tarball ContentsBackup Tarball Contents
Backup Tarball Contents
 
VPS and Dedicated Servers
VPS and Dedicated ServersVPS and Dedicated Servers
VPS and Dedicated Servers
 
Best WordPress Hosting Plans
Best WordPress Hosting Plans Best WordPress Hosting Plans
Best WordPress Hosting Plans
 
Best Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting PlansBest Linux Dedicated Hosting Plans
Best Linux Dedicated Hosting Plans
 
Different Types of Web Hosting Services
Different Types of Web Hosting ServicesDifferent Types of Web Hosting Services
Different Types of Web Hosting Services
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 

The Top Cloud Security Issues

  • 1. The Top Cloud Security Issues
  • 2. Table of Contents 2 Cloud Technology Types of Cloud Services Advantages of Cloud Technology The Best Practices for Cloud Security The Main Cloud Security Threats Data Breaches Account Hijacking Lack of Cloud Security Architecture and Strategy Insider Threats Misconfiguration and Inadequate Change Control Insecure Interfaces and APIs (Application Programming Interface) Weak Control Plane Limited Visibility regarding Cloud Usage Criminal Use of Cloud Services Metastructure Failures Inadequate Credential, Identity, Access, and Key Management
  • 3.  Cloud technology involves on-demand IT resources’ delivery over the Internet. These resources have to do with data storage, servers, databases, networking, and software. Cloud computing enables one to access technology services (computing power, databases and storage) as per one’s need from a cloud service provider instead of owning, buying and maintaining data centers and servers. It usually involves pay-as-you-go pricing.  A remote cloud computing server that is hosted in a data center and is managed by a third party is used to provide cloud services. Cloud services are scalable and in it the users make use of the Internet to access computing services. With the aid of cloud technology any device with an active Internet connection can be used to access files from any location.  One example of cloud servers’ usage is in cloud hosting, which is a type of web hosting. Web hosting is the service that enables websites to be accessible over the Internet. The most reliable web hosting companies are usually known as the “Best Windows Hosting Company”, the “Best Web Hosting Company”, the “Top Cloud Hosting Company” etc. 3 CloudTechnology
  • 4. There are different types of cloud service models, which are mentioned below.  Infrastructure as a Service (IaaS)  Platform as a Service (PaaS)  Software as a Service (SaaS)  Function as a Service (FaaS) 4 Types of Cloud Services
  • 5. The main benefits of cloud technology are as follows-  Mobility  Cost savings  Scalability  Security  Enhanced quality control  Flexibility regarding work practices  Better collaboration 5 Advantages of CloudTechnology  Disaster recovery  Data loss prevention  Competitive edge  Sustainability  Automatic software updates
  • 6. 6 1-800-123 -8156 Whoa!That’s a big number, aren’t you proud?
  • 7. The best practices that need to be followed in order to take care of cloud security are mentioned below, in no particular order.  Regular monitoring of cloud environment for security threats  Performing routine penetration tests  Adequate management of access control  Following cloud data deletion policies  Clarity about the shared responsibilities of the cloud vendor and that of the user  Data encryption in the cloud 7 The Best Practices for Cloud Security
  • 8.  The main threats to the security of the cloud are caused by data breaches, account hijacking, a lack of cloud security architecture and strategy, insider threats, misconfiguration and inadequate change control, insecure interfaces and APIs (Application Programming Interface), weak control plane, limited visibility with regard to cloud usage, criminal use of cloud services, metastructure failures and inadequate credential, identity, access and key management.  Each of these will be discussed briefly in the following slides. 8 The Main Cloud SecurityThreats
  • 9.  Data breaches are a threat to cloud security as these can cause financial and reputational damage, loss of intellectual property (IP) and often legal liabilities. 9 Data Breaches
  • 10.  As a threat to cloud security, account hijacking enables an attacker to gain access to privileged accounts. When an attacker enters a system using a legitimate account, he is able to cause a lot of damage which can include data theft, deletion of important data, disruption of service delivery along with carrying out financial fraud etc. 10 Account Hijacking
  • 11.  A lack of cloud security architecture and strategy is another major threat to cloud security. This occurs when a user is in a hurry to minimize the time that is needed to migrate data and systems to the cloud. Hence, the user becomes operational in the cloud, using strategies and security infrastructure that are not adequate or haven’t been designed for the cloud. 11 Lack of Cloud Security Architecture and Strategy
  • 12.  An insider threat can be caused by a business’ former or current employees, contractors etc. Such threats can arise from anyone who has access to a business’ systems. Any damage caused by an insider threat can be either intentional or unintentional. When unintentional, an insider threat results from the negligence of employees and/or contractors and includes storage of sensitive data on a personal device, misconfigured cloud servers etc. 12 InsiderThreats
  • 13.  Inefficient change control practices cause most of the misconfiguration errors. This threat can not only result in the loss of data for cloud users but also resources’ deletion or modification. 13 Misconfiguration and Inadequate Change Control
  • 14.  Insecure interfaces and APIs (Application Programming Interfaces) present another threat to cloud security. API vulnerabilities enable attackers to steal user credentials. Since APIs and user interfaces are usually the most exposed parts of a system, their security needs to be a top priority. 14 Insecure Interfaces and APIs (Application Programming Interface)
  • 15.  A weak control plane results from not having full control over the logic of the data infrastructure, verification and security. A failure to understand the security configuration and the architectural weaknesses can result in data leakage, data corruption, unavailability of data etc. 15 Weak Control Plane
  • 16.  Limited visibility with regard to cloud usage can be caused by any unsanctioned app’s use or by the misuse of any sanctioned app. It is yet another cloud security threat. 16 LimitedVisibility regarding Cloud Usage
  • 17.  Legitimate cloud services are often used by attackers in order to carry out their malicious activities. A cloud service might be used by attackers for hosting disguised malware on websites, distribution of phishing emails, launching DDoS attacks, executing automated click fraud, carrying out brute-force attacks etc. 17 Criminal Use of Cloud Services
  • 18.  The metastructure of a cloud service provider contains security information which is disclosed through API calls. A metastructure can give attackers data access as well as enables them to disrupt cloud customers. Such a vulnerability is usually caused by poor API implementation. 18 Metastructure Failures
  • 19.  Cloud security threats can arise from inadequate access and key management along with inadequate control with regard to data, systems, server rooms etc. Businesses need to change their practices with regard to identity and access management in order to enhance their cloud security. 19 Inadequate Credential, Identity,Access and Key Management