10 cloud security risks you need to know

Posted on November 1, 2014 in Computer Systems, by Al Harris

We are all moving into the cloud. It is a transition that comes with many benefits, from drastically increased accessibility to vastly improved backup capabilities. However, as with any new technology or innovation, with the new benefits come new risks. Cloud computing has a range of security risks that we believe you should know about. We want to ensure that our clients make informed decisions regarding each and every choice.

1. Shared technology vulnerabilities
Using shared tech is always an increased risk but when this is on the cloud the risks are increased. Any vulnerability in the software is more easily utilized by an attacker. There is also an added incentive for attackers as the cloud increases the potential benefits from exploiting these vulnerabilities. Whereas before, they would have only gotten the spoils from one firm or site, now the potential gains are much bigger.

2. Inadequate due-diligence and shadow IT
A lot of firms are avoiding due diligence in their IT processes and are storing the data on the cloud in an ad hoc manner. It is important for businesses to take initiative to mitigate the risks of that these shadow IT methods expose them to.

3. Abuse of cloud services
Many of the key benefits of cloud computing, including flexibility, scalability and agility, are just as beneficial to black hats. They are able to use the cloud to mine digital currencies and store illegal content. This poses a number of risks to genuine users.

4. Malicious insiders
There are also a number of malicious insiders working in cloud computing. They may write in code that provides backdoors to black hat users that may leave your data exposed at a later date.

5. Denial of service (DOS)
The cloud is prone to DOS attacks, these attacks poses a serious threat to cloud computing users everywhere. While some providers have worked hard on DOS prevention the risk is still there.

6. Insecure interfaces and APIs
Because the cloud is new and always changing there are a large number of insecure APIs out there, including weak TLS crypto. While the cloud provider should take care of this threat there are no guarantees that they have.

7. Unauthorized access to an enterprise user’s cloud account
Many users still have not learned the importance of strong passwords and the cloud amplifies the dangers of weak and easily cracked passwords.

8. Data loss
While the cloud does mitigate many forms of data loss, there are still threats that could cause irretrievable data loss, with an intentional attack as the leading risk.

9. Data breach
Storing your data offsite comes with its own risks for breach.

10. Self-awareness or artificial intelligence
This may sound like it is straight out of a science fiction film, but there is a danger that the cloud may develop a degree of self awareness or limited artificial intelligence, in which case there will be serious and unpredictable issues.

To mitigate these risks, speak to us here at Technical Support for solutions to these problems and prevent any future disasters waiting to happen.