Cloud Security Risks
-
Upload
vinayak-wadhwa -
Category
Documents
-
view
223 -
download
0
description
Transcript of Cloud Security Risks
Cloud Security Risks
Data breaches.
Side channel timing information to private cryptographic key Single security flaw in multitenant cloud service. Measures taken to mitigate data loss problem can instead exacerbate the other problems. Encryption is possible solution, but key protection is of grave concern. Offline backups increase exposure to problems
Data loss
Valuable Data loss Legal Data loss Encryption will backfire
Account/Service Traffic Hijacking
If an attacker gains access to your credentials, he or she can eavesdrop on your activities and transactions, manipulate data, return falsified information, and redirect your clients to illegitimate sites Power of reputation to launch attacks XSS attack on Amazon in 2010 Strong sharing policies. Prohibit sharing Two factor Authentication
Insecured Interfaces and APIs
IT admins rely on interfaces for cloud provisioning, management, orchestration, and monitoring. Organizations may be required to relinquish their credentials to third parties in order to enable their agency
Denial of Service Malicious insiders Abuse of Cloud Dilligence Shared technology vulnerablilities