Posted by aionol | 27 JAN 2018

Taking A Closer Look At the ‘Treacherous 12’ Top Security Threats in The Cloud (Part I)

One of the major barriers to digital transformation is cloud security. Many C-level executives hold off with migrating their business to the cloud because of security concerns. In order to address these security issues, you need to know what they are. A study by the Cloud Security Alliance has identified the ‘Treacherous 12’. Let’s take a closer look at […]

One of the major barriers to digital transformation is cloud security. Many C-level executives hold off with migrating their business to the cloud because of security concerns. In order to address these security issues, you need to know what they are.

A study by the Cloud Security Alliance has identified the ‘Treacherous 12’. Let’s take a closer look at each of them.

1. Data Breaches

Due to the increased amount of data – including sensitive data – being stored on the cloud, providers are becoming a more and more attractive target. Depending on how ‘valuable’ or sensitive the data, the more devastating would be a data breach. The costs of data breaches are significant and can drag into the long term. It is therefore recommended to install multi factor authentication and encryption for protection.

The 12 Treacherous Security Threats in The Cloud

The 12 Treacherous Security Threats in The Cloud

2. Insufficient Identity, Credential and Access Management

One of the major struggles of installing a waterproof authentication system is identity management. Enterprises often allocate access permissions according to job roles, and sometimes even forget to remove users after their job changes or employees leave the company. In this scenario, cloud users should make use of the combination of one-time passwords, phone-based authentication, and smartcards.

3. Insecure Interfaces and APIs

APIs and interfaces are one of the strongest security threats, as they usually can be accessible from the open internet. And as almost every cloud service and application offers APIs, almost every cloud user can be affected. Therefore, the CSA recommends that adequate controls and threat modeling for applications and systems need to be introduced rigorously. Security-focused code reviews and penetration testing also made the list of recommendations.

Read Part II here

Security in the cloud is of utmost important. Iono Inc specialises in efficient and secure cloud computing solutions. Get in contact with us today

Leave a Reply

Your email address will not be published. Required fields are marked *