• Home
• Topics
• Cloud Security Management and Cloud Operations Security
• Legacy Application Modernization for the Cloud
• Minimizing cloud computing threats in the enterprise

Minimizing cloud computing threats in the enterprise

Requires Free Membership to View

Login

• E-mail Address: 

By submitting your registration information to SearchCloudSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchCloudSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

After that, I think the greatest cloud computing threat to enterprises is either insecure application programming interfaces (APIs) or shared technology vulnerabilities. This is not to minimize the five other threats, but these are threats we should already be familiar with because they are common to many other areas in information security. Insecure APIs or shared technology vulnerabilities are threats to traditional information security, but they become even greater threats in a cloud computing environment. This is because of the shared nature of the service and potential increased attack surface.

You can prevent cloud computing threats from causing harm to your organization by first investigating what potential vendors use for security controls and doing a risk assessment as recommended by the Cloud Security Alliance and HP. You can minimize the risk of insecure application programming interfaces by strictly configuring the access control for utilizing the API and by closely monitoring your access logs. You can lessen the risk from shared technology vulnerabilities by using a service provider that minimizes the different customers on shared infrastructures, limiting the sensitive data stored with the provider or having the sensitive data stored on a higher security infrastructure.

Dig Deeper

This was first published in May 2010

More from Related TechTarget Sites

• Security
• Security Channel
• Security UK
• Cloud computing
• Server Virtualization
• VMware

• Security

  • PCI Council urges P2P encryption for mobile payments

    A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.

  • Steve Lipner on the Microsoft SDL, critical infrastructure protection

    Microsoft’s senior director of security engineering says core SDL principles should be at the foundation of critical infrastructure system protection.

  • Android security model doing best to enable mobile malware spread

    At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.

• Security Channel

  • Biometric authentication methods: Comparing smartphone biometrics

    Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods.

  • F5 Vault program embraces incentives for F5 firewall, security sales

    The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.

  • Using DMARC to improve DKIM and SPF email antispam effectiveness

    DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how.

• Security UK

  • ICO fines Welsh health board £70,000 for patient record loss

    For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.

  • With mobile payments, security teams must move quickly

    As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.

  • SOCA takes its website offline in DDoS response

    Just days after SOCA shut down carder sites, the agency was the victim of a DDoS attack, leading SOCA to takes its website offline.

• Cloud computing

  • Download the Private Cloud E-Zine

    Get exclusive access to this expert bi-monthly e-zine with essential resources for building your private cloud infrastructure.

  • What makes a good cloud provider?

    Fair costs and SLAs were once enough to discern top cloud providers. In today’s packed cloud market, vendors must bring more to the table.

  • Azure’s identity crisis and other cloud computing sound bites

    Microsoft Azure wants to be called Loretta. No, that’s not true. Or is it? Find out that answer and other news overheard in the cloud this past week.

• Server Virtualization

  • Download the Virtual Data Center E-Zine

    Get exclusive access to the Virtual Data Center E-Zine, published monthly by the experts at SearchServerVirtualization.com.

  • Ten easy ways to extend virtual host resources on the cheap

    Virtual host resources are the lifeblood a virtualization project. Finding ways to extend them will promote growth, even during lean budgetary times.

  • Taking the pain out of the Internet Explorer requirement for RHEV 3.0

    Despite the hoopla over ditching Windows Server, RHEV 3.0 still requires Internet Explorer. But configuring IE doesn’t need to be a hassle.

• VMware

  • Promoting green initiatives with VMware software

    Green initiatives aren’t just for data centers. Reducing electricity use and preventing e-waste at home can be as simple as using free VMware software to virtualize desktops.

  • Replacing self-signed SSL certificates to improve ESXi security

    VMware’s default, self-signed SSL certificates ensure data encryption. By importing certificates from trusted, third-parties, however, you can improve ESXi security even further.

  • Using vCloud Director 1.5 in the real world: Ask the expert

    Although many organizations have been slow to adopt vCloud Director 1.5, one expert predicts a coming increase and offers advice for administrators who are looking to get started.

• About us
• Contact us
• Site index
• Privacy policy
• Advertisers
• Business partners
• Events
• Media kit
• TechTarget corporate site
• Reprints
• Site map