Minimizing cloud computing threats in the enterprise

In this expert response, Nick Lewis outlines the biggest cloud computing threats, and explains what can be done to mitigate those threats.

Nick Lewis

The Cloud Security Alliance and Hewlett-Packard Co. has recently come out with the top cloud computing threats. What do you think is the greatest threat to enterprises from the cloud, and how can we prevent it from happening to us?

The most important action you can take to protect your organization from cloud computing threats is to be prepared and conduct your due diligence when contracting with cloud-based service providers to understand the risks. Outsourcing data to an external service always presents some level of risk. Among those risks, the potential loss of control over enterprise data is the greatest threat to the enterprise.

After that, I think the greatest cloud computing threat to enterprises is either insecure application programming...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

interfaces (APIs) or shared technology vulnerabilities. This is not to minimize the five other threats, but these are threats we should already be familiar with because they are common to many other areas in information security. Insecure APIs or shared technology vulnerabilities are threats to traditional information security, but they become even greater threats in a cloud computing environment. This is because of the shared nature of the service and potential increased attack surface.

You can prevent cloud computing threats from causing harm to your organization by first investigating what potential vendors use for security controls and doing a risk assessment as recommended by the Cloud Security Alliance and HP. You can minimize the risk of insecure application programming interfaces by strictly configuring the access control for utilizing the API and by closely monitoring your access logs. You can lessen the risk from shared technology vulnerabilities by using a service provider that minimizes the different customers on shared infrastructures, limiting the sensitive data stored with the provider or having the sensitive data stored on a higher security infrastructure.

This was last published in May 2010

Dig Deeper on Legacy Application Modernization for the Cloud

All
News
Evaluate
Manage
Problem Solve

Is Docker's Kubernetes implementation good for security?

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Cloud Security experts

View all Cloud Security questions and answers

Is Docker's Kubernetes implementation good for security?

Legacy security tools challenge companies facing cloud migration

Companies make the migration to cloud, security remains on premises

The security divide between on-premises and cloud infrastructures

Cloud application security issues and considerations

Former @stake researcher Aitel insists on data classification

Is Docker's Kubernetes implementation good for security?

Ensuring cloud application security amid a cloud application migration

How to develop cloud applications based on Web app security lessons

Legacy application migration to the cloud and security

Legacy security tools challenge companies facing cloud migration

Companies make the migration to cloud, security remains on premises

The security divide between on-premises and cloud infrastructures

How can hybrid app security risks be mitigated?

Please create a username to comment.

Critical Cisco vulnerabilities patched in Policy Suite

Cloud misconfigurations can be caused by too many admins

Microsoft launches identity bounty program, offers up to $100,000

Evaluate Google Cloud TPUs for machine learning apps

Overcome app deployment challenges in a multi-cloud strategy

Microsoft bills Azure network as the hub for remote offices

Matt Wood talks AWS' AI platform, ethical use

AWS Snowball Edge extends EC2 on premises

Assess AWS serverless costs and learn how to reduce them

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

With progressive web applications, developers blur the lines

Web app development morphs as apps and websites merge

Manage all your Hyper-V snapshots with PowerShell

Manage Hyper-V containers and VMs with these best practices

VMworld 2018 conference coverage

What the history of VMware reveals about its future projects

Make the most of vRealize Suite Standard Edition

VCenter monitoring enables granular troubleshooting

Huge Singapore data breach shows need for new approach

GDPR drives down UK insider threat

Brussels aims to become an insurtech hub

Related Resources

Dig Deeper on Legacy Application Modernization for the Cloud

Related Q&A from Nick Lewis

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.