Cloud computing technology allows computer resource vendors to provide services to many users through a network. The fact that many users share many of the resources reduces the costs needed to put up and maintain the services. Its adoption has, for this reason, attracted many SMEs (small and medium-sized enterprises). There are a number of cloud computing security issues, however, that need to be addressed to allay fears among the users.
Currently, there are a number of different models that can be adopted by various companies depending on their specific requirements. These are broadly classified as public, private or hybrid. Public models are designed to be used by many users located in many different organizations. The private models, on the other hand, are intended for single organizations. They may be run internally or externally by a third party. The private models handle less traffic and are therefore faced with fewer threats.
In this technology, the provider is responsible for storing user information on a server located remotely. This ensures that only a few individuals who are employers of the provider. It is these employees, unfortunately, who are a threat to the data in most cases. Users need to enter into a legal agreement with the provider which requires the provider to take all the measures possible to prevent compromise of private data.
In an attempt to prevent unauthorized access particularly by employees, companies employ a number of measures. One of these measures is the use of unique passwords and usernames. This ensures that only the individual with these details is able to log into the network and access particular information. Authorization formats may also be used. These are designed to further increase restrictions. Each user can only access the data under their jurisdiction.
While it may be possible to keep unauthorized users at bay, there is still a threat posed by elements that are not in the control of the provider. These include, for example, fire outbreaks, power outages, storms and other natural disasters. The user needs to seek assurance that there is an effective data recovery plan in place to guard against such occurrences. They need to know that service provision will not be interrupted in such situations.
When data is being transferred between the network of the user and that of the service provider, it has to traverse the internet. While on transit, there is a possibility that it may be accessed illegally. It is important to ensure that the channel being used is secure. This can be achieved by ensuring that the connection with the provider is via a URL beginning with https. The data must also be encrypted and authenticated by use of the standard protocols.
A feature of all cloud computing models is that there is use of shared resources. This is a great advantage as far as the economic aspects are concerned but is in itself a weakness that may be utilized by attackers. The many different users on the network share server space as well as other resources. Attackers have in the recent past attempted to access information of fellow users due to this fact. This can be prevented by adequate encryption and compartmentalization techniques.
The use of a software interface such as the API (application programming interface) gives rise to other cloud computing security issues users are worried about. This is a program that enables computers to interact with provider software. Weak interfaces make a cloud service vulnerable to attacks and compromise data safety.
Currently, there are a number of different models that can be adopted by various companies depending on their specific requirements. These are broadly classified as public, private or hybrid. Public models are designed to be used by many users located in many different organizations. The private models, on the other hand, are intended for single organizations. They may be run internally or externally by a third party. The private models handle less traffic and are therefore faced with fewer threats.
In this technology, the provider is responsible for storing user information on a server located remotely. This ensures that only a few individuals who are employers of the provider. It is these employees, unfortunately, who are a threat to the data in most cases. Users need to enter into a legal agreement with the provider which requires the provider to take all the measures possible to prevent compromise of private data.
In an attempt to prevent unauthorized access particularly by employees, companies employ a number of measures. One of these measures is the use of unique passwords and usernames. This ensures that only the individual with these details is able to log into the network and access particular information. Authorization formats may also be used. These are designed to further increase restrictions. Each user can only access the data under their jurisdiction.
While it may be possible to keep unauthorized users at bay, there is still a threat posed by elements that are not in the control of the provider. These include, for example, fire outbreaks, power outages, storms and other natural disasters. The user needs to seek assurance that there is an effective data recovery plan in place to guard against such occurrences. They need to know that service provision will not be interrupted in such situations.
When data is being transferred between the network of the user and that of the service provider, it has to traverse the internet. While on transit, there is a possibility that it may be accessed illegally. It is important to ensure that the channel being used is secure. This can be achieved by ensuring that the connection with the provider is via a URL beginning with https. The data must also be encrypted and authenticated by use of the standard protocols.
A feature of all cloud computing models is that there is use of shared resources. This is a great advantage as far as the economic aspects are concerned but is in itself a weakness that may be utilized by attackers. The many different users on the network share server space as well as other resources. Attackers have in the recent past attempted to access information of fellow users due to this fact. This can be prevented by adequate encryption and compartmentalization techniques.
The use of a software interface such as the API (application programming interface) gives rise to other cloud computing security issues users are worried about. This is a program that enables computers to interact with provider software. Weak interfaces make a cloud service vulnerable to attacks and compromise data safety.
About the Author:
You can visit the website www.secpanel.com for more helpful information about The Cloud Computing Security Issues Of Concern
