The Cloud Security Alliance, in conjunction with HP, has listed the top seven threats to cloud computing, based largely on the results of a survey of 29 enterprises, technology vendors and consulting firms.
Data loss/leakage
The strength of security controls over data in the cloud is less than ideal, with deficiencies in API access controls and key generation, storage and management all potentially contributing to data leakage, and there may also be a lack of necessary data destruction policies.
Sharing Technology Vulnerabilities
In the cloud, simple misconfigurations can have serious implications because many virtual servers in a cloud environment share the same configuration, so service level agreements (SLAs) must be enforced for network and server configurations to ensure timely installation of fixes and implementation of best practices.
traitor
Cloud computing service providers may not have the same level of background checks on staff as they do on enterprise data access controls, and many providers do a decent job of this, but not enough, and enterprises need to evaluate providers and come up with a plan for how to screen staff.
Account, service and communication hijacking
A lot of data, applications and resources are concentrated in the cloud, and if the authentication mechanism of the cloud is weak, intruders can easily obtain user accounts and log into the customer's virtual machine, so it is recommended to proactively monitor the kind of threats and use two-factor authentication mechanism.
Insecure application interfaces
When it comes to developing applications, enterprises must view cloud computing as a new platform, not as outsourcing. A rigorous vetting process must be deployed during the application lifecycle, and developers can apply certain guidelines to handle authentication, access control, and encryption.
Not using cloud computing correctly
Hackers may advance faster than technicians when it comes to employing technology, and hackers are often able to quickly deploy new attack techniques to move freely through the cloud.
Unknown Risks
Transparency issues have plagued cloud service providers, with account users using only the front-end interface, and they do not know which platform or level of repair their provider is using.
