Cloud computing has become very popular among startup and big businesses. Most enterprises use cloud computing to offer them additional services and storage capacity for their projects and data. Since cloud computing companies are not required to have their computing infrastructure, cloud services are cost-effective since they will pay for what they use. Using cloud services also means that enterprises can move very fast on projects and test new applications without additional procurement and upfront cost. Also, applications running on the cloud are very fast since the cloud providers ensure that performance is consistently optimized on all servers. Although cloud services have brought about new ways of storing and sharing data, many companies are still tentative about moving to the cloud due to a vast security concern posed by this service.
Data deletion and loss is a major concern to companies migrating to cloud services. Data stored in cloud services can be deleted or lost through a malware attack, a natural disaster, or service provider data wipe. Data loss can be very devastating to a business that lacks a recovery plan of the same. Other times, companies deleting their data from the cloud suffers from incomplete data deletion that could expose the undeleted data to attackers. Such data deletion issues exist because consumers reduced visibility of where they store their data physically, which minimizes their capability to verify a secure deletion of their data. Such incidences are very common in cloud services. In 2011, Amazon suffered a data loss by permanently destroying their consumers’ data. Google also lost data when its power grid was struck by lightning.
Delegate your assignment to our experts and they will do the rest.
Unauthorized access and insider threat is also a concern to cloud users. Employees can use their authorized access to obtain customers' accounts, financial information, and other sensitive data. Also, employees’ negligence can lead to unauthorized access due to their ability to remotely log in to their accounts, making the system vulnerable to third party access (Sabahi, 2011). Other times an employees’ accounts can be hijacked by attackers who use their login info to reach out to sensitive data in the cloud. Moreover, hackers can manipulate and fabricate data from credentials stolen by scripting errors and reused passwords.
Insecure interfaces and APIs that can be compromised is another threat to clouding computing. Application programming interfaces enable consumers to customize their cloud experience. Such is because of a company's ability to customize cloud computing features to suit its business needs (Kuyoro, Ibikunle, & Awodele, 2011). Additionally, they give companies data recognitions and encryption, together with access services. Since some APIs can be accessed through the internet, they are exposed to potential attack exploitation. Attackers always look for API vulnerabilities, which they use to compromise companies' cloud assets and data.
However, with all these risks that come with cloud computing, companies have come up with this data protection and regulatory compliance programs that comprise skilled IT professionals with sufficient authority and a very clear responsibility for cloud hosting. This IT personnel's primary responsibilities are to ensure data stored in the cloud is encrypted when not in use, coming up with a two-factor authentication login model to limit unauthorized access and eliminate any chance of shared accounts among co-workers (Zissis & Lekkas, 2012). Moreover, the company IT departments are supposed to develop a well-defined shared responsibility model with the cloud service provider.
Although cloud computing has reduced the cost of storing and transmitting data, it does not lessen the existing network security risk; rather, cloud services increase them. However, with well laid down data security procedures, a company can mitigate some of these risks for smooth company operations.
References
Kuyoro, S., Ibikunle, F., & Awodele, O. (2011). Cloud Computing Security Issues and Challenges. International Journal of Computer Networks, 3 (5), 247-255. Retrieved from https://eprints.lmu.edu.ng/id/eprint/1390
Sabahi, F. (2011). Cloud computing security threats and responses.
Zissis, D., & Lekkas, D. (2012, March). Addressing cloud computing security issues. Future Generation Computer Systems, 28 (3), 583-592. https://doi.org/10.1016/j.future.2010.12.006
