Cloud data security threat #1: Malicious insiders The simple fact of the matter is that the more people who have access to your data in the clear, the greater the risk of data theft or a data breach. You may have vetted everyone in your own organization carefully and monitor their activities extensively, but can you say the same of your cloud service providers (CSPs)? Whether tempted by personal gain or motivated by simple malice, potential rogue administrators or DBAs at your CSPs pose a serious threat to your cloud data security and regulatory compliance. Cloud data security threat #2: Hackers and eavesdroppers Malicious insiders are one thing, but enterprises that adopt cloud computing must also worry about their data and user sessions being stolen or intercepted by outsiders, such as hackers and government agencies. Data that's in the clear, either in storage or during a session, is data that's ripe for plunder. The NSA may do nothing more nefarious with your data than put it in a database for analysis, but hackers, like malicious insiders, are typically motivated by either personal gain—identity theft can bring in big money, after all—or the simple desire to cause trouble. Either way, your data is at risk, and so are your compliance status, your customers' trust, and your bottom line. Cloud data security threat #3: Cloud API vulnerabilities People wouldn't pose a threat to cloud data security if the cloud itself didn't present vulnerabilities. Among the most serious vulnerabilities are those that can be found in the software interfaces—APIs—that cloud applications use. CSPs expose their APIs so customers can manage, integrate, and interact with the cloud services, and the security of these APIs is absolutely critical. APIs handle everything "from authentication and access control to encryption and activity monitoring," according to the Cloud Security Alliance, and a weakness in the API can lead to a breach. Additionally, the open nature of APIs means that as organizations build on them to create purpose-built solutions, the probability of a vulnerability increases.

3 Threats to Cloud Data, and How to Address Them

When it comes to cloud data security, fear, uncertainty, and doubt abound. In particular, enterprises in fields with heavy regulatory burdens around data privacy—healthcare, for instance, or financial services—may see the cloud as simply too risky to adopt. But a closer examination of some of the top threats to cloud data security show that the solution can be simpler than you think. Here’s a look at three major threats to cloud computing according to the Cloud Security Alliance, and how you can protect your organization.

Cloud data security threat #1: Malicious insiders

The simple fact of the matter is that the more people who have access to your data in the clear, the greater the risk of data theft or a data breach. You may have vetted everyone in your own organization carefully and monitor their activities extensively, but can you say the same of your cloud service providers (CSPs)? Whether tempted by personal gain or motivated by simple malice, potential rogue administrators or DBAs at your CSPs pose a serious threat to your cloud data security and regulatory compliance.

Cloud data security threat #2: Hackers and eavesdroppers

Malicious insiders are one thing, but enterprises that adopt cloud computing must also worry about their data and user sessions being stolen or intercepted by outsiders, such as hackers and government agencies. 

Cloud data security threat #1: Malicious insiders  The simple fact of the matter is that the more people who have access to your data in the clear, the greater the risk of data theft or a data breach. You may have vetted everyone in your own organization carefully and monitor their activities extensively, but can you say the same of your cloud service providers (CSPs)? Whether tempted by personal gain or motivated by simple malice, potential rogue administrators or DBAs at your CSPs pose a serious threat to your cloud data security and regulatory compliance.  Cloud data security threat #2: Hackers and eavesdroppers  Malicious insiders are one thing, but enterprises that adopt cloud computing must also worry about their data and user sessions being stolen or intercepted by outsiders, such as hackers and government agencies. Data that's in the clear, either in storage or during a session, is data that's ripe for plunder. The NSA may do nothing more nefarious with your data than put it in a database for analysis, but hackers, like malicious insiders, are typically motivated by either personal gain—identity theft can bring in big money, after all—or the simple desire to cause trouble. Either way, your data is at risk, and so are your compliance status, your customers' trust, and your bottom line.  Cloud data security threat #3: Cloud API vulnerabilities  People wouldn't pose a threat to cloud data security if the cloud itself didn't present vulnerabilities. Among the most serious vulnerabilities are those that can be found in the software interfaces—APIs—that cloud applications use. CSPs expose their APIs so customers can manage, integrate, and interact with the cloud services, and the security of these APIs is absolutely critical. APIs handle everything "from authentication and access control to encryption and activity monitoring," according to the Cloud Security Alliance, and a weakness in the API can lead to a breach. Additionally, the open nature of APIs means that as organizations build on them to create purpose-built solutions, the probability of a vulnerability increases.

Data that’s in the clear, either in storage or during a session, is data that’s ripe for plunder. The NSA may do nothing more nefarious with your data than put it in a database for analysis, but hackers, like malicious insiders, are typically motivated by either personal gain—identity theft can bring in big money, after all—or the simple desire to cause trouble. Either way, your data is at risk, and so are your compliance status, your customers’ trust, and your bottom line.

Cloud data security threat #3: Cloud API vulnerabilities

People wouldn’t pose a threat to cloud data security if the cloud itself didn’t present vulnerabilities. Among the most serious vulnerabilities are those that can be found in the software interfaces—APIs—that cloud applications use. CSPs expose their APIs so customers can manage, integrate, and interact with the cloud services, and the security of these APIs is absolutely critical. APIs handle everything “from authentication and access control to encryption and activity monitoring,” according to the Cloud Security Alliance, and a weakness in the API can lead to a breach. Additionally, the open nature of APIs means that as organizations build on them to create purpose-built solutions, the probability of a vulnerability increases.


Free eBook - Beyond Discovery: Cloud Data Protection

Free eBook – Beyond Discovery: Cloud Data Protection

One solution for three threats: Client-side encryption gateways and enterprise encryption key control

All of these threats to cloud data security are serious, but none of them are unsolvable. In fact, the solution for each is the same, and the solution for each is simple. A client-side encryption gateway that ensures  access to the encryption keys is controlled  only by  the enterprise—not with the CSP and not with a third-party encryption provider—can prevent data breaches caused by malicious insiders at the CSPs, hackers and eavesdroppers, or through insecure APIs. It does so by encrypting sensitive data before it ever leaves the enterprise perimeter and leaving the encryption keys at home, so to speak. No one outside the enterprise will be able to view the data in the clear, and thus, even if data is intercepted, it remains encrypted and safe. In other words, a client-side cloud encryption gateway ensures that a breach isn’t really a breach, mitigating the risks that come with cloud computing.

Next Steps

What other threats to cloud data security does your organization worry about? Tell us your thoughts in the comments.

 

SUBSCRIBE TO OUR BLOG
Join over 5,000 subscribers - best practices and tips delivered weekly to your inbox.
We respect your privacy. Your email address will never be sold or shared with anyone else.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *