Cloud computing security domain is an evolving branch of network security for cloud services, simply called cloud security. Set of policies and practices established to protect the information, applications, and infrastructure associated with the cloud computing.
Cloud presents new opportunity around shared resources. Cloud computing is an Internet-based computing well known as ‘on-demand computing’ very useful for storage solutions, provide users and enterprises with various capabilities to store and process data, development, and deployment of services and solutions over the internet. Cloud computing enables people worldwide to collaborate together. Companies spend only for the resources they consume. With all these benefits of cloud computing, the most important ones which cloud providers are in terms of “security” like centralized security policies, security infrastructure becomes less expensive but cloud also poses security risks, risks associated with the internet like hacking and malware infections.
In January 2010 search engine giant Google announced that there web-based email system Gmail was compromised by a malware attack in China. This attack made Google close their business operations in China.
Top security benefits:
Cheaper security infrastructure
An organization with multiple locations worldwide do not have to establish security infrastructure at local premises. Maintenance, patches, and upgrades need to be installed at each site, this comes with a large and time-consuming level of effort and there is a cost assocuated. Companies don’t have to hire security experts at each site.
Centralized security policies
Establishing security infrastructure at local premises have a risk of having different security policies at different sites. Cloud computing provides an advantage of having centralized security policies and rules. Cloud establishes strict security standards which are dictated by a standard organization like ISO. Cloud computing also poses cybercrime risks which can cause damage to the customer’s intellectual property.
Top security concerns:
Loss of data privacy
A lot of companies store sensitive data in the cloud which can include intellectual property and other financial documents. Cybercriminals can gain access to such sensitive data in case of breach. The similar threat can be present with public or community clouds, data may not remain in the same system, raising multiple legal concerns.
Loss of control over data
User or organization data may be mixed up in various ways with data belonging to others. The key to defending against this threat is to protect credentials from being stolen. Research was unveiled at the Black Hat security conference in Las Vegas, which showed how the attack enables hackers to hijack users of cloud-based storage services, such as Box, Dropbox, Google Drive and Microsoft OneDrive, without their knowledge. Hacker gains authentication to the cloud service by stealing a token that is generated the first time a cloud syncing service is used on a PC, without compromising the user’s cloud account username or password. From here, an attacker can access and steal a user’s files, and even add malware to the victim’s cloud folder.
Targeted attack with Virus or Malware infections
Uploaded files can contain malware which may be a genuine attack caused by a cybercriminal which can cause either breach or loss of data. According to Symantec Website Security Threat Report 2015, there is a huge change of tactics by cybercriminals, In 2014, up to 28 percent of all malware was “virtual machine aware.
Security experts are making cloud computing secure day by day. Complex encryption/decryption algorithms, best authentication techniques are employed which protects data from cybercrime. Organizations are established which audits the cloud service provider security infrastructure for security compliance and certificates them which makes cloud service providers to establish best security systems.
All these measures have not stopped security breaches but at least they have slowed them down in the recent years.
— Sugandha Sharma