












Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
this includes cloud concern for security,security breaches and its Ways to reduce security breaches in cloud computing
Typology: Slides
1 / 20
This page cannot be seen from the preview
Don't miss anything!













Cloud computing has opened up a whole new world of opportunities to the small and medium enterprises allows the users to collaborate with others to fulfill their IT requirements in a cost effective way. However, the security of the cloud is a huge concern for the majority of the organizations. With all the security risks, threats and breaches, not just the stored data but even the cloud based applications require comprehensive security management.
Causes of Security Breach
1. Weak and Stolen Credentials, a.k.a. Passwords (^) Attacks may well be the most common cause of a security breach but it is often a weak or lost password that is the vulnerability that is being exploited by the opportunist hacker. 2. Back Doors, Application Vulnerabilities (^) Hackers love to exploit software applications which are poorly written or network systems which are poorly designed or implemented, they leave holes that they can crawl straight through to get your personal information. 3. Malware (^) The use of both direct and in-direct Malware is on the rise. Malware is, by definition, malicious software: software loaded without intention that opens up access for a hacker to exploit a system and potentially other connected systems. 4. Social Engineering (^) As a hacker, why go to the hassle of creating your own access point to exploit when you can persuade others with a more legitimate claim to the much sought after data.
Causes of Security Breach
5. Too Many Permissions (^) Overly complex access permissions are a gift to a hacker. Businesses that don’t keep a tight rein on who has access to what within their organisation are likely to have either given the wrong permissions to the wrong people or have left out of date permissions around for a smiling hacker to exploit! 6. Insider Threats (^) The phrase “keep your friends close and your enemies closer” could not be any more relevant. The rogue employee, the disgruntled contractor or simply those not bright enough to know better have already been given permission to access your data; what’s stopping them copying, altering or stealing it.
Examples of Security Breaches in Cloud
vendor working for Verizon, committed a configuration blunder on an AWS S3 bucket which exposed names, addresses, account details, and pin numbers of millions of US- based Verizon customers. This incident also highlighted the fact that how alarming is the storage of sensitive info on 3rd party vendor.
Examples of Security Breaches in Cloud (^) Booz Allen Hamilton- In this year, technology consulting firm Booz Allen hired UpGuard to carry out security assessment on both its internal and external computer systems. To our surprise, the assessment discovered that 60,000 files were on a public access on AWS S3 bucket owned by an intelligence and defense contract of Booz Allen. The cache is said to have exposed 28GB of data and this includes credentials of senior engineers, passwords of US Government systems, and over half a dozen of files containing unencrypted passwords of government contractors holding top Secret Facility Clearance.
(^) Your data on the cloud is safe as you keep it. If you give your network access to everyone, you are going to end up compromising your data security. It is wiser to authenticate the person whom you are giving access to your cloud database. (^) A proper authentication of each of the users will not only help you keep a tab on the access log for each user but also reduce the chances of unauthorized access. Whether you run cloud- based free VAT software or a premium accounting application, such authentication can save you from several security breaches.
Shared Responsibility Model (^) The main areas that an on-premises solution manages include: application, data, runtime, middleware, O/S, virtualization, servers, storage and network. Essentially these are only responsible for all aspects of operating, maintaining, and securing the solution.