Today a majority of new software and mobile applications are cloud-based, meaning they transmit data from the user’s device to a remote server. While cloud technology can decrease your business IT costs and enhance your overall productivity, there are a few security concerns when it comes to sending and hosting information in the cloud.
A 2013 report from The Cloud Security Alliance lists the top nine security threats impacting cloud computing. Below we’ll share the top five threats from this report and provide some background information about each one.
Top Five Cloud Security Threats
1. Data Breaches: A flaw in a cloud application can allow an outside organization to view proprietary data and information. Both encryption and offline data backup can help to secure your data when using cloud software.
2. Data Loss: When you entrust your data to a cloud provider there is always a risk of data loss. If, for example, a data center suffers a hardware failure due to an act of God, then your sensitive data may be lost. That’s why offline data backup remains key to IT security.
3. Account Hijacking: Your cloud accounts may fall into the hands of a nefarious user if your passwords are not secure or you are targeted by a phishing scheme. To prevent account hijacking, it is key to use password best practices company-wide and take advantage of account authentication whenever this is offered.
4. Insecure APIs: Cloud software will many times act as a platform and offer an API that can integrate with other third-party apps and programs. When two different APIs connect, there is sometimes an increased security risk. The social media scheduling application Buffer integrates with Twitter and Facebook. Buffer recently got hacked and user accounts were compromised,and sending out SPAM social media updates across those other networks.
5. Denial of Service Attacks: A denial of service attack occurs when a perpetrator forces a cloud service to accept more ‘requests’ than it can handle. This type of attack will slow down or crash the software. When cloud software provider gets hit with such an attack it can mean a loss of productivity and often revenue for its end-users.