The natural nature of cloud computing is data sharing, so the risk of security is high that when businesses want to apply cloud computing to business models, according to the CSA, always be careful with security. Because these services default to users ignoring the general corporate security policies and setting up their own employee accounts with the service. Therefore, enterprises may have to modify and add new security policies to suit the cloud.
- DATA LEAKAGE.
The cloud environment also has the same security risks as conventional enterprise networks, but as there is a lot of data stored on cloud servers, the provider becomes an attractive destination for bad guys. The risk depends on the sensitivity of the data. It is possible that personal financial information is the most sensitive, but it may also be information about health, trade secrets, intellectual property … and they are also devastating if leaked.
- LOSING PASSWORD.
Data leakage and attack types are often aimed at obtaining login credentials, such as passwords, authentication keys, or other credentials. Businesses often find it difficult to manage user identities in order to identify the right people when accessing data on the cloud. More importantly, businesses often forget to remove user access when they finish work, or end the project.
Multi-tier authentication systems such as a new password, smartphone authentication, and smartcard protection are good for cloud services because they make it difficult for the bad guys to get data. The leak of Anthem Health Insurance Company in 2014 revealed more than 80 million customer logins. Anthem does not implement multi-step authentication so once the attacker gets the log data, everything collapsed.
- THE VULNERABILITIES WERE DISCOVERED.
System vulnerabilities, bugs in the program are not new, but they will become a much bigger problem if the business is heading to the cloud. Businesses share memory, databases and other resources almost seamlessly across the cloud, thus creating new routes.
Fortunately, security holes discovered by experts are classified as “basic” in the industry. For the long term, the best way to handle vulnerabilities is to scan your system, update patches, and keep track of security bulletins.
- PHISHING ACCOUNT.
Phishing and attack tools are still gaining momentum, and cloud services add an object that needs to be “processed” because an attacker can “eavesdrop” on network activity, intervene in transactions and edit data. Attackers can also use other cloud applications to attack.
5 MALICIOUS CODE.
Intrusion from the inside has many aspects: former employees, system administrators, business partners, collaborators. The purpose is also different, as simple as getting data, or even serious is to sabotage. In the context of cloud computing, this risk is far more dangerous because intruders can destroy the entire system or change the data. Which system depends only on a single security provider, such as encryption, the risk is greatest.
- TEMPORARY DATA LOSS
Cloud computing is complete, reports of temporary lost data due to vendor errors are rare. But professional hackers can know just by losing some data, in a certain period of time is enough to cause harm to businesses. And cloud computing centers are at risk of having objective, unintended incidents, such as natural disasters, fire, etc.
Although you should solve these security issues with the cloud provider before you send your data and information to cloud servers. Cloud computing provides small businesses too many benefits to dismiss out of hand. After all, you will meet many of these security risks in the first time you connected your network to the Internet.