Top 5 Cloud Computing Risks

iStock_000026966461Small

Over the last few years, cloud computing has evolved to become one of the most technologically important and beneficial storage resources for business and consumers alike. It allows employees to work virtually so they can access company files from anywhere they can acquire an Internet connection; it allows businesses to streamline their operations and develop more eco-friendly strategies, and, cloud-based systems have consistently proven to be more reliable and cost-efficient than in-house infrastructures.

But, just because cloud computing has revolutionized the ways businesses work and communicate doesn’t mean that its risks can be overlooked. Understanding the risks associated with “working from the cloud” is crucial to ensuring that your company is protected. To help you get a better understanding of this, we’ve compiled the top 5 cloud computing risks.

#1: Multitenancy (Shared Access)

Cloud computing systems are not dedicated servers. In other words, public cloud systems are accessed by a huge number of unrelated customers at any given time, thus sharing the system’s resources. The problem with shared access is that there is a risk that your company’s sensitive data could accidentally show up in someone else’s space. In fact, recently researchers were able to recover data from other tenants from what was supposed to be “new” storage space. Vulnerability researchers were also able to uncover other tenants’ memory and IP address space and in some cases, researchers were even able to completely hijack another tenant’s resources simply by predicting what IP or MAC addresses they were assigned.

#2: Network Availability

When you work from the cloud, you are at the mercy of its availability. This means that if your provider’s systems go down, so does your access and productivity. And if history shows us anything, it is that even the biggest and best cloud-based providers suffer from occasional service interruptions lasting from a few hours to a few days. Of course, the bigger concern of such interruptions is the potential for lost data. It’s not uncommon for many big cloud service providers to promise “triple back-up protection,” but despite the claim, data losses do occur and when they do, it’s usually permanent. As a result, any data your company is placing in the cloud should also be backed up using a physical, on-site resource.

#3: Ownership of Data

You know that contract document that you uploaded to the cloud? You might be surprised to know that in many cases, that document becomes the property of the cloud service provider the moment it’s uploaded. It’s true. Many of the biggest cloud service providers have clauses in their contracts that state any data stored on their system becomes the property of the provider, not the customer. Before you upload any files to the cloud, double check your contract to make sure your property remains your property.

#4: Data Integrity

If you think that your data security is questionable when you store it on-site, imagine the risk when your data is being stored at a location you don’t even know. Cloud computing security risks are higher because when you store your data off-site, there are more pathways open for attack and because your data has to travel longer to get to you, it will become easier to be intercepted. Sure, there are advanced encryption methods being used to help protect your data, but every time new technology is initiated to help protect data, there are hackers out there honing their skills to render such advancements useless.

#5: Virtual Risk

Practically every cloud service provider uses virtualization. As a result, users don’t only have to worry about the risks associated with physical machines but also with the unique risks associated with virtual server hosts and the guests that access them. Worse yet, many of the virtualization risks of cloud computing remain unknown. To help minimize your virtual risk, you should always ask the cloud service provider the following questions before signing the contract:

  • What type of server virtualization software does the company use?
  • What software version are they currently using?
  • Who patches the virtualization host and how often is it done?
  • Who can log into each virtualization host and guest?

If the provider can’t or won’t supply you with answers to these simple questions, then their systems are probably not as secure as you would like them to be and you should take your business elsewhere.

GET A FREE QUOTE