Identification and countermeasures of cloud computing vulnerability risk

The October 8 news, in less than 10 years, cloud computing has evolved from an interesting new concept into the industry's major mainstream market. The industry's expectations for the future of cloud computing are generally high, with Morgan Stanley predicting that Amazon's network service will break 24 billion dollars in 2022. Of course, the success of any single vendor's cloud computing business depends entirely on its ability to help users eliminate security concerns about cloud computing, and the related issues still appear on on-demand deployments.

The notion that a highly virtualized, multi-tenant environment is more vulnerable to attack stems from the belief that the high level of accessibility and flexibility that makes cloud computing so appealing to customers opens the door to malicious hackers.

These concerns about cloud computing vulnerabilities often affect decisions about whether customers move the most important apps to cloud computing. However, there are signs that cloud computing security has become less of a barrier to cloud computing than it used to be. The attractiveness of an on demand model is so great that many companies are willing to put aside their concerns about data security and privacy, using, at least on an experimental basis, a project based infrastructure, Service (IaaS) deployment to support the need for short-term resources.

Confidence gap

The good news is that cloud computing's next wave of deployments has been quite successful, helping to boost users ' confidence in using the model. But there is still a gap in confidence between companies that are still not using cloud computing and those that have used cloud computing. Research firm ComScore Inc., commissioned by Microsoft to conduct a survey of more than 200 small and medium-sized enterprises (SMB), found that 42% of companies that do not use cloud computing services believe that cloud computing is fundamentally unreliable. By contrast, 94% of small and medium-sized respondents in a survey conducted in June 2013 said they were using cloud-based applications with higher security ratings than their internal security levels. These findings strongly support the idea that many companies actually find that one of the most compelling benefits of cloud computing is that suppliers can provide a degree of expertise and integrated security that is higher than many companies themselves implement in-house. In short, security is a key point of differentiation for cloud computing providers.

So what are the most dangerous cloud-specific vulnerabilities and threats, and how can suppliers best protect their cloud computing environments? The reality is that neither the general nature of the security threat nor the type of deployment risk is fundamentally different from the traditional environment. Attackers tend to follow similar patterns and use the same methods that have been used in traditional environments: bypassing access control, discovering valuable data, controlling the assets in which the data resides, and then stealing or leaking data. But the nature of cloud computing means that suppliers need to adjust their methods to address the specific problems of an on-demand environment.

Adopt layered approach to reduce the negative impact of cloud computing vulnerabilities

As they protect traditional IT environments, cloud computing providers need a multi-tiered approach to comprehensively address security issues, which integrates multiple technologies, such as access management, perimeter security and threat management, encryption, distributed denial of Service (DDoS) mitigation, and privacy and compliance management. However, in a shared cloud computing environment, components such as identity and access management have become particularly important because data from multiple customers is stored in the same shared environment and accessed through the same shared environment. Cloud computing vendors need to assure customers that they can deliver an efficient solution that not only grants access, but also uses methods such as multifactor authentication in a virtual environment to authenticate.

Vendors also need to use monitoring tools to address the security of hypervisor, which can detect suspicious behavior, including irregular traffic patterns and irregular transactions, which can potentially imply a threat to environmental integrity. Vendors also need to answer questions about data mixing from both privacy and compatibility by describing how they logically differentiate customer data.

Many hackers will launch a massive attack on cloud computing, which is designed to overload the environment and expose vulnerabilities. At this point, the vendor needs to take proper DDoS mitigation measures to facilitate the discovery of abnormal traffic before the attack affects the environment.

In addition, in a multi-tenant environment, vendors need to ensure that enterprises that migrate application workloads from traditional environments have configured communication settings correctly for some factors-including encrypted or unencrypted data channels, IP addresses and host names-so they are transmitted through a secure channel.

Vendors face a range of challenges in protecting cloud data, but the real test is to learn how to communicate effectively with customers, which involves introducing security controls and highlighting the unexpected events in which suppliers respond to vulnerabilities.

The success of cloud computing depends on a number of factors. While issues such as price and data geography are important, the real embodiment of cloud computing providers is its ability to be a trusted partner for its customers, not only to provide the right infrastructure, but also to be trustworthy because it keeps its promise.