Professional Documents
Culture Documents
Data breaches.
o Side channel timing information to private cryptographic
key
o Single security flaw in multitenant cloud service.
o Measures taken to mitigate data loss problem can
instead exacerbate the other problems.
o Encryption is possible solution, but key protection is of
grave concern.
o Offline backups increase exposure to problems
Data loss
o Valuable Data loss
o Legal Data loss
o Encryption will backfire
Account/Service Traffic Hijacking
o If an attacker gains access to your credentials, he or she can
eavesdrop on your activities and transactions, manipulate data,
return falsified information, and redirect your clients to
illegitimate sites
o Power of reputation to launch attacks
o XSS attack on Amazon in 2010
o Strong sharing policies. Prohibit sharing
o Two factor Authentication
Insecured Interfaces and APIs
o IT admins rely on interfaces for cloud provisioning,
management, orchestration, and monitoring.
o Organizations may be required to relinquish their credentials to
third parties in order to enable their agency
Denial of Service
Malicious insiders
Abuse of Cloud
Dilligence
Shared technology vulnerablilities