Top 10 Security Concerns For Cloud-Based Services
Skip to content
Program Studi Akuntansi | Fakultas Ekonomi dan Bisnis UMA
youtube
instagram
id Indonesian
en Englishid Indonesian
PROGRAM STUDI AKUNTANSI | KAMPUS TERBAIK DI SUMUT
Call Support 061-822-5602
Email Support akuntansi@uma.ac.id
Location Jl. Setia Budi NO.79 B, Medan
  • HOME
  • PROFIL
    • Akreditasi
    • Fungsionaris
    • Struktur
    • Visi Misi
  • AKADEMIK
    • INFORMASI AKADEMIK
      • AKADEMIK ONLINE
      • E-LEARNING
      • JURNAL
      • LAPORAN AOC
    • JADWAL AKADEMIK
      • JADWAL KULIAH
      • JADWAL PRAKTIKUM
      • JADWAL SEMINAR
      • JADWAL UJIAN
      • JADWAL SEMESTER ANTARA
      • JADWAL WISUDA
    • KALENDER AKADEMIK
    • KURIKULUM
      • Semester I
      • Semester II
      • Semester III
      • Semester IV
      • Semester V
      • Semester VI
      • Semester VII
      • Semester VIII
  • AKTIVITAS PRODI
    • KEGIATAN PRODI
    • PRESTASI PRODI
  • MAHASISWA
    • BEASISWA
    • SISTEM INFORMASI
      • DATA MAHASISWA
      • BLOG MAHASISWA
      • JURNAL MAHASISWA
      • AOC
      • ELEARNING
      • APIK
      • KUOTA
      • OPAC
      • WEBMAIL
      • SIPRODI
    • Prestasi Mahasiswa
  • DOSEN
    • Data Dosen Prodi
    • BLOG DOSEN
    • Aktivitas Dosen
    • prestasi dosen
    • JURNAL DOSEN
    • AOC
    • RKTS
    • RPS
    • TKTD
    • ELEARNING
    • OPAC UMA
    • WEBMAIL
  • ARSIP
    • DOKUMEN PRODI
    • PENGUMUMAN
  • ALUMNI
    • TRACER STUDY
    • DATA ALUMNI
    • LAYANAN ALUMNI
    • AKTIVITAS ALUMNI
    • PRESTASI ALUMNI
  • LABORATORIUM
    • INFORMASI LABORATORIUM
    • APLIKASI LABORATORIUM
  • HUBUNGI KAMI

Top 10 Security Concerns For Cloud-Based Services

Home > News > Top 10 Security Concerns For Cloud-Based Services

Top 10 Security Concerns For Cloud-Based Services

Posted on January 13, 2021January 14, 2021 by admin
0

The number of cloud migrations is growing every year, and the security issues remain a serious topic. The first step to minimize the risks in the cloud is the timely identification of key security concerns. These issues also disturb the bookkeeping of the company. At a conference, CSA (Cloud Security Alliance) presented a list of 10 threats to cloud security that organizations face, which are as follows.

1. Data leakage

The cloud is subject to the same concerns as traditional infrastructures. Because of a large amount of data that is now often transferred to the clouds, the cloud hosting provider sites become an attractive target for intruders. Simultaneously, the severity of potential threats directly depends on the importance of the stored data. Disclosure of personal user information, as a rule, receives less publicity than disclosure of medical reports, commercial secrets, intellectual property, which causes significant damage to the reputation of a company.

2. Compromising Accounts and Bypassing Authentication

Data leakage is often the result of a negligent attitude to authentication mechanisms when weak passwords are used. The management of encryption keys and certificates is inadequate. Also, organizations face the problems of managing rights and permissions, when end users are assigned much higher power than needed. The issue also occurs when the user is transferred to another position or gets fired. As a result, the account contains many more features than required, which is a bottleneck in the issue of security.

3. Hacking interfaces and API

Today, cloud-based services and applications are inconceivable without a user-friendly interface. The security and availability of cloud services depend on how well the mechanisms of access control, encryption in the API are developed. When interacting with a third party using their APIs, the risks increase because companies need to provide additional information, up to the user’s login and password. Weak security interfaces are becoming a bottleneck in issues of accessibility, confidentiality, integrity, and security.

4. The vulnerability of the systems used

The vulnerability of the systems used is a problem that occurs in multi-tenant cloud environments. According to CSA reports, the costs spent on reducing system vulnerabilities are lower than other IT costs. A common mistake when using cloud solutions in the IaaS model, companies pay insufficient attention to the security of their applications, which are located in the security infrastructure of the cloud provider.

5. Account theft

Phishing and other fraud are often present in the cloud environment. This fraud adds concerns in the form of attempts to manipulate transactions and modify data. Attackers consider cloud platforms as a field for committing attacks. And even compliance with the strategy of “protection in depth” may not be sufficient. It is necessary to prohibit the “sharing” of user accounts and services among themselves and pay attention to the mechanisms of multifactor authentication.

6. Insiders-intruders

Insider threats can come from current or former employees, system administrators, contractors, or business partners. Insiders-attackers pursue different goals, ranging from data theft to the desire to revenge. In the case of a cloud, the goal may be to wholly or partially destroy the infrastructure, gain access to data, and so on.

7. Target cyberattacks

A developed sustainable threat, or targeted cyber attack, is, at this time, not uncommon. Having sufficient knowledge and a set of relevant tools, an individual can achieve results. The malefactor, who set out to establish and consolidate his presence in the target infrastructure, is not easy to detect.

8. Permanent data loss

Since the clouds have matured enough, cases with loss of data without the possibility of recovery due to the service provider are sporadic. At the same time, intruders, knowing about the consequences of permanent data deletion, aim to commit such destructive actions. Cloud hosting providers to comply with security measures recommend separating user data from these applications, saving them in different locations.

9. Insufficient awareness

Organizations that move into the cloud without understanding cloud capabilities face risks. If, for example, the client-side development team is not familiar with the cloud technology features and the principles of deploying cloud applications, operational and architectural problems arise.

10. Abuse of cloud services

Legitimate and illegitimate organizations can use clouds. The latter’s goal is to use cloud resources to commit malicious acts: launching DDoS attacks, sending spam, distributing malicious content, etc. Service providers need to be able to recognize such participants. Study traffic in detail and use cloud monitoring tools.

Sumber: https://www.completecontroller.com/

Related

Share

Tags: account robbery, cloud environment, corporate reputation, cyber attacks, data leakage, hacking interfaces and system vulnerabilities, insufficient awareness, permanent data loss, security infrastructure, traditional infrastructure

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

72 − 69 =

PENCARIAN

ARTIKEL TERBARU

  • Types Of Investment Policies
  • Jenis Kebijakan Investasi
  • 5 Market Strategies To Grow Your Business
  • 5 Strategi Pasar Untuk Mengembangkan Bisnis Anda
  • Options For Implementing An Accounting System

KALENDER

January 2021
S M T W T F S
 12
3456789
10111213141516
17181920212223
24252627282930
31  
« Dec   Feb »

KAITAN UMA

 

 

KAMPUS I
Jalan Kolam Nomor 1 Medan Estate / Jalan Gedung PBSI, Medan 20223
(061) 7360168, 7366878, 7364348. Call Canter : 0822-6777-1313, 0822-6777-1314, 0813-7095-7775
(061) 7368012
univ_medanarea@uma.ac.id
KAMPUS II
Jalan Sei Serayu Nomor 70 A / Jalan Setia Budi Nomor 79 B, Medan 20112
(061) 8225602, 8201994 HP : 0811 607 259
(061) 8226331
ekonomi@uma.ac.id

PENGUNJUNG WEBSITE

  • 0
  • 124
  • 84
  • 2,521
  • 9,704
  • 127,650
  • 58,364
Copyright 2016-2020 © by PDAI Universitas Medan Area