- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
Network World - Cloud security threats come in all shapes and sizes, so we asked eight experts to weigh in on what they see as the top threat to cloud security. The answers run the gamut, but in all cases, our cloud security panelists believe that these threats can be addressed.
By Rakesh Shah, Director of Product Marketing & Strategy, Arbor Networks
The biggest security threat to the cloud is application-layer distributed denial of service (DDoS) attacks. These attacks threaten the very availability of cloud infrastructure itself. If a cloud service is not even available, all other security measures, from protecting access to ensuring compliance, are of no value whatsoever.
Hackers have found and are actively exploiting weaknesses in cloud defenses, utilizing cheap, easily accessible tools to launch application-layer attacks. A major reason they have been successful is that enterprise data centers and cloud operators are not well prepared to defend against them.
Existing solutions, such as firewalls and IPSs are essential elements of a layered-defense strategy, but they are designed to solve security problems that are fundamentally different from dedicated DDoS attacks.
As DDoS attacks become more prevalent, data center operators and cloud service providers must find new ways to identify and mitigate evolving DDoS attacks. Vendors must empower data center operators to quickly address both high-bandwidth attacks and targeted application-layer DDoS attacks in an automated and simple manner. This saves companies from major operational expense, customer churn, revenue loss, and brand damage.
By Guy Helmer, CTO of Palisade Systems
Confidentiality of content is the top cloud security threat and concern for information security and IT leaders.
Companies of all sizes and across all industries, especially healthcare and financial industries, have taken steps to protect confidentiality of their content in their legacy data centers because of high costs from disclosures, penalties resulting from breaches, and loss of reputation.
However, in the cloud, unbeknownst to many organizations, content can't be monitored, controlled, and protected as easily, because of lack of visibility, sharing systems with other cloud customers, and potential for malicious insiders at cloud providers.
Cloud environments pose different obstacles for safeguarding content. In information-as-a-service (IaaS) environments, customers have the ability to create corporate infrastructure in the cloud. Encryption, access control and monitoring can reduce the threat of content disclosure. However, modern content security monitoring and filtering solutions may be difficult or impossible to deploy due to architectural or other limitations in this cloud environment.
In platform-as-a-service (PaaS) environments, customers can quickly spin-up new Web, database and email servers, but will find they have even fewer ways to do any monitoring or protection of content than in an IaaS environment.