Cloud computing is among the top ten most important technologies. The attention it is receiving from the scientific and industrial fields are also increasing. In the next few years, the cloud computing technology is said to become a bigger prospect.
With minimal management effort, cloud computing can provide convenient, ubiquitous, handy, on-demand network access to pooled group of computing resources such as networks, applications, services, storage and servers.
Now, let us examine what cloud computing is and the issues it may be facing after.
What is cloud computing? There are various definitions of cloud computing across the web. However, it can be generally defined as the taking of applications and running them in infrastructure other than one’s own. The companies who do this outsource their hardware and applications and run this in the clouds. The outsourcing may vary from one company to the other.
The primary reason why most companies are driven towards cloud computing is cost. Small companies can’t afford the hardware as well as the running of it while big companies find the costs of maintenance and management to be high-priced. Cloud computing helps companies cut on costs and it reduce burden among corporate IT organisations.
The technology of cloud computing helps many firms outsource computing needs while they try to focus on their customers’ solutions.
There are multiple service levels that the cloud computing can offer. An analyst firm, Gartner, has categorised cloud computing into 3 levels.
Image: Google Developer
The first one is the SaaS or the Software as a service. Its major examples are those of Salesforce, Netsuite, Yahoo!Mail and Hotmail. The second one is the PaaS or the platform as service. In this service, the organisation asks vendors to take care of the infrastructure while the vendors render the platform for the businesses to host and build their application. Examples include Windows Azure, Amazon Elastic Beanstalk and the Force.com.
The last one is the IaaS or the Infrastructure as a Service is where one outsources the hardware. This allows the renting of computing power, the cooling and networking. It’s a combination of cloud storage and computing. Example of this is Amazon EC2, Google Cloud Storage, Rackspace and Joyent.
Top 10 Issues and Possible Solutions
Being one of the fastest growing segments of the IT industry, cloud computing may be promising but it holds some of its own issues involving securities and on other fields.
This can be everybody’s nightmare. Imagine data and all important matters concerning your organisation falling in the hands of competitors? Certainly, the cloud computing has heightened this old fear that corporations have and a new avenue has been created in forms of digital breaching. A flaw in the various aspects of the computing can lead to access of data.
Cartoon: Randy Glasbergen
In the Study of University of North Carolina, the University of Wisconsin and RSA Corporation, it has been discussed how side channel timing information can extract private cryptographic keys through virtual machines. However, it has been purported that security breaches may not need to go such ways when the attack flaw is on the client’s application side through a multilatent cloud service database.
There are different possible ways to be able to avoid data breach. But remember, these solutions may have something that may be threatening as well. Encrypting data can be the best possible way to avoid data breach. The only thing that might hinder you to it is losing the encryption key. Once you lose it, you’ll lose the data. Offline back up can be the second in line solution. But then again, it increases exposure to data breach which takes you back to square one.
So aside from the data breach, data loss is second biggest nightmare of cloud computing fans. Data loss can happen through malicious attackers, accidental deletion of cloud servers itself or through physical disaster like fire that is inevitable. These could lead to permanent loss of data of customers and businesses alike.
Customers are held accountable for data loss too. As mentioned above, once a customer encrypts data and forgets or loss the key, then the data will be lost as well. One major hit last year for this is of Barclays, wherein it has been fined $3.5m after record keeping failure.
Compliance policies though may require organisations to retain audit records. This will help once and for all minimise data loss. Once the organisation loss the data in the cloud storage, the organisation will be hold accountable and it will jeopardise the organisation’s compliance status to the policies of governing bodies.
Insecure Interfaces and APIs
Cloud providers have a set of interfaces and APIs offered to consumers to interact with the services. These interfaces help in the management, orchestration and monitoring of the clients. Often, organisations may be required to give credentials to third parties to enable activity.
Strengthening API’s and Interfaces may help in the part of the cloud computing providers. On the part of the consumers, they should ensure to understand the security implications of their usage and management.
Denial of Service mostly may generate fear and media attention. However, this only may be a result of getting system resources into limited mode. When this happens, slowdown may take place while users get confused and angry. This usually happens when there is vulnerability in the web servers, data bases and other cloud resources.
DDoS often is likened to traffic jam. But many of these traffic jams may cause consumers to back out once providers bill client based on the disk space they consume.
Now to reduce this DDoS attacks, you may read this helpful ways to tackle them:
- Strategies of Mitigation from Australian Signals Directorate
- How to reduce the Risk of DoS form Microsoft
- How to Reduce the Risk of DOS Attacks from DarkReading
Shared Technology Vulnerabilities
Virtual containers helps isolate hardwares for each customers. Photo: Tom Raftery
One possible way to contain this vulnerability is to use virtual containers which helps isolate providers’ hardware for each customers. Compartmentalisation techniques are ever present. A thorough study of this may help organisations tackle attacks of shared vulnerabilities.
Malicious insider threats can be the system administrator, former employees or business partners. Once these malicious insiders use the accessed data in a malicious way that affects the organisation negatively, then the system becomes vulnerable and accountable.
One way to mitigate this is to promote different level access. Another is to have consumers keep their encryption and not rely solely at data usage time. And don’t rely exclusively on Cloud Service Providers as well.
Abuse of Cloud Services
Renting time to tens of thousands of servers can make it possible for small businesses access to it. However, attackers may also make use of the cloud services to stage attacks or send server malware.
One way for cloud service providers to ensure that consumers will be protected is to detect the people that abuse the service, define that extent of the abuse made and develop ways to prevent these attackers from doing it again.
Insufficient Due Diligence
With its great promise, the cloud computing technology has drawn in thousands of users and organisations that think that the service is the best possible way to serve their businesses. However, most of these organisations only saw the benefits of the cost reduction, efficiency and improved security without understanding the full range of the technology.
The only way around it is to fully understand what one is getting into. Usually, this will happen once unfamiliar people are given the responsibility of managing the services of the cloud. Capable resources as well as internal and CSP due-diligence will help reduce risks associated with the adoption of the new technology.
Account/Service Traffic Hijacking
Once a consumer uses or reuses a password, hijacking possibilities will be increases. Hijacking in the IT world though is not new. Several hijacking methods such as phishing fraud and exploitation were already prevalent before. And bigger IT organisations are not immune to this. Amazon back in 2009 and 2010 experienced this, wherein attackers hijacked credentials and Zeus botnet nodes were run.
Cloud solution hijacking is one major task wherein everything can be tracked by the malicious attackers. This may lead to data manipulation, tracking of transactions, falsified information as well as redirection of consumers to illegitimate sites.
Common defence techniques and strategies are often done prior to any breach. One way to stop this is to prohibit sharing of account credentials between consumers/clients and services. Another suggestion is to use tough two-factor authentication techniques.
Compliance with Data Privacy in Multiple Geographies
Cloud server providers can impose various rules and regulations once a cloud computing service is requested from other counties. There are varied laws that a provider must comply with to get the service working in a certain country.
The best possible solution to this is to offer security solutions which will be compliant with various regulating bodies such as the HIPAA, PCI DSS, EU data protection laws.
In every technology, there can be glitches. Minimising these glitches may require time, study and familiarity. Cloud computing will not run out of problems but there can always be solutions.