Expert Virus Removal Services and Technical advice.

We are Providing Computer users with Expert Virus Removal Services and Technical Advice.

Threats and their Removal.

Do you need a quick solution to a technical problem? With our live remote-assistance tool, a member of our support team can view your desktop and share control of your mouse and keyboard to get you on your way to a solution.

Spywares and their Removal.

Are you worried that your computer might be nfected with Spywares? Then this is were you can find Support.

Advices for Protecting the Computer.

Expert Advices for Protecting your computer from attacks from all threats

Different Anti Virus Software and Tools.

Familiarizing different Anti Virus Software and removal Tools.

November 24, 2010

Dangerous Clouds!


The non-profit Cloud Security Alliance has published a report defining the foremost cloud security threats.

Cloud computing is a kind of distributed system whereby all computer resources are provided to the users in the form of Internet services. As the technology becomes more and more popular, criminals use it to improve their reach, avoid detection and increase the effectiveness of their activities. Enterprise and home users need to better understand the risks associated with the adoption of cloud computing.

The authors of the report identified the following seven threats:

1. Abuse and nefarious use of cloud computing
Providers of infrastructure as a service offer their customers the illusion of unlimited compute, network and storage capacity, often coupled with a frictionless registration process where anyone with a valid credit card can register and immediately begin using cloud services. Some providers even offer free limited trial periods. By abusing the relative anonymity behind these registration and usage models, spammers, malicious code authors and other criminals have been able to conduct their activities with relative impunity.

2. Insecure Application Programming Interfaces
Cloud computing providers expose a set of APIs that customers use to manage and interact with cloud services. Provisioning, management, orchestration and monitoring are all performed using these interfaces. The security and availability of general cloud services is dependent upon the security of these basic APIs.

This threat is amplified for consumers of cloud services by the convergence of IT services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure.

4. Shared technology vulnerabilities
Cloud computing vendors deliver their services in a scalable way by sharing infrastructure. Often, the underlying components that make up this infrastructure were not designed to offer strong isolation properties for a multi-tenant architecture. To address this gap, a virtualization hypervisor mediates access between guest operating systems and the physical compute resources. Still, even hypervisors have exhibited flaws that have enabled guest operating systems to gain inappropriate levels of control or influence on the underlying platform.

5. Data loss/leakage
The threat of data compromise increases in the cloud. Examples include insufficient authentication, authorization or audit controls, operational failures and data center reliability.

6. Account, service & traffic hijacking
Cloud solutions add a new threat to the landscape. If an attacker gains access to your credentials in the cloud, they can manipulate data, eavesdrop on your activities and transactions, return falsified information and redirect your clients to illegitimate sites. Your account or service instances may become a new base for the attacker. From here, they may leverage the power of your reputation to launch subsequent attacks

7. Unknown risk profile
One of the ideas of Cloud Computing is the reduction of hardware and software ownership and maintenance to allow companies to focus on their core business. This has clear financial and operational benefits, which must be weighed carefully against the contradictory security concerns — complicated by the fact that cloud deployments are driven by groups who may lose track of the security ramifications.

These threats described are not listed in order of severity.

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More