Cloud Computing Essay

Decent Essays

Introduction Over the past several years the term cloud computing has become common in homes and organizations alike. Cloud computing can be defined as a pooled set of computing resources that are furnished via the internet. There are three types of cloud services typically available, these services are Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS). Organizations can benefit greatly from cloud services because they eliminate the need to buy and manage physical resources. Although such an action cuts cost it leaves organization victim to the vulnerabilities and threats that exist in cloud computing. Throughout this paper I will discuss the vulnerabilities and threats that come …show more content…

The Cloud Security Alliance reported that providers lack to offer much insight on their hiring practices and standards and for potential employees and access controls and audit techniques being used within their firm (Cloud Security Alliance, 2011). Providers with lapse practices and controls create an opening for attackers; they can simply gain employment with providers and attack the infrastructure from within. A cloud service account is very similar to most web-based account; access to the account requires a username and password for authentication. Threat such as phishing and person-in-the-middle attacks used to gain access to passwords can result in an attacker gaining access to a cloud service account. Once the attacker gains access to the account steal data, manipulate data, redirect traffic, or carry out attacks from your allocated resource which can devastate an organizations reputation (Cloud Security Alliance, 2011). Cloud technologies revolve heavily around virtual machines that reside on physical servers (Talbot, 2009). One physical server could be the home of a slew of virtual machines; should an attacker interrupt the normal operations of a physical server it could result in the inoperability of the virtual machines also. One of the techniques can be used is an attacker implanting a virtual machine on a physical server (Talbot, 2009). Once the

Get Access
Get Access