There are numerous ways one can gain unauthorized access to data maintained in the cloud’s data centers. The methods vary from physical theft to trickery and electronic attack. Common methods of attack include cracking weak passwords, privilege escalation, exploiting unused database functionality, targeting known unfixed software vulnerabilities, SQL injection, and stealing unencrypted back-up tapes (Higgins, 2008).
The Cloud Security Allience (CSA), which promotes best practices for cloud computing security, cites seven main threats to the cloud: “1) Abuse and nefarious use of cloud computing; 2) Insecure application programming interfaces; 3) Malicious insiders; 4) Shared technology vulnerabilities; 5) Data loss or leakages;…show more content… Accountability refers to determining when a security breach occurs, who was responsible for the breach, and where to place liability for any losses. Audibility is keeping tracking of who accessed or changed data and ensuring that employees maintain the minimal access level required for job success (Yang and Borg, 2012). However, it should be noted that these measures do not physically prevent subversive actions and rely on the threat of future punishment as a deterrent.
Number four on the CSA list is shared technologies vulnerability. Shared technology vulnerabilities are possible due to virtualization and multitenancy. Two independent virtual machines could be operating on the same physical machine, potentially allowing one virtual machine to peek at the other’s data through the physical link (Wiley, 2012). A Denial of Service (DoS) attack can also be instrumented through multitenancy by misappropriating resources from the shared platform (Fernandes, 2013). One step that organizations can take to prevent a multitenancy leak is to ensure the organization’s web server is not on the same platform as its database. If someone were able gain access to a web server that also had a database on it, they would have access to that database. While this requires more resources to separate the two servers, the additional layer of security is worth the expense to the organization (“Database Security,” n.d.).
Number seven on the CSA