Research Project - Technology Vulnerabilities in the cloud
Running Head: Technology vulnerabilities in the cloud 1
Technology vulnerabilities in the cloud 2
Technology vulnerabilities in the cloud
Student Name
Institution Affiliation
Date
Cloud Computing is a technology for virtualization that uses data pooling. Cloud is an updating technology that incorporates concurrent, distributed, or grid computing with conventional computing technologies (Dahbur et al., 2011). Cloud computing is a modern trend of the Internet that enables a wide variety of consumers to manage by distributing services over the Internet at once. The data owner can store data in the cloud remotely and enjoy cloud services such as on-demand self-service, resource pooling, and fast resource elasticity. Vulnerability is a significant risk factor for manipulating the threat that harms the device in cloud computing (Grobauer, Walloschek & Stocker, 2010). Unauthorized control system entry, network protocol vulnerabilities, data recuperation insecurity, and billing and calculation avoidance are cloud vulnerabilities.
There are, however, numerous flaws in cloud computing security, impacting many organizations today. For example, in today's data organizations, Misconfigured Cloud Computing is the first vulnerability (Suryateja, 2018). Cloud computing is a rich pool of robbed information for cybercriminals in this insecurity. Despite the large stakes, cloud storage's misconfiguration continues to make organizations that cost many businesses a great deal. In 2018, almost 70 million documents were compromised or leaked due to cloud storage buckets that were improperly installed, according to a Symantec report.
Besides, unstable APIS is also a vulnerability. Cloud infrastructure processes are designed to streamline application user interfaces (APIs). However, APIs will open communication lines for attackers to manipulate cloud services if they are left vulnerable. Different studies estimate that attackers more commonly use APIs as a threat vector for targeting business application data. The latest analysis has shown that two-thirds of businesses have made their APIs open to the public to use app platforms through external developers and business partners. With increasing reliance on APIs, attackers have found common ways of leveraging unsafe APIs for malicious operations, and two examples followed: insufficient authentication (Hashizume et al., 2013). These APIs can also be completely internet-friendly and can be used by anyone for accessing business data and systems. Inadequate authorization: Many developers do not accept that attackers are going to see backend APIs and are not putting up proper licensing controls. If not, backend data compromise is trivial.
As a consequence, the loss or stealing of intellectual property is vulnerable. Intellectual property (IP) is undeniably one of the organization's most important assets and is prone to security attacks, particularly when data is processed electronically (Chou, 2013). Nevertheless, almost 21 percent of the files submitted to cloud-based file-sharing platforms have confidential details, including IP records. If these cloud resources are abused, criminals may have access to confidential information they hold
References
Chou, T. S. (2013). Security threats on cloud computing vulnerabilities. International Journal of Computer Science & Information Technology, 5(3), 79.
Dahbur, K., Mohammad, B., & Tarakji, A. B. (2011, April). A survey of risks, threats, and vulnerabilities in cloud computing. In Proceedings of the 2011 International conference on intelligent semantic Web-services and applications (pp. 1-6).
Grobauer, B., Walloschek, T., & Stocker, E. (2010). Understanding cloud computing vulnerabilities. IEEE Security & Privacy, 9(2), 50-57.
Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of internet services and applications, 4(1), 1-13.
Suryateja, P. S. (2018). Threats and vulnerabilities of cloud computing: a review. International Journal of Computer Sciences and Engineering, 6(3), 297-302.