10 Security considerations when dealing with cloud resources
1. Identity management in the cloud
Identity management in the cloud can be considered a lack of upfront security. If the only upfront security you have to offer is one password then you are likely to be part of identity theft. The more credentials you have for your cloud network, the more secure it will be 2. Cloud resident data may be lost due to faulty software/equipment. software and equipment failure may also be caused by faulty and outdated equipment. The nature in which shared resource cloud computing may also lead to software failure due to hacking 3. It is possible that cloud data may be mishandled by the could provider due to technology gaps. This mishandled information could be extracted through a court issued subpoena. This should hopefully allow you to recover lost data 4. Cloud outages are possible and can be caused by security vulnerabilities. A single corrupted bit can cause a cloud outage. Thankfully cloud vendors can patch their platforms quickly and address the problem in most situations 5. Granular encryption can become a key part in cloud security. Encrypted data stored in the cloud can only be decrypted by applications on the client device. With this developers can create solutions with 100% data privacy in the cloud 6. Cloud storage is becoming a bigger concern with virtualization. If data is not deleted before recourses are not reallocated to the next virtual machine, there is potential for exposure in the data. 7. Traffic Management is a growing concern with virtual machines. Traffic segregation to gather and isolate different classes of VMs could be a solution. VMs could be traced to their owner throughout their life cycle 8. Security certifications within outdated technology is very important. Several products have undergone formal security evaluations and received certification. What this means in practical terms is that several VM technology vendors have taken pains to obtain independent and recognized security certification. 9. Single sign-on is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being promoted to log in again at each of them. This can be considered unsafe by many. 10. Deterrent controls are intended to reduce attacks on a cloud system. Much like a warning sign on a fence or a property, deterrent controls typically reduce the threat level by informing potential attackers that will be adverse consequences for them if they proceed.