Cloud Computing Security Issues

In my last post, I said that I do not like Cloud Computing due to security issues. 

If you want to know more about these issues, Network Computing has a great summation of HP’s “Seven Deadly Sins of Cloud Computing”. HP and the Cloud Security Alliance list the seven deadly sins as:

  1. Misuse of the Cloud – Using it to attack other hosts
  2. Unsecure API’s
  3. Malicious Insiders
  4. Configuration Issues
  5. Data leaking through the Cloud
  6. Account Hijacking
  7. Future/ Unknown Issues

Cloud Hosted Websites Shutdown due to Malware

Today, Government Computer News released a story about four cloud-hosted Web sites that were shut down by the Treasury department due to malware infection.  

According to the Article:

The bureau began using a third-party cloud service provider to host the sites last year, it said Tuesday in a statement about the incident. “The hosting company used by BEP had an intrusion and as a result of that intrusion, numerous websites (BEP and non-BEP) were affected,” the statement said. The Treasury Government Security Operations Center was alerted to the problem and notified the bureau, which responded by taking the sites offline.

The infections first were reported by Roger Thompson, chief research officer for AVG Technologies, who discovered malicious code injected into the affected page Monday morning. He said the code appears to link with two attack servers in Ukraine.

I really don’t like the idea of cloud computing, just from security concerns alone. Four sites were taken off line by an infection. If a site hosts EVERYTHING for you, when they do get infected and go offline, this in turn shuts you down. Because in essence your computer is down too, if you completely rely on them. I don’t know, call me old fashion, it just seems that cloud computing is too great a security risk.

The Seven Deadly Sins of Cloud Security

Just a reminder, tomorrow at 1 PM EST, HP is presenting the webinar, “The Seven Deadly Sins of Cloud Security”:

As IT organizations begin to implement business critical applications in the cloud, there are serious security concerns that must be addressed. A recent Cloud Security Alliance research project, sponsored by Hewlett Packard, produced a report unveiled to the world on March 1, 2010. Join HP and the Cloud Security Alliance to learn about the Seven Deadly Sins of Cloud Security
In this webcast, participants will learn about:

  • The seven deadly sins of cloud security
  • Common cloud security misconceptions
  • Best practices for avoiding the seven deadly sins
  • How HP can help you secure cloud initiatives

Presented by Jim Reavis, CSA; Archie Reed, HP; and Dennis Hurst, HP.