In simple terms, Cloud security emerges as a sub-domain of network security, computer security, and information security. To offer optimal protection to applications, data, and infrastructure of cloud computing, some controls, technologies, and policies are required to be deployed, and cloud security refers the same.
Related to security- issues associated with the cloud
Cloud is used in the form of various service models such as Paas, SaaS, and IaaS and form of different deployment models such as Public, Private, Community, Hybrid by organizations.
The number of security related issues associated with cloud computing mainly divided into two parts.
- Issues faced by cloud hosting companies in the context of providing services to their clients in the form of platform, software or infrastructure through a cloud.
- Security issues faced by their customers. Here clients refer to the organizations by whom applications hosted and data stored on a cloud.
Both of above possess responsibility. However, it is a duty of provider to make sure that infrastructure offered is safe and optimal protection provided to applications and data from their customers. With this, their clients also take measures by which their applications fortified, authenticity ensured, and they must use strong passwords.
Business confidential information and data is at high risk as it has a threat of being attacked by those who are inside attackers. The reason behind this that organizations lose their ability to physically access server which is hosting their information. Why organization loose its ability? So, an answer is when a public cloud is chosen by an organization to host applications or to store data on it.
From the report of Cloud Security Alliance, known that attacks which take place inside considered as a cloud computing third biggest threat. Thus, a background of those employees who can physically access server in their data center must be checked by Cloud Service providers thoroughly. With this, monitoring of data centers on a frequent basis is required to check if any suspicious activity is taking place.
Mostly, Cloud Service providers store data of multiple customers on the same server to reduce the cost, to optimally utilize resources and in all to maintain efficiency. And this leads to the access to personal data of one user by other users, more often by competitors. Thus, to control these situations, cloud service providers must make sure that data is properly isolated and logical storage properly segregated.
When implementing cloud infrastructure, virtualization extensively used which brings some different security issues for tenants of a public cloud service as well as for customers. The relationship between hardware, whether it is storage, computing, or networking and Operating system are later by virtualization. Here virtualization comes which should be configured, secured and managed in a proper manner. Specific issues comprise of compromising the virtualization software.