SAN FRANCISCO — The potential for data breaches and permanent data loss are among the top threats to cloud computing security, according to a report released Monday at the RSA Conference here.
The “Notorious Nine: Cloud Computing Threats in 2013” report, by the nonprofit Cloud Security Alliance, lists nine critical threats to cloud security, based on survey responses from several hundred industry and government experts and insight from the organization’s working group that identifies security threats to cloud computing.
In 2010, data breaches ranked fifth on the list of top threats. This year, data breaches rose to the top of the list.
The report noted that in many cases cyber hackers don’t have to go to great lengths to compromise an organization’s data stored in the cloud.
In a cloud computing environment that is not properly designed and has multiple customers, a flaw in one customer’s application could provide hackers access to other people’s data.
Encrypting data may reduce the impact of a breach, the report noted.
In addition to listing the top threats, the report describes the implications should those threats manifest and recommends security controls for defending against those threats. The report is intended to help security professionals make better risk-based decisions before adopting cloud computing.