Order Now
Uncategorized

Cloud Computing Security: Threats And Solutions

10 min read
Posted on 
April 25th, 2025
Home Uncategorized Cloud Computing Security: Threats And Solutions

Definition of Cloud Computing

Discuss about the Security Threats In Cloud Computing Innovation.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

According to National Institute for Standards and Technology (NIST), cloud computing is a technology that facilitates suitable access to configurable computing resources and infrastructure  such as  software, servers, networks, storage infrastructure (NIST, 2018).  Cloud computing services can be accessed with little efforts from an organization’s management or service providers (Sen, 2011). Another basic way to define cloud computing is that it is a development that  delivers software’s and IT resources such as managed services over the Internet and through software and hardware in datacenters. Google, Microsoft and Amazon are some of the popular companies that provide cloud computing services for Industries (Fischer, 2018).

Cloud computing can be implemented in form of several services including as software, infrastructure and platform in services termed software as a service, infrastructure as a service and platform as a service (Orlando, 2011).

  • Software as a service allow customers to access any applications over the Internet without the need to necessarily install it in the machines. This way they don’t bother with updates and upgrades because they always access an updated copy of the application.
  • Infrastructure as a service allow users to be able to access IT infrastructure components such as servers, storage drives, networks and more
  • Platform as a service enable mostly developers and system designers access applications for developing environments solely online. Such a service protects developers from loss of code since everything is stored on the cloud and can be accessed from anywhere.

Whether a user is in need of a software, IT storage resource or a development platform from the cloud, there are several methods to implement the service they select. According to (Badger, Grance, Patt-Corner, & Voas, 2011), cloud systems  can be implemented in any of these models.

  • As a public cloud: a user usually subscribes to a public cloud from a third party cloud services provider such as Google, Amazon or Microsoft. A public cloud is therefore hosted by the provider whose service is to sell, host and manage cloud space for clients (Microsoft Azure , 2018).
  • As a private cloud: a user usually gets an exclusive cloud space that is not shared with the public. The space can be hosted by the end-user or the cloud provider providing the service for the user. A private cloud is more costly that a public cloud but offers more privacy and control since the owner is the one who mostly is in charge of control and management.
  • As a community cloud: a community cloud is implemented when more than one user or organization share a cloud space in order to work collectively or to support a common mission or objective, policy or concerns.
  • As a hybrid cloud: a hybrid cloud is the deployment of more than one cloud systems. For instance if an organization implements both public and private cloud, they are using a hybrid cloud computing.

Cloud computing innovation has proven very beneficial for individual persons and organizations throughout the world. However, it is still faced with huge security issues (Monjur & Mohammad, 2014). This part of the report identifies some of the security issues facing cloud systems.  Many security issues affect cloud computing because it uses are integrated with several technologies such as computer networks, operating systems, databases, virtualization, processing management, device management and memory management. Thus, all security matters that affect such systems automatically become challenges for cloud computing. For instance, computer networks provides a platform for cloud computing implementation since they interconnect cloud systems and models. Cloud computing is also overlaid on top of the Internet which is a computer network. Some of the risks that affect the Internet will therefore affect cloud computing implementation. Likewise, virtualization technology in cloud computing is also tied to a number of security concerns including  the challenge of mapping physical to  virtual machines in a secure manner. In addition, algorithms for managing memory and resource allocation need to be secure.

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Cloud related threats can vary depending on the model used by a user or an organization (Lee, 2012). There are several types of security threats including the following:

  • Insider Attacker Threats

Insider threats are some of the most active threats to cloud computing systems. An internal attacker is usually employed by a company whose data and information they attack or employed by cloud providers that provides cloud facilities (Sen, 2011).  As such, they many have authorized access to cloud services including customer information and applications. Since they already have access to the systems, they can easily be a threat to supporting infrastructure and applications, depending on the role they have in an organization and using existing privileges to gain access and perform an illegal act against data integrity and confidentiality.

  • External Attacker Threats

Types of Cloud Computing Services

An external attacker intrudes systems from outside for example a hacker. As such, they are not employed by the company they intrude or the service provider organization that support the systems. They therefore have no authorized access to data and information they attack. External attackers carry out attacks against data and information confidentiality of cloud systems. Hacking attacks have become prevalent globally that such the cyber security is expected to grow massively in the coming years making cyber security skills  become some of the most sought after  (Ekran , 2016).  Threats from outside attackers may be thought to be targeted to public clouds more than the other types of clouds. But, attackers intrude into all types of clouds and most especially private clouds that could be more targeted. For instance, cloud application providers with systems that hold huge data and information such as customer personal details, credit and debit card details, sensitive data such as health information, or government related data is subject to hacker attacks. Such hackers use social engineering, denial of service attacks, and back door attacks to target and attack cloud systems.

  • Data Loss and Leakage

Data loss can transpire in the event of equipment failure and is one of the greatest risks with cloud systems (Messmer, 2013). Additionally, failure to have the right access rights across several domains can lead to data loss and leakage. Using a public cloud or the same third party provider can lead to data leakage  that cloud result from a human error or faulty hardware or software.

  • Poor Identity and Data Access Policies and Procedures

 Sometimes the threat that faces cloud security systems is as a result of poor or lack of data access procedures. When organizations fail to come up with clear procedures that govern data access across a company, data is likely to fall in the wrong hands.

  • Cloud Computing Systems Downtime

Systems downtime is a great risk for cloud systems (EMC , 2014). It occurs when the underlying infrastructure that support clouds for organizations fail including hardware and software’s (Chou, 2013). Downtime from cloud services providers such as Amazon or Google for instance can spell disaster for people and businesses that depend on them for services. If a service provider systems fail for four hours, it will also affect a user and their operations will also fail or pause for four hours.

With the dawn of social media, more and more security challenges for cloud systems have come up. Attackers have doubled social engineering attacks by using social network platforms such as Facebook, Twitter and LinkedIn. There’s no enough information to help users deal with attacks that come through social media networks. It is thus crucial to study how attackers use social engineering tactics through social media to target IT systems. Since social engineering is one of the most common tactics that attackers use to gain login credentials from authorized personnel, it is critical for business to familiarize themselves with how to detect it and some tactics attacks may use so as to detect stop attempted attacks.

Security Challenges Facing Cloud Computing Technology

This part provides measures that can be taken by cloud services consumers to guard against data security threats. The solutions can also help to manage and assess the privacy and security of their cloud services, in order to reduce threats and risk as well as deliver suitable level of support for cloud systems (Cloud Security Alliance , 2018). Such measures are outlined below according to (Cloud Standards Customer Council , 2017).

  1. Ensure proper governance and compliance processes
  2. Regular auditing of operational business processes
  • Manage and control people, their  identities and roles  
  1. Ensure proper protection of data and information
  2. Enforce privacy policies
  3. Regular assessment of cloud applications provisions for security
  • Ensure security for cloud connections and networks
  • Regular monitoring and security controls evaluation of physical infrastructure facilities
  1. Manage and control cloud services security terms
  2. Implement biometric and intrusion detection systems

Conclusion and Future Research Direction

There’s no doubt that cloud computing technology is very significant for modern businesses today. By implementing cloud computing, a business becomes more efficient in its operations and increases its productivity and eventually revenue. For individual persons, cloud computing offers convenience and speed. For freelancers, cloud computing enables them the comfort of working from home. Cloud adoption is therefore beneficial. But faced with all the security challenges discussed above, it can be risky. Adopting cloud computing without implementing the right security policies, mechanisms tools and procedures is not helpful especially with the increase in cyber-attacks.  It is important to further search on social media growth and how it affects cloud systems for improved security enhancement. Social media is an emerging and disruptive technology that is being used as a channel to attack cloud systems.

References

Badger, L., Grance, T., Patt-Corner, R., & Voas, J. (2011, May 20). Draft Cloud Computing Synopsis and Recommendations. Special Publication, National Institute of Standards and Technology (NIST) . Retrieved from NIST: https://csrc.nist.gov/publications/drafts/800-146/Draft-NIST-SP800-146.pdf

Chou, T.-S. (2013). SECURITY THREATS ON CLOUD COMPUTING VULNERABILITIES. International Journal of Computer Science & Information Technology (IJCSIT) Vol 5, No 3, June 2013, 82-90.

Cloud Security Alliance . (2018, May). Introduction to the Security Guidance Working Group. Retrieved from Cloud Security Alliance : https://cloudsecurityalliance.org/group/security-guidance/#_overview

Cloud Standards Customer Council . (2017). Security for Cloud Computing Ten Steps to Ensure Success. Retrieved from https://www.cloud-council.org: https://www.cloud-council.org/deliverables/CSCC-Security-for-Cloud-Computing-10-Steps-to-Ensure-Success.pdf

Ekran . (2016, July 26). www.ekransystem.com. Retrieved from 4 FACTS ABOUT CYBER CRIME (CYBER SECURITY STATISTICS IN 2018: https://www.ekransystem.com/en/blog/cyber-security-statistics

EMC . (2014). Protect Cloud based Systems IT Systems from Downtime and Data Risks . Retrieved from www.emc.com: https://www.emc.com/collateral/solution-overview/h13690-so-metropoint-availability-cloud.pdf

Fischer, S. (2018, May 2). The Best Cloud Storage Services for Backup in 2018. Retrieved from www.thebalanceeveryday.com: https://www.thebalanceeveryday.com/free-cloud-storage-1356638

Lee, K. (2012). Security Threats in Cloud Computing Environments. International Journal of Security, Vol 6, Issue 4, 25-32.

Messmer, E. (2013, March 31). Cloud Security Alliance formed to promote best practices. Retrieved from Cloud Security Alliance: https://www.computerworld.com/article/2523598/security0/cloud-security-alliance-formed-to-promote-best-practices.html

Microsoft Azure . (2018). What is a public cloud? Retrieved from azure.microsoft.com: https://azure.microsoft.com/en-us/overview/what-is-a-public-cloud/

Monjur, A., & Mohammad, A. (2014). CLOUD COMPUTING AND SECURITY ISSUES IN THE CLOUD. nternational Journal of Network Security & Its Applications (IJNSA), Vol.6, No.1, January 2014, 25-26.

NIST. (2018, May 4). Cloud Computing Definition . Retrieved from faculty.winthrop.edu: https://faculty.winthrop.edu/domanm/csci411/Handouts/NIST.pdf

Orlando, D. (2011, February 08). Cloud computing service models. Retrieved from www.ibm.com: https://www.ibm.com/developerworks/cloud/library/cl-cloudservicemodels/index.html

Sen, J. (2011). Security and Privacy Issues in Cloud Computing. Innovation Labs, Tata Consultancy Services Ltd, 40-42.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order
Calculate the price
Pages (275 words)
$0.00
Course Scholars
Company
Legal
How Our Service is Used:
Course Scholars essays are NOT intended to be forwarded as finalized work as it is only strictly meant to be used for research and study purposes. Course Scholars does not endorse or condone any type of plagiarism.
Subscribe
No Spam
© 2025 Course Scholars. All rights reserved.
Course Scholars will be listed as ‘Course Scholars’ on your bank statement.

Order your essay today and save 15% with the discount code GINGER

Order Now