The Cloud Security Alliance (CSA) has released a report charting the most serious issues facing the cloud computing community in terms of data security and continuity. The intention of the report is to help potential corporate clients build risk assessments based upon the changes and considerations involved in switching over to a cloud-based platform.
The report is based on the experience and findings of security experts from 29 different organisations involved in a number of different fields. The report is being delivered and analysed at the RSA conference at which the Cloud Security Summit is being held.
Adoption of cloud solutions by enterprises is seen to be increasing exponentially and the report attempts to allay the fears of businesses that might have seen the security of cloud computing as an issue through a lack of understanding.
Cloud Security Alliance founder Jim Reavis said that businesses were still in the process of mastering cloud computing services and that most recognise this is where the future of data protection, backup and storage lie.
Mr Reavis explained that the report was designed to help businesses understand active solutions to any cloud security issues which are known to exist. He said that the threats to cloud computing were constantly evolving and that businesses and vendors would need to be ready to adapt in order to operate safely and securely.
Standard security threats from botnets and Trojan viruses are all applicable to cloud computing and the report urges businesses to be aware of these vulnerabilities which have already been used by criminals to steal data.
The magnification of existing vulnerabilities through weak APIs, which are not in themselves malicious, is also highlighted in the report.
CSA member Archie Read said that businesses would need to set aside time and money to make sure that any cloud-based services they create or for which they sign up are used correctly and with minimal risk of being compromised.
The CSA is a non-profit organisation which aims to create guidelines for all cloud computing customers and vendors, with the result being a more secure environment for everyone.
