Security threats in the cloud

By WilliamScott2363 on Nov 06, 2022

The top cloud security threats are data theft, data loss, account hacking, interface and Application Programming Interface (API) breaches, DDos attacks, insider attacks, hacker infiltration, and provider-initiated downtime. Protect your cloud infrastructure with

Identify the person responsible for information security in the company

Ensuring the security of the infrastructure in the cloud requires the involvement of the IT and IS departments - without this it is impossible to organize constant monitoring, updating of tools, rapid response to incidents, as well as qualitative and prompt interaction with the cloud provider employees for joint mitigation of arising incidents.

The IT and IS departments of a company must appoint responsible specialists with an expanded supervisory role. They will interact with providers and make decisions on the customer side.

Often, IT and IS managers are assigned to this role. They have sufficient skills to manage the core internal divisions of the company and competencies to coordinate actions with the cloud provider.

  1. Record the competencies of the parties

46% of cybersecurity incidents in the last year are caused by lack of knowledge or non-compliance with basic tenets of information security by company employees. Working with cloud providers helps reduce this percentage, as part of the responsibility for ensuring the information security of the system is transferred to the provider.

Obligations to ensure information security measures are fixed in the service contract. It describes:

mechanisms and channels of contact between the two parties; 
Areas of responsibility of the parties; 
Service level agreement.

The terms of service level agreement (SLA) should be drafted taking into account the competence of the parties - if the customer has no experience in performing certain tasks, it's better to delegate them to the provider.

With this approach, the risks of unavailability of services or other unsatisfied services will be compensated according to the terms of the contract. When placing the infrastructure entirely within the company itself, all financial risks associated with the unavailability of services remain within the company.

  1. provide multilevel protection of infrastructure

Infrastructure protection should be provided at all levels: from physical, network to logical level of application functioning and its resistance to possible attacks.

Security in the deployment and operation of equipment. The Tier system is used to assess data center resilience. Tier requirements cover the areas of construction, power, cooling, security controls, redundancy, maintainability and commissioning.

A limited number of people must be able to enter the data center (datacenter). 
Physical data center equipment must be protected by fences, security posts, video surveillance systems, and security checkpoints. 
The availability of the data center should be maintained by a constant power supply, have several independent points of connection to providers providing channels of communication with the outside world.

Translated with (free version)

var myObj, i, j, x = "";
myObj = {
  "cars": [
    {"name":"Ford", "models":["Fiesta", "Focus", "Mustang"]},
    {"name":"BMW", "models":["320", "X3", "X5"]},
    {"name":"Fiat", "models":["500", "Panda"] }
for (i in {
  x += "<h2>" +[i].name + "</h2>";
  for (j in[i].models) {
    x +=[i].models[j] + "<br>";
document.getElementById("demo").innerHTML = x;


Sign in to comment.   -  Nov 07, 2022

NordVPN is a popular VPN service with a reasonable price. With the NordVPN coupon code, you can get discounts on your subscription. You can save up to 60% on your first month's subscription and 75% on your yearly subscription. The NordVPN coupon code also applies to family plans. So if you have two family members who need a VPN, you can easily save money on all their subscriptions.

Icals  -  Nov 14, 2022

Hi there,
Thank you for your insightful review of the top cloud security threats. I agree that it is important to protect the cloud infrastructure, and Andersen offers a solution that can help you do just that. Products from Andersen are designed to identify the person responsible for information security in your company so that you can better protect your data. I hope you'll check Andersen out and consider giving the company a try. Thanks again for the feedback!

Sign in to comment

Are you sure you want to unfollow this person?
Are you sure you want to delete this?
Click "Unsubscribe" to stop receiving notices pertaining to this post.
Click "Subscribe" to resume notices pertaining to this post.