There are basically two types of computing environments.

On premises computing This is traditional computing, in which your company or you own and manage your systems. You have all the apps you use and your data files on your computers at your premises, either on individual PCs, or on an internal local area network.

Your Cloud Computing applications and files are stored remotely in cyberspace (in cyberspace), which is managed by a third-party. Logging on to the network allows you to access your applications and work on files from your computer.

Cloud services are offered by cloud hosting providers. These include companies like Google, Amazon, Oracle Cloud Rackspace, Microsoft Azure, Rackspace, and others.

Cloud services are nothing new. Cloud services are used by many people who use Gmail, Hotmail, or Yahoo for their email communications.

The types of services offered in a cloud environment are relatively new. These services go beyond email and include all IT services that an environment on-premises would provide, including marketing, accounting, and human resources.

Cloud computing’s advantages

Cloud computing offers many advantages over traditional on-premises computing.

1) Any computer can be used to run any application or access files.

2) Cloud computing is more affordable

3) You don’t need as much technical knowledge.

4) Cloud computing provides better performance

Cloud computing is extremely scalable. Cloud computing is highly scalable. You don’t need to make large investments. All you have to do is advise the cloud-hosting advisor.

These advantages are why cloud computing has seen rapid adoption over the past few years. Analysts predict that cloud IT spending will grow at least four times faster than on-premises computing.

Analysts expect cloud computing spending to grow at an average rate of 23.5% from now through 2017. Analysts expect cloud computing to account for approximately one-sixth the total IT product spending by 2017, with an average growth rate of 23.5% compound from now until 2017.

The big question is, given the rapid growth of cloud computing, whether it is safe. Is cloud computing safer than on-premises?

Cloud computing is no less secure than traditional on-premises computing. Although the threats are different, they are becoming more common.

Threats

Six major threats are generally associated with computer security. These are:

Malware – malicious software that includes trojans and worms, viruses, spyware, and zombies. Malware can be installed on a computer in your home or on a cloud-computing host. A botnet is malware that gives control over a network computers to a malicious group to send spam.

A web-based attack where applications are attacked This is the most widespread attack on the Internet.

Brute Force Attack This is a method of trying every possible combination of numbers and letters to find a secret key or cipher. You could, for example, crack a password simply by trying to guess it repeatedly. Brute force is a viable attack due to modern computing power and speed.

is a reconnaissance activity used to select victims that are both valuable and vulnerable.

Vulnerability scanner – This exploit uses a special program that allows you to gain access to weaknesses in computer systems, networks, or applications to generate information to plan an attack.

An attack on an application or service which isn’t running on the internet is an attack on an application/service that isn’t running on the Internet.

Honeypots

A Honeypot is a website, network, or application that has been deliberately designed to be susceptible to attack. It collects information about attackers and their working methods.

Researchers can use honeypots to:

Collect data about new and emerging malware to identify trends in threats
Identify the source of attacks, including their IP addresses.
How attacks occur and how to best counter them
Anti-virus software will recognize them if they are identified as attack signatures.
Develop defenses against specific threats

Honeypots are a great way to build defenses against hackers.

Spring 2014 Cloud Security Report

Alert Logic offers security services both for on-premises systems and cloud computing systems. In 2012, the company started issuing cloud security reports. The Spring 2014 Cloud Security Report covers 2013 to September 30th.

This report was compiled from real-world security incidents that Alert Logic customers have experienced and data gathered through a series honeypots set up by the company around the globe.

This report sheds light on the security of cloud computing and on-premises computing in relation to customers. These are just a few highlights.

[1] Computing has shifted more towards cloud-based computing. Attacks that were previously targeted on-premises systems now target cloud environments. This could be due to the growing value of cloud-based victims.

[2] While attacks against cloud environments are on the rise, they are not necessarily less secure than traditional on premises computing.

[3] Attacks on both cloud and on-premises computing have increased for most threats. However, it has declined for some threats. These are the main differences between the two computing environments.

During the six-month period ending September 30, 2016, malware attacks (including botnets), were the most common type of attack against customers on-premises. They accounted for 56% of all attacks. These attacks were less common among cloud customers, at only 11%. These attacks are increasing rapidly, with more than doubling the rate in one year.

While brute force attacks increased by 30% to 44% in cloud customers, they remained steady in on-premises environments at a high of 49%. Both environments saw a dramatic increase in vulnerability scans. Both vulnerability scans and brute force attacks are occurring almost at the same rate in both on-premises environments and in cloud environments.

Cloud customers are more vulnerable to web app attacks. These attacks are decreasing year-over-year, in both cloud computing and on-premises computing. Recons are also down. App attacks have increased slightly for both types of customers.

There are two types of attacks that are most common: on-premises computing and cloud computing. On-premises computing had malware at 56%, brute force (49%), and vulnerability scans (40%). However, in the cloud, the most prevalent attacks were brute force and vulnerability scans, which each affected 44% of customers.

[4] Alert Logic’s cloud based honeypots were the subject of a variety of incidents. The European honeypots attracted four times as many attacks than honeypots from the USA and twice as many as those in Asia. This could be because malware “factories” operating in Eastern Europe or Russia test their efforts before they are deployed around the globe.

[5] It is chilling to note that 51% of top antivirus vendors around the world failed to detect 14% of malware collected from honeypots. Worse, this is not because these were new malware. Many of the malware missed was repackaged malware. This should have been detected.

The report concluded by stating that cloud security is everyone’s responsibility. This is something entrepreneurs, as well as small- and medium-sized businesses, tend to forget.

The service provider is responsible to provide basic computing services and protect the environment. However, the customer is responsible for everything that happens in that environment. To ensure security, they need to have technical knowledge.

Conclusion

Cloud service providers advertise that cloud computing is safer than on-premises computing. This is false. Both environments appear to be equally safe and unsafe, viz-a-viz hackers or their malicious programs.

As potential targets become more ‘theft-worthy,’ attacks in the cloud are on the rise. The cloud security must be as strong as the on-premises security. You cannot depend on only antivirus software vendors to detect all threats.

It is a good idea to sign an annual maintenance agreement with an online computer maintenance company that can remotely access your computer and make sure it is as secure as possible. It should cost between EUR120 and EUR150 per year, depending on how many computers you have.

 

Leave a Reply

Your email address will not be published.