Using the Cloud: Seven Top Security Threats to Know About

Written by

It is often taken for granted that cloud solutions will become the default option for businesses in the next few years. Enterprises which decide to migrate their resources to the cloud indicate security as one of the major advantages of this solution (alongside scalability, cost optimization and fast deployment). Unfortunately, hackers are also turning their attention to the cloud, and there are several ways they can pose a serious threat to your operations. It is important to be aware of the problems that may occur in order to prevent them.

Top Security Issues for the Cloud

Lack of Awareness

Most threats to your cybersecurity are external, but to prevent them or deal with them you need your employees to be aware of potential issues. Well-trained employees are among the best investments you can make to improve your company’s security, as attackers often rely on human error, lack of attention (or knowledge) or social engineering techniques to spread ransomware or steal credentials. Allocate the time and budget for appropriate training and make sure it is updated regularly. Everyone knows that a strange email from an unknown domain should be treated with suspicion, but how many people are aware that SharePoint or Skype can be used to attack their organization? Prevention is not only better than cure – it is also cheaper.

Data Breaches

Data breaches or data leaks are among the top security concerns for all organizations, as they may result in losing even more than just data. Reputation, credibility, money and even customers are all at risk.

Data Loss (and No Backup)

Human error, an accident or a natural catastrophe can lead to permanent loss of data. Set the backup as one of your priorities and consider using an external disaster recovery center (DRC) to avoid such a situation.

Denial of Service (DoS) Attacks

Popular DoS (or distributed denial of service) attacks can shut down your services and make them unavailable to users. Attackers can block your systems with extensive traffic that your servers cannot cope with. If all cloud servers are affected, it is impossible for a company to manage their business.


This relatively new form of attack is becoming increasingly common. Cyber-criminals access your cloud computing resources and use cloud computing power to mine for crypto-currencies such as Bitcoin. Such an attack can be difficult to detect, as your systems still work, but are slower than usual. It is often mistaken for a processing power or network issue.

Hijacked Accounts

If a hacker gains access to your system through an internal staff account they can penetrate your virtual resources without being detected for a long time. As most widespread techniques for this kind of attack involve phishing emails and password cracking, it is vital to provide your employees with appropriate training. In addition, make sure that the minimal access rule is in place, so everybody can access only those applications, systems or databases that are necessary for them to do their jobs.

Non-Secure Applications

Even if your own system is secure, you can still be let down by external applications which may present a serious risk to your cloud security. Ensure that your cybersecurity team establishes whether an application is suitable for your network. Warn your employees not to download applications straight from the network before receiving approval from the IT team.

New Tech Means New Vulnerabilities

Knowledge is power. Once you are aware of potential threats to your cloud environment, you can take steps to prevent them. Ask your IT team to re-think your cybersecurity strategy and work on a new, updated plan. If you do not have in-house security experts, think about outsourcing your IT security (or cloud together with security if you have not migrated yet) to an external company experienced in delivering such solutions. Comarch is one of the biggest Polish IT companies delivering both software and an extensive portfolio of IT services. Trust in the best.

Brought to you by

What’s hot on Infosecurity Magazine?