There are many security risks involved with Cloud computing. Just like in traditional networks, data breaches affect Cloud networks as well, due to the amount of potentially sensitive information stored. When data breaches occur, this information can be stolen, the company involved might be okay, or it might even face criminal charges. To help prevent this, multifactor authentication, as well as encryption, should be implemented.
These data breaches and other forms of attacks typically result from poor authentication such as weak passwords, certificates, and keys. Since APIs and interfaces are used to manage and interact with Cloud services, these both can be hacked if not correctly set-up and secured. These are often the most exposed areas of the Cloud network since they are typically available from the open Internet. To help combat against these risks, threat modeling systems and applications should be implemented. Also, continuous penetration testing should be done. All systems and networks will have vulnerabilities which can be exploited, and Cloud computing is no different.
However, this risk can be reduced by performing constant vulnerability scanning, excellent patch management, and the timely identification and reporting of system threats. With Cloud providers sharing applications and infrastructures when a problem arises, all platforms involved are affected as well; If one component fails, they all do. To help prevent this problem from becoming a major one, it is recommended to use network segmentation as well as patch shared resources.
Reference:
Rashid, Fahmida Y. (2016). The dirty dozen: 12 cloud security threats. Retrieved from https://www.infoworld.com/article/3041078/security/the-dirty-dozen-12-cloud-security-threats.html.
Securing The Universe 