The 5 cloud risks you have to stop ignoring

Grazed from InfoWorld. Author: Roger A. Grimes.

Whether or not you liked former U.S. Secretary of Defense Donald Rumsfeld, you had to chuckle over his famous "unknown unknowns" quote: There are known knowns; there are things we know we know. We also know there are known unknowns; that is to say, we know there are some things we do not know. But there are also unknown unknowns — the ones we don’t know we don’t know. Although Rumsfeld was ridiculed for that statement, it was a case of a politician accidentally telling the truth, and I think anyone in computer security quickly understood what he was talking about.

We are constantly faced with all three types of risks: known knowns, known unknowns, and unknown unknowns. One of the biggest impediments to public cloud computing adoption is the calculation of additional risk from all the unknowns, known and otherwise. I’ve spent the last few years contemplating these issues as both a public cloud provider and user. Here’s a list of five risks any business faces as a customer of a public cloud service…

Cloud risk No. 1: Shared access
One of the key tenets of public cloud computing is multitenancy, meaning that multiple, usually unrelated customers share the same computing resources: CPU, storage, memory, namespace, and physical building. Multitenancy is a huge known unknown for most of us. It’s not just the risk of our private data accidentally leaking to other tenants, but the additional risks of sharing resources. Multitenancy exploits are very worrisome because one flaw could allow another tenant or attacker to see all other data or to assume the identity of other clients…

Read more from the source @ http://www.infoworld.com/d/security/the-5-cloud-risks-you-have-stop-ignoring-214696