Security researchers cast fresh dout on cloud computing


Security researchers cast fresh dout on cloud computing

Warwick Ashford

Vulnerabilities in password reset functions for online services from Amazon and Microsoft have cast fresh doubt on the security of cloud computing.

Researchers demonstrated the flaws in Amazon's Elastic Compute Cloud and Microsoft's online version of Office at last week's Black Hat security conference in Las Vegas.

Similar vulnerabilities in free e-mail services that send passwords to an alternate address or ask security questions based on searchable information also represent a risk.

A hacker was recently able to access corporate data belonging to Twitter stored in a Google cloud-based application by exploiting a flaw in e-mail password resets.

Security experts say the cloud computing model is still immature and will have to demonstrate a higher level of security to satisfy most enterprise users.

Data vulnerabilities will be great in the next two years, according to Jason Creasey, head of research at the Information Security Forum.

Cloud computing will probably become the norm for business organisations in the longer-term, but it will take 10 years for the model to mature to that level, he said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy