Security researchers cast fresh dout on cloud computing

News

Security researchers cast fresh dout on cloud computing

Warwick Ashford

Vulnerabilities in password reset functions for online services from Amazon and Microsoft have cast fresh doubt on the security of cloud computing.

Researchers demonstrated the flaws in Amazon's Elastic Compute Cloud and Microsoft's online version of Office at last week's Black Hat security conference in Las Vegas.

Similar vulnerabilities in free e-mail services that send passwords to an alternate address or ask security questions based on searchable information also represent a risk.

A hacker was recently able to access corporate data belonging to Twitter stored in a Google cloud-based application by exploiting a flaw in e-mail password resets.

Security experts say the cloud computing model is still immature and will have to demonstrate a higher level of security to satisfy most enterprise users.

Data vulnerabilities will be great in the next two years, according to Jason Creasey, head of research at the Information Security Forum.

Cloud computing will probably become the norm for business organisations in the longer-term, but it will take 10 years for the model to mature to that level, he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy