Fresh doubts cast on cloud computing security

Vulnerabilities in password reset functions for online services from Amazon and Microsoft have cast fresh doubt on the security of cloud computing.

Vulnerabilities in password resetfunctions for online services from Amazon and Microsoft have cast freshdoubt on the security of cloud computing.

Researchers demonstrated the flaws in Amazon's Elastic Compute Cloud and Microsoft's online version of Office at last week's Black Hat security conference in Las Vegas.

Similarvulnerabilities in free e-mail services that send passwords to analternate address or ask security questions based on searchableinformation also represent a risk.

A hacker was recently able toaccess corporate data belonging to Twitter stored in a Googlecloud-based application by exploiting a flaw in e-mail password resets.

Security experts say the cloud computing model is still immature and will have to demonstrate a higher level of security to satisfy most enterprise users.

Data vulnerabilities will be great in the next two years, according to Jason Creasey, head of research at the Information Security Forum.

Cloudcomputing will probably become the norm for business organisations inthe longer-term, but it will take 10 years for the model to mature tothat level, he said.

Read more on Data Protection Services