iTnews

RSA 2010: HP shares findings on cloud security study

By Shaun Nichols on Mar 2, 2010 1:21PM

Web malware, heavy API use all pose risks to companies.

HP has posted the findings of a new study on cloud computing security.

The company commissioned the study along with the Cloud Security Alliance in the run-up to the RSA 2010 conference, which opens today. The peer-review study examined 29 enterprises, service providers and consulting firms.

Researchers found that companies faced a mixture of both malicious and accidental data loss dangers when adopting web services. The vulnerabilities also varied from malicious internal attacks to unintentional breaches from partners or end-users.

Among the most critical areas of vulnerability outlined in the report were application programming interface (API) development tools.

By tying so many other services into a cloud computing application, researchers suggested that companies were putting themselves at risk for a "weakest link" situation in which one service can be compromised and lead to an attack on all connected applications.

Other possible risks noted in the report include actions from malicious or disgruntled administrators and employees, online malware attacks and botnets, and the possibility of account theft.

By issuing the report, the companies hope to help firms better plan their cloud transitions and better understand cloud security, often cited as a major hurdle for the adoption of online services.

"Cloud services are clearly the next generation of information technology that enterprises must master," said Jim Reavis, security consultant and founder of the Cloud Security Alliance.

"The objective of this report was to not only identify those threats which are most germane to IT organisations but also help organisations understand how to proactively protect themselves."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
2010 cloud findings hp on rsa security shares study

Partner Content

COVID puts agile IT under the microscope
Promoted Content COVID puts agile IT under the microscope
As Australian companies lean more heavily on the cloud, edge security is finding its stride
Partner Content As Australian companies lean more heavily on the cloud, edge security is finding its stride
Putting cyber security basics in place
Partner Content Putting cyber security basics in place
Preventing cybercrime in the world of forex trading
Promoted Content Preventing cybercrime in the world of forex trading

Sponsored Whitepapers

The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition
Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [iTnews and Micro Focus] Navigating the cloud modernisation minefield
By Shaun Nichols
Mar 2 2010
1:21PM
0 Comments

Related Articles

  • Google Cloud, Workspace can now carry protected Australian govt data
  • Salesforce to require MFA from February next year
  • CBA builds container-as-a-service platform on AWS, Kubernetes stack
  • Microsoft, Amazon, Cisco, Salesforce alarmed at security incident response takeover by govt
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.