Question

What is Lack of encryption risk in Hybrid cloud? explain it

What is Lack of encryption risk in Hybrid cloud? explain it

0 0
Add a comment Improve this question Transcribed image text
Answer #1
  1. Lack of Encryption - Network transmissions are vulnerable to eavesdropping and Man-in-the-Middle (MitM) attacks that circumvent mutual authentication by impersonating endpoints. Mobility enterprise managers must encrypt communications and data to prevent security incursions.
  2. Inadequate Security Risk Assessment - Failing to perform detailed risk profiles of an IT infrastructure and systems prevents network administrators from determining how and where an intrusion has occurred or when it happened. It makes future breaches virtually impossible to prevent.
  3. Poor Compliance - Hybrid clouds require more due diligence when it comes to compliance. Both the public cloud provider and your private cloud must stay within compliance parameters. Maintaining and demonstrating compliance is more difficult with the hybrid model because data moves back and forth.
  4. Weak Security Assessment - Too many enterprise managers run amuck when they fail to employ authentication, identity management, and authorization procedures for both their private and public cloud. Cloud security protocols must be integrated.
  5. Poor Data Redundancy - A lack of redundancy puts a hybrid IT cloud and your enterprise at risk. This is especially true if you don’t have redundant copies of data properly distributed across all data centers. Distributing data this way mitigates the damage that occurs when there is an outage in one data center.
  6. Failure to Authenticate and Identify - Security management is essential when integrating public and private clouds in a hybrid environment. Cybersecurity must be mutually shared between the cloud provider and enterprise staff.
  7. Unprotected APIs - When unprotected, API endpoints expose sensitive data to malicious attacks that exploit an authentication/authorization token or key to manipulate personal information and data. This vulnerability is of particular concern in enterprise mobility management and BYOD transmissions over unsecure connections.
  8. Denial-of-Service (DoS) Attacks - Attackers render a cloud or mobile enterprise inaccessible by issuing a DoS attack. Network service is disrupted in the virtual environment through an inherent weakness in shared resources such as CPU, RAM, and disk space or network bandwidth.
  9. Distributed Denial of Service (DDoS) attacks - These volumetric or application layer attacks are on the rise and even more insidious than DoS. This is because they are high volume incursions maliciously distributed from multiple sources and generated at a central location. By the time the attacks are noticed, network traffic is often in virtual gridlock and websites rendered helpless.
  10. Poor IP Protection - Intellectual property (IP) requires extra protection. It must have the highest encryption and security protocols in place. IP must be identified and classified to determine potential security risks. A vulnerability assessment and appropriate encryption are needed.
  11. Lack of Data Ownership - Cloud vendors must be fully vetted for security controls when handling data. Once cloud-deployed, enterprises lose some ability to govern their own data set. Enterprise managers must know what security levels are available in the cloud to prevent surprises.
  12. Failure to Communicate with Cloud Provider - You wouldn’t have a car repaired without getting a written estimate and details of service to be performed on your vehicle. Service level agreements (SLAs) do the same. They clarify expectations and responsibilities.
  13. Poorly Defined SLAs - When moving to the cloud, customers do lose the ability to govern their own data set and are forced to rely on service providers to properly secure data when in the public sector.
  14. Data Leakage - Inadequate security protocols on the part of a cloud provider can compromise data which can be corrupted, destroyed or inappropriately accessed. This is especially true in worker-driven BYOD environments.
  15. Poorly-Defined Management Strategies - Seamless hybrid cloud management is only accomplished when everyone knows what needs to be done. Jobs must be strictly defined with management policies and procedures. Without these guidelines, a network can be compromised. A holistic approach must be taken to handle the entire infrastructure.
  16. Badly constructed cross-platform tools - Do you know how to manage tasks across multiple domains? Hybrid clouds are not business as usual. Many administrators run amuck when they cannot multi-task. Poorly defined or executed cross-platform management in a hybrid environment are major pitfalls that must be avoided.
  17. Disgruntled or Malicious Employees - Sometimes the most malicious attacks can be right under our noses. Not all employees and insiders are trustworthy. Some insiders may be using customer or sensitive data to disrupt corporate activities.
Add a comment
Know the answer?
Add Answer to:
What is Lack of encryption risk in Hybrid cloud? explain it
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT