Login Signup
Verified Document

Cloud Computer And Insider Threats Cloud Computing Term Paper

Related Topics:
Espionage Computer Science Technical Writing Security Breach
Open Document Cite Document

Cloud Computer and Insider Threats Cloud computing is widely regarded as the wave of the future. "Cloud computing is all the rage. It's become the phrase du jour" (Knorr & Gruen 2011). However, many people throw the phrase around without truly understanding what it really is. "Cloud computing comes into focus only when you think about what IT always needs: a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software" (Knorr & Gruen 2011). It may include many different types of services, some of which are subscription-based, others of which are pay-per-use (Knorr & Gruen 2011). For example, with SaS (software as a service), one of the most common types of hosting, this means no "upfront investment in servers or software licensing; on the provider side, with just one app to maintain, costs are low compared to conventional hosting" (Knorr & Gruen 2011). At its essence, what is so revolutionary about cloud computing is that it obviates the need for hardware and physical storage; rather, "clients lease these resources from a cloud provider as an outsourced service" (Malik & Nazir 2012: 390).

The cloud has the potential to convey many cost savings to organizations, and improve speed and efficiency as well as reduce the physical encumbrances placed upon smaller organizations. However, there are also fears about its risks. "Cloud computing services provide a resource for organizations to improve business efficiency, but also expose new possibilities for insider attacks. Fortunately, it appears that few, if any, rogue administrator attacks have been successful within cloud service providers, but insiders continue to abuse organizational trust in other ways, such as using cloud services to carry out attacks" (Claycomb, & Nicoll 2012: 10). But many fear that this relatively strong track record thus far is merely a reflection of the relative youth of cloud computing, and it is only a matter of time before serious threats become chronic.

The lack of 'rogue' administrator attacks may cause many organizations to be sanguine about monitoring user patters. Particularly since the technology is still in its nascent stages, organizations may be uncertain of how to guard against threats and their potential for misuse resulting in a lack of appropriate monitoring that would be customary with the deployment of other technological applications. The solution to this problem is not to fear cloud computing, but to become more aware of potential risks and to develop employee monitoring systems before threats from inside do begin to assert themselves in a more pervasive fashion.

"Some observable insider activities are clearly harmful to the organization -- for instance, an insider deleting critical applications from the organization's servers. However, not all insider activity is so blatantly malicious" (Claycomb, & Nicoll 2012: 9). To accumulate data upon the subject is essential, and one critical area is the ability to compare normal user patterns in a cloud computing scenario with that of malicious attacks by insiders. "The lack of sufficient real-world data that has 'ground truth' enabling adequate scientific verification and validation of proposed solutions" lays cloud computing systems open to vulnerabilities and increases "the difficulty in distinguishing between malicious insider behavior and what can be described as normal or legitimate behavior" (Claycomb, & Nicoll 2012: 9).

Research is required to determine when and how user attacks are likely to occur, with the hope of generating a comparative framework of normal vs. malicious patterns of use in cloud computing in terms of both technical and non-technically measured behaviors. There has been a call for "automated, easy to understand, and easily verifiable policy management techniques for cloud-based systems' (Claycomb, & Nicoll 2012: 9). The extent to which this is feasible, along with the real potential scope of insider threats is hotly-debated.

Memo 2.2. Clarifying the locus of the inquiry

The focus of my study will be on how to guard against insider threats within cloud computing systems, specifically to determine if normal user patterns can be established in such a way to distinguish them against malicious use patters. The study will also seek to understand why and when insider threats are likely to occur, and how a trusted employee and business associate can potentially exploit the cloud. It will compare the value of searching for technical red flags regarding employee behavior (such as eccentric log-in patterns and violations of search policies) with non-technical, qualitative behaviors that indicate the potential for the employee to pose an insider threat (Claycomb, & Nicoll 2012: 9).

Aggrieved employees can exploit vulnerabilities in their relationship with their clients...

"Cloud computing as a process is governed, managed, and maintained by site administrators. By default, they hold the key to managing all the data, files, and privileged company resources and files. Sometimes, relationships with employers don't work. As a revenge, or for other reasons, administrators may end up spreading, or allowing privileged information to leak at the expense of the business enterprise involved" (Bailey 2012). Other employees may simply wish to exploit the cloud for 'fun,' out of the spirit of playful hacking.
Employers must be aware that cloud computing is not a self-managing system, and they cannot take a hands-off attitude in spotting vulnerabilities. However, there remains some disagreement as to what vulnerabilities and flags for misuse resemble. One school of thought suggests that "indicators suggested for cloud-based insider threats are simply reworded versions of malicious behavior indicators for non-cloud systems" (Claycomb, & Nicoll 2012: 8). Good examples of these can include users logging in during non-work hours (such as 4am or on weekends), unusual search items, and "obtaining back-door access to company data" (Claycomb, & Nicoll 2012: 8). However, there are some unique features that administrators of cloud-based service may show when they exhibit a threat to the organization. Some of these are not necessarily technical in nature, as they may include behaviors such as carelessness and a lack of consideration for user needs. Other, technical red flags include: "violating SLAs, improperly managing virtual machines, using suspicious software, or performing similar activities across different platforms and customer systems" (Claycomb, & Nicoll 2012: 8). The FBI has also issued a list of guidelines for potential behaviors that could indicate a company is vulnerable to an insider threat, such as employees asking for or taking proprietary information that does not seem necessary; working odd hours; copying material without a clear reason why, and showing a disregard for company policies regarding privacy (Economic espionage, 2012, FBI).

By better understanding what red flags are most likely to arise when policing security when using cloud computing, an organization can better guard against potential threats. Ideally, all of these vulnerabilities -- both technical and non-technical -- should be monitored, but given finite organizational resources, the most critical and likely manifestations of insider threats should be determined. It must also be determined if cloud-based insider threats differ in fundamental ways from more generic insider threats in both a quantitative and a qualitative manner.

Memo 2.3: Analytic memo

More study is needed regarding the potential risks of cloud computing. Cloud computing presents several security challenges, despite the many advantages it can convey to an organization, particularly a small one which cannot afford to have on-site data storage. One of the most formidable of these challenges includes insider threats, or threats posed to the organization by either the administrators of the cloud or in-house employees that seek to exploit the cloud (Claycomb, & Nicoll 2012: 9).

Because of the newness of the technology, little data exists at present about the most likely use pattern of a malicious attacker. There is a debate as to whether such use patterns tend to mimic typical suspicious user behavior for all types of infiltrations of security vulnerabilities, or whether there is a specific usage pattern typical to cloud computing (Claycomb, & Nicoll 2012: 9).

Insider threats can come from disgruntled employees or from individuals who simply take pleasure in hacking. They may originate with the cloud provider itself, or they may be employees who seek to exploit the vulnerabilities of the cloud. These different types of threats may manifest different patterns of suspicious use as well, although this is also not yet determined.

Given how much research has yet to be done on cloud computing and insider threats, I would like to undertake a study that combines both qualitative and quantitative research. The extent to which threats may present themselves in a technical or non-technical fashion remains debatable, and a blended research study that uses both open-ended and data-driven means of analysis would be one way to shed light on this issue.

My ideal preliminary study would not strive to come to a definitive answer about the typical exploitation pattern of use exhibited by an inside hacker. However, it would seek to interview several companies that were targets of malicious insider attacks and compare the nature of the attacks, how the misuse was finally discovered, and see whether behavior or technical patterns were the main red flags in spotting the…

Continue Reading...
Sources used in this document:
References

Bailey, Walter. (2012). Insider threats to cloud computing. Cloud Tweaks. Retrieved:

http://www.cloudtweaks.com/2012/10/insider-threats-to-cloud-computing/

Claycomb, Bill & Alex Nicoll. (2012). Insider threats related to cloud computing: Installment 8.

CERT. Carnegie Mellon. Retrieved:
http://www.cert.org/blogs/insider_threat/2012/09/insider_threats_related_to_cloud_computing -- installment_8_three_more_proposed_directions_for_future.html
CERT. Carnegie Mellon. Retrieved: https://www.cert.org/blogs/insider_threat/2012/09/insider_threats_related_to_cloud_computing -- installment_9_two_more_proposed_directions_for_future_re.html
10. CERT. Carnegie Mellon. Retrieved: https://www.cert.org/blogs/insider_threat/2012/10/insider_threats_related_to_cloud_computing -- installment_10_conclusion.html
http://www.fbi.gov/news/stories/2012/may/insider_051112/insider_051112
Retrieved: http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031
http://cisjournal.org/journalofcomputing/archive/vol3no3/vol3no3_13.pdf
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Cloud Lit Rev Insider Threats
Words: 1418 Length: 5 Document Type: Literature Review

By implementing some fairly basic security protocols and trusting cloud computing service providers to utilize available resources to ensure proper encryption and access control on their end, companies can greatly minimize their exposure to insider risks (Durkee, 2010). This trust is in and of itself a risk, however, and the lack of direct control presents an unavoidable risk in cloud computing. A recent case that is both highly unique and

Read More
Essay
Cloud Computing
Words: 3424 Length: 10 Document Type: Essay

Brodkin, J. (2008). Gartner: Seven cloud-Computing security risks. Infoworld, pp. 1 -- 3. Carlin, S. & Curran, K. (2011). Cloud computing security. International Journal Of Ambient Computing And Intelligence (IJACI), 3 (1), pp. 14 -- 19. Cloud Computing Benefits, risks and recommendations for information security. (2009). [e-book] Available through: ENISA https://resilience.enisa.europa.eu/cloud-security-and-resilience/publications/cloud-computing-benefits-risks-and-recommendations-for-information-security [Accessed: 24 Mar 2014]. Cloudsecurityalliance.org. (2011). Top threats to cloud computing: cloud security alliance. [online] Retrieved from: https://cloudsecurityalliance.org/research/top-threats [Accessed: 24 Mar 2014]. Feng,

Read More
Essay
Cloud Computing Will Be Discussed to Show
Words: 9986 Length: 26 Document Type: Research Proposal

cloud computing will be discussed to show that the good outweighs the bad. Furthermore, it will be further discussed that the government is looking into using cloud computing because it will cut IT cost down and increase capabilities despite the fact people are concerned with security issues that this may bring to the public. In completing a dissertation, it is very hard to go through the challenges that it requires.

Read More
Essay
Cloud Computing and Computing
Words: 7745 Length: 25 Document Type: Thesis

Risk, Risk Management Strategies, and Benefits in Cloud Computing SITUATIONAL ANALYSIS PREMISE STATEMENT KEY DEFINITIONS SERVICE AND DEPLOYMENT MODELS BENEFITS OF CLOUD COMPUTING SECURITY ASPECTS Storage Reliability Virtualization Trust Physical Security Legal Compliance CLOUD COMPUTING RISKS RISK Management STRATEGIES Vendor Evaluation Centralized Information Governance Other Organization-Level Measures Individual-Level Security Measures Cloud computing model Cloud computing service and deployment models ISO/IEC broad categories The emergence of cloud computing has tremendously transformed the world of computing. Today, individuals, organizations, and government agencies can access computing resources provided by a vendor on an on-demand basis.

Read More
Essay
Cloud Computing and Insider Threats
Words: 1411 Length: 5 Document Type: Introduction

adopting the use of cloud-based technologies in the last five years. This trend has caused a significant shift in the way that many organizations interact with information both internally and externally. Yet there are also many risk factors inherent in these technologies, some of which are the result of insider conspiracy (Brender & Markov, 2013). Cloud computing offers many advantages over traditional IT infrastructure which make it an attractive option,

Read More
Essay
Survey for Cloud Computing and Insider Threats
Words: 877 Length: 2 Document Type: Essay

Cloud Computing and Insider Threats) A survey will be conducted of 40 businesses that have successfully dealt with insider threats. These 40 businesses will be compared with another online survey that arbitrarily and randomly samples other businesses. My objectives will be to assess how 40 large companies successfully deal with insider threats and how these practices contrast with practices from other companies. My methodology will be the following: I will randomly select

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now