There is a wrong perception of Cloud security among consumers of the Cloud solutions and platforms. Actually, classic Clouds are more insecure than traditional computing even though it is set on stone for most people even many “IT professionals” that Cloud computing is natively more secure, or by default it is at least more secure than on-prem software.
Classical Could Computing is more insecure than traditional computing!
A couple of big downsides to Cloud are:
- Relying on default configurations
- Formulating based on the platform
- Prone to more frequent and targeted attacks
Cloud users are tending to accept and apply default configurations to their environment. It does not matter if this is because of lack of knowledge of the Cloud platform or just an over-trust relationship. The result is insecure at least due to unjustified configuration and settings which are supposed to be highly customizable which they are actually not in a real-world scenario.
Both Cloud services and platform providers and consumers formulate workflows and force systems and presume functionality based on a given criteria not what different businesses demand. This is not the default behavior or a native flaw in Cloud computing but because the platforms are not abstract enough then software becomes highly dependent on the original ideas and formulas. The immediate sign of this is more and more seeing software products being so similar in architecture, design, implementation or even application.
The last one is an inevitable result of Cloud computing. We experience this every single moment online. Remember what made Microsoft Windows with thousands of flaws more comparing to Linus or Mac was not really because Windows is more insecure, but because it is more targeted based on the market share. Now, as a cybercriminal, would you target Amazon web services or a proprietary software sitting somewhere secluded from the Clouds?!
Why trying to compromise and find flaws within a tiny piece of proprietary software instead of Microsoft Azure platform?