There are essentially two forms of computing environments:
On-premises computing is the conventional form of computing in which you or your agency own and manipulate your own systems. In addition to your records files, all the applications you use are your own computer systems to your very own premises, both on individual PCs or an in-residence neighborhood location network.
In cloud computing, by using assessment, your packages and files are held remotely on the Internet (in our on-line world) in a community of servers operated with the aid of a third birthday party. You get admission to packages and paintings for your documents out of your PC definitely by using logging on to the network.
Cloud services are supplied through cloud-web hosting vendors, companies including Google, Amazon, Oracle Cloud, Rackspace, Microsoft Azure, etc.
There is nothing basically new, approximately the concept of cloud offerings. If you’re the usage of Gmail, Hotmail or yahoo in your emails, you are the use of cloud offerings and in all likelihood were for years.
What is exceedingly new is the styles of services which might be being provided in a cloud-surroundings. These now go a long way beyond email to cowl all of the IT services that an on-premises computing environment would deliver, including accounting, marketing, human assets, and so forth.
Advantages of cloud computing
Cloud computing has numerous benefits over on-premises computing:
1) You can run an software or get entry to your files from anywhere in the world the usage of any laptop.
2) Cloud computing is cheaper.
3) You want less technical understanding.
4) Cloud computing promises a higher overall performance.
5) Cloud computing is eminently scalable. Increasing the wide variety of programs you use or the amount of facts you shop does now not require a heavy investment; you only want to suggest the cloud-hosting adviser.
Given those benefits, it no wonders that over the previous couple of years, there has been a good-sized fast adoption of cloud computing. Analysts estimate that the increased charge of all spending on the cloud. As a minimum, IT will quickly be four times faster than the boom rate of all spending on on-premises computing.
Indeed, analysts are looking ahead to the yearly boom charge of spending on cloud computing to common 23.5% compound from now till 2017. Using that, yr spending on cloud offerings will result in all likelihood account for one-6th of all spending on IT products, inclusive of programs, machine infrastructure software program, and fundamental garage.
Given the fast increase in cloud computing, the massive question, of route, is whether cloud computing is secure. Is it extra or much less secure than on-premises computing?
The brief answer is that cloud computing isn’t always less safe than on-premises computing. However, the threats are quite one-of-a-kind in nature, though they may be converging.
Generally talking, there are six principal threats to pc safety. These are:
Malware – is malicious software program inclusive of viruses, trojans, worms, spyware and zombies. Malware is hooked up on both a PC in your property-office or a cloud-computing server. Where malware offers manage of a network of computer systems to a malicious institution (eg, to send junk mail) it is referred to as a botnet.
Web app assault – is an assault in which web-primarily based programs are focused. It is one of the maximum not unusual styles of assault on the Internet.
Brute force attack – works with the aid of attempting all feasible combos of letters or numbers to find out a cipher or secret key. For instance, you can crack a password via repeatedly trying to guess it. Modern computing electricity and velocity makes brute force a possible shape of assault.
Recon – is reconnaissance interest that is used to pick out victims that are each inclined and precious.
Vulnerability experiment – is an exploit using a special software to access weaknesses in computer systems, systems, networks or packages on the way to generate information for making plans an attack.
App assault – is an assault against an application or service that isn’t jogging on the internet, ie the program could be on a laptop someplace.
A honeypot is a decoy website, community, machine or utility that has been intentionally designed to be susceptible to attack. Its cause is to accumulate information about attackers and the way they work.
Honeypots permit researchers to:
- collect information on new and emerging malware and decide traits in threats
- pick out the sources of attacks which include information of their IP addresses
- decide how attacks take place and the way great to counteract them
- decide assault signatures (portions of code that are unique to unique portions of malware) so that anti-virus
- the software can recognize them
- broaden defenses in opposition to specific threats
- Honeypots have proved to be priceless in erecting defenses in opposition to hackers.
The Spring 2014 Cloud Security Report
Alert Logic provides security services for both on-premises and cloud pc systems. The agency commenced issuing cloud protection reports in 2012. Its Spring 2014 Cloud Security Report covers the yr finishing 30th September 2013.
This record is primarily based on a combination of actual-global security incidents experienced through Alert Logic’s customers and data accumulated from a chain of honeypots the agency set up around the sector.
The record throws a few exciting milds of on-premises and cloud computing security relating to the corporation’s customers. Here are a number of the highlights:
 Computing is moving increasingly more from on-premises to cloud-based totally computing and the varieties of assaults that focus on on-premises structures are actually focused on cloud environments. This might be because of the increasing price of capacity sufferers in the cloud.
 Although attacks on cloud environments increase in frequency, the cloud is not inherently less at ease than traditional on-premises computing.
 The frequency of attacks in each on-premises and cloud computing has multiplied for maximum varieties of threats, although it has fallen for some sorts of threats. Here are the principle factors of evaluation between each computing environments:
The maximum prevalent kinds of attacks against on-premises customers were malware attacks (such as botnets) at 56% throughout the six months finishing thirtieth September. At simplest 11%, those attacks had been a whole lot, much less frequent amongst cloud clients. However the wide variety of cloud clients experiencing these assaults is growing quick, extra than doubling in twelve months.
Attacks using brute pressure elevated from 30% to forty-four% of cloud clients but remained solid in on-premises environments at a high forty-nine%. Vulnerability scans jumped dramatically in each environment. Brute force attacks and vulnerability scans at the moment are happening at almost identical quotes in on-premises and cloud environments.
Web app attacks are much more likely amongst cloud clients. However, those attacks are down yr-on-yr in both cloud and on-premises computing, as are recons. App assaults accelerated barely in each class of customers.
The maximum established sorts of attacks range among on-premises and cloud environments. In on-premises computing, the top 3 had been malware (fifty six% of customers), brute force (49%), and vulnerability scans (forty%), even as inside the cloud, the maximum common incidents have been brute pressure, vulnerability scans, and net app attacks, each of which affected 44% of clients.
 The incidents concerning Alert Logic’s cloud-primarily based honeypots various in specific parts of the sector. Those hosted in Europe attracted two times as many assaults as honeypots in Asia and 4 times more than honeypots within the USA. This can be because malware ‘factories ran in Eastern Europe and Russia, checking their efforts domestically before deploying them during the sector.
 Chillingly, 14% of the malware gathered through honeypots become no longer detectable by fifty one% of the world’s pinnacle antivirus carriers. Even greater frightening: this changed into now not because these had been emblem-new malware; lots of the malware that become missed turned into repackaged variations of older malware and as a consequence ought to were detected.
The record concluded with an announcement that safety in the cloud is a shared duty. This is something that person marketers as well as small and medium-sized enterprises tend to forget.
In cloud computing, the service issuer is accountable for the basics, for shielding the computing environment. But the client is 100% answerable for what occurs inside that surroundings and, to make certain safety, he or she needs to have a few technical understanding.
Advertisements through cloud carrier companies seem to imply that cloud computing is safer than an on-premises computing. This is truly no longer authentic. Both environments appear to be equally secure or unsafe viz-a-viz hackers and their malicious applications.
Attacks inside the cloud are growing as capacity objectives are getting extra ‘theft-worthy.’ Thus, the cloud’s security wishes to be as strong as safety in on-premises environments. However, you can’t rely entirely on antivirus software companies to hit upon all attacks.