Top Security Perils When Moving an Application to the Cloud
Posted by hyperguard on December 28, 2009
Hyperguarding your Web Applications is starting a series of posts showing you the top security perils of forcing applications onto the cloud that weren’t specifically designed for it.
Here’s a typical situation…applications are built from the ground up using programming languages, such as PHP, JAVA or .NET by an internal development team or a third party vendor with the notion of For Internal Use Only in mind. There is a general assumption by development teams that users can always be trusted, the application will be used ‘as intended’ and all information (i.e. user data) and content (i.e. product data from databases or ERP systems) are coming from safe and secure sources. Until now, there have never been security issues with applications.
As cloud computing becomes more favorable among companies, they are forcing their applications out of the internal network in to the cloud, causing them to be vulnerable to Web threats. If the application, or parts of the application, is moved in to the cloud, there will be typically less security within the infrastructure and several more users will be accessing it. Therefore vulnerabilities turn up and hacks occur.
Every few days we will post typical challenges enterprises face when moving an application to the cloud —so check back often.
Follow the discussion on Twitter @hyperguard.