IT Risk Management: Threats and Security Research
1. Cloud Computing in Relation to Identity Theft and Security
While cloud computing becomes a widely popular technology and a method of exchange and storage of information, it possesses certain threats and risks. The cloud computing grows at a rapid pace and emerges in all spheres, including the plans to introduce cloud passports and digitals means of personal identification. Not surprising, it brought a lot of new corporate and personal practices along. The corporations and enterprises want to achieve professional goals in a quicker and easier way than ever before, yet it also increases security risks and turns information into a sort of a moving and highly vulnerable target. Cloud computing, especially in the case with cloud passports, leads to risks of identity theft and security breaches. Identity theft can be identified as a crime aimed at illegal obtaining of sensitive personal information, such as credit cards and health insurance data, social security, and employment related information. Additionally, personal information can be used "to obtain credit, merchandise, and services in the name of the victim, providing false credentials" (Rouse, 2016). And while it may be safe to store pictures, music or means of digital entertainment in a cloud storage, personal and business information is where a person does not really know the level of provided data security. In a case with governmental agencies, border control, and the military, it is not just security of the servers, which should be one of the concerns, but the list of people who have access to such sensitive information as a part of their daily work and responsibilities. It is important to understand that once information reaches the cloud servers, it is not stored in a single location. Corporations should base their security models in a form of centralized and an accurate threat monitoring policy and an enforcement infrastructure, which "enables end-to-end visibility across on-premise systems and cloud applications by rolling-up intelligence from multiple security tools, enterprise systems, and business applications" (Lambert, 2016). As a result, corporate practices have changed a lot due to increased mobility of information and a number of individuals that receive both personalized and group access to sensitive data. The available systems and resources should be tested and analysed for conformity and support of all the essential security features, and compliance to international standards. Only then it will be possible to confirm their credibility and strength (Habiba, Masood, Shibli, & Niazi, 2014). Therefore, there is a need of a more holistic approach to cloud computing and the threats related to identity theft.
2. What are the new risks / threats?
New risks, related to cloud computing, include a lot of complex and numerous aspects of evolving nature. They can be summed up as data breaches due to increased mobility of information, weak identity, weak credential and access management methods, insecure interfaces in the field of cloud computing, vulnerability of implemented applications, hijacking of accounts, advanced …