Public Cloud API Security Risks: Fact or Fiction?

 

…Most cloud services use multi-tenant API gateways (meaning shared across different customers and applications) to identify and verify users, as well as to act as the single point of entry across many disparate APIs.

There is an obvious problem here in that the very location that is designed to share information is also the same place that needs to be most highly protected and secured.

The growth in the public cloud worldwide shows no sign of slowing down, with the market predicted to be worth around 160 billion U.S. dollars by 2020. And this trend has become even more widespread in the UK since the introduction of the Government’s Cloud First policy in 2013, which aims to make the cloud the default choice for a variety of computing services. While the UK Government’s Austerity Programme has had some effect on take up, the overall trend is still consistent. Many UK departments have already made this decision based on risk management assessments.

Migration to the cloud essentially means moving sensitive government data to a third-party infrastructure and often relying on that third party for security.

Read full article in Computer Business Review