In what's sure to be a blow to cloud computing advocates and enthusiasts, a recent study from German researchers revealed that nearly one-third of Amazon's cloud services have security flaws and may be vulnerable to cyber attacks.
The study, conducted by scientists from the Darmstadt Research Center for Advanced Security, or CASED, reviewed 1,100 public Amazon Machine Images and found that approximately 30 percent lack adequate security measures.
CASED noted that as the cloud has becomes more popular, experts have begun focusing more on protecting data stored on the technology. This has been an important development, as data protection is often cited as one of the weaknesses of the cloud and a main deterrent from enterprise adoption.
However, despite these efforts, cloud security still appears to be lacking. According to the CASED report, the primary vulnerability seems to extend from human error, as many of Amazon's customers simply fail to handle and deploy AMIs properly. While this, fortunately, is an area that can be remedied, it does depend on diligence on the part of the Amazon customer.
"The problem clearly lies in the customers’ unawareness and not in Amazon Web Services," said Ahmad-Reza Sadeghi, who led the research group. "We believe that customers of other cloud providers endanger themselves and other cloud users similarly by ignoring or underestimating security recommendations.”
These types of issues recently came to a fore for Amazon when a number of its cloud servers crashed. It turned out the outage was caused by a configuration error – likely a human error – but the incident, nevertheless, shook some people's faith in the cloud.
This seems to suggest that, regardless of the cause, Amazon and other cloud service providers will need to tighten the reigns of their security practices to ensure the cloud continues to grow.