Control, Security, and Risk in the Cloud
This chapter discusses the risks in cloud computing. Concerns are often raised about decreased customer control and increased provider control of data in clouds, particularly regarding data security (confidentiality, integrity, and availability), fuelled perhaps by the relative lack of information available to customers regarding details of providers' components, suppliers, and mechanics. Colocation risks may also exist. One concern is the leakage of data to others sharing the infrastructure. Another consideration is that if hardware thought to contain a third party's target data is seized by authorities, data of other tenants sharing that hardware may be exposed also. Ultimately, cloud services differ in the degree of control and flexibility afforded to customers (and accordingly in their responsibility for security), and the extent to which providers or sub-providers can access user data. Much depends on a service's type and design. Prospective cloud users may manage their cloud risks not just through technological or contractual means, but also through insurance.