In [84] Brodkin outlines seven security risks users need to consider in Cloud computing;
- 1.
- Privileged user access: offloading sensitive data to the cloud would mean the loss of direct physical, logical and personnel control over the data.
- 2.
- Regulatory compliance: the cloud service providers should be willing to undergo external audits and security certifications.
- 3.
- Data location: the exact physical location of user’s data is not transparent, which may lead to confusion on specific jurisdictions and commitments on local privacy requirements.
- 4.
- Data segregation: since cloud data is usually stored in a shared space, it is important each user’s data is separated from others with efficient encryption schemes.
- 5.
- Recovery: it is imperative that cloud providers provide proper recovery mechanisms for data and services in case of technological failure or other disaster.
- 6.
- Investigative support: since logging and data for multiple customers may be co-located, inappropriate or illegal activity should they occur may be very hard to investigate.
- 7.
- Long-term viability: assurance that users data would be safe and accessible even if the cloud company itself goes out of business.
