| Unique Threat | Responsibility | Current solutions |
| Lack of consumer visibility over operations | Infrastructure responsibility for assets and operations in the cloud computing world is dependent on the model of cloud service used. Security monitoring onus has paradigm shifted towards consumer self-monitoring requirements, despite this lack of control. | Re-hire onsite IT monitoring from a consumer perspective, and undo a part of the cost-effective benefits of cloud computing over past methodologies. |
| Unauthorized usage | The lowered barrier to creating and purchasing new cloud services, often as simple as clicking a single button, has allowed individual contractor autonomy even within the consumer organization without proper security risk analysis. | Increased surveillance and management to reduce worker autonomy in cloud services within consumer organizations. |
| API compromise | This data-centric issue is deathly researched. The same vulnerabilities that exist on the OS exist on the Internet through these computing platforms, exposed to widespread vulnerability exposure and potential asset compromise. |
|
| Cross-consumer exploitation | This regards a cloud provider’s infrastructure. Just as these vulnerabilities can be specific to the API, they are just as easily exploitable through an attack that is referred to as a “multi-tenant” attack, creating massive security failures and data leaks. | No attacks have currently resulted from “logical separation failure”, but have been simulated successfully. |
| Incomplete data wiping | Especially regarding research organizations and medical organizations that require legally secure data storage options, secure data deletion is mandated. However, consumers and organizations do not have full control of the deletion protocol and are often unable to verify it as such. | Cloud services intended for these organizations that require increasing levels of security upon deletion and confirmation exist as a marketable product. |
| Stolen credentials | This is one of the most common ways that data leaks occur through leveraging cloud computing resources. This will be explored further in the case studies below. | Ensuring that Cloud service provider worker credentials are tightly monitored will help minimize this occurrence. |
| Lost data | Lost data may not occur as a result of a malicious attack, but rather a failure to retain encryption protocols or permanent accidental deletions, or improper use of the model. |
|