Why you should be penetration testing your cloud service providers

We've just released our latest white paper with cyber security experts Security Alliance, which looks at the importance of penetration testing when selecting prospective Cloud Service Providers (CSPs).

It's a subject we're keen to talk about because we find that too many people are overlooking or underestimating it.

People don't tend to associate hacking with cloud environments but actually the number of targeted attacks on Cloud Service Providers is not far behind those on on-site data centres. It's becoming more and more crucial to run the same tests on your CSPs as you would in your own organisation.

A common issue we hear is that there are so many options available when it comes to penetration testing that people don't know which are the most useful, or when they should be using them. The methods available aren't mutually exclusive - choosing to conduct one does not mean disregarding the benefits of the other. They're suited to different situations, and they're usually much more effective when used combined rather than individually. Our paper aims to shed some light on how to choose the right methods for you.

Another problem is that some organisations actually don't even realise that they can request to carry out penetration tests on a CSP – and more importantly, that they should. Reputable cloud providers will have no problem with you bringing in a third party to objectively test their environment - take advantage of that. You should be wary of any provider who doesn't allow third party testing.

Data moved to a service provider is subject to all the same threats offsite as it would be in your own on-premise data centre. The difference is, service providers tend to have a much bigger budget for security than you would. Their reputation relies on protecting the data they deal with, so if you get the chance to test their environment and highlight any areas for improvement, take it.

You can read the full paper, Penetration Testing & Cloud Computing: How and when to test your Cloud Service Provider, here.

Contact us:

UK

Call free within the UK
0800 033 6633

Overseas

Outside the UK?
+44 (0)203 1771 910

General Enquires

contact@databarracks.com

Support

support@databarracks.com

Sales

sales@databarracks.com

Accounts

accounts@databarracks.com

Careers

recruitment@databarracks.com

Marketing

marketing@databarracks.com

Follow us:

LinkedIn
Twitter

Visit us:

Address:

Databarracks Ltd
1 Bridges Court
London
SW11 3BB

Get in touch:

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

This website uses cookies. To find out more, read our Cookies policy. By continuing to use the site, you consent to our use of cookies.