Security flaws in the hypervisor can lead to malicious software targeting individual VMs running on it or other components in the infrastructure.
A flawed hypervisor can also facilitate inter-VM attacks (aka VM hopping when isolation between VMs is not perfect; that is , one tenant’s VM cloud peek into the data of another tenant’s.
Network traffic between VMs is not necessarily visible to physical network security control, which means additional security controls may be necessary.
Resource availability for VMs can be flawed. Individual VMs can be starved of resources. In a virtualized environment, one virtual server’s idle time is another server’s production time.
Virtual machines and their disk images are simply files residing somewhere. This means that for example a stopped VM is potentially accessible on a file system by third parties if no controls are applied. Inspection of this file can circumvent any control that the guest operating system applies.
Provider lock-in:
Loss of governance:
Compliance risk:
Provider exit
The consolidation of IT infrastructure leads to consolidation risks, where a single point of failure can have a bigger impact.
A larger-scale platform requires the cloud provide to bring to bear more technical skill in order to manage and maintain the infrastructure.
Control over risks will shift toward the provider.
Guest breakout: Break out of a guest OS so they can access the hypervisor or other guest. This would be presumably be facilitate by a hypervisor flaw.
Snapshot and image security: The portability of images and snapshot make us forget that they can contain sensitive information and need protecting.
Sprawl: When we lose control of the amount of content on our image store.
Management plane breach
Resource exhaustion
Isolation control failure
Insecure or incomplete data deletion
Control conflict risk
Software-relate risks;
Data protection: Cloud customers may have legal requirements about the way that they protect data, in particular personally identifiable data (PII). The controls and action of the cloud provider may not be sufficient for the customer.
Jurisdiction: Cloud provider may have data storage locations in multiple jurisdictions, when can impact other risks and their controls.
Law enforcement: As a result of law enforcement or civil legal activity, it may be required to hand over data to authorities. For example, seizure of a physical disk may expose that data of multiple customers.
