Multi-Tenant Environment Risks

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
12 hours 57 minutes
Difficulty
Intermediate
CEU/CPE
13
Video Transcription
00:00
>> Now we're going to talk about the risks
00:00
when using multi-tenant environments.
00:00
Now as a refresher, multi-tenancy
00:00
>> refers to anytime that
00:00
>> multiple customer's data is being processed or
00:00
stored in a shared application or hardware.
00:00
The learning objectives for this module are
00:00
to identify the common risks of
00:00
multi-tenancy and describe some
00:00
of the methods for addressing these risks,
00:00
associated with multi-tenant environments.
00:00
The image on your left shows the difference between
00:00
single tenant environments and
00:00
>> multi-tenant environments.
00:00
>> As you can see in the single tenant environment,
00:00
every single customer has their own instance of
00:00
the application and their own corresponding database.
00:00
In the multi-tenant environment,
00:00
multiple customers data is
00:00
processed in the same application,
00:00
and each customer may have
00:00
their separate segregated database,
00:00
but that application is a place where it
00:00
made the data is commingled when being processed.
00:00
This can also happen in terms of storage.
00:00
Different customers data can be
00:00
stored on the same piece of hardware.
00:00
Now let's go into some of the risks.
00:00
Conflict of interests.
00:00
Unlike dedicated hardware,
00:00
something that's hosted internally or in a private Cloud,
00:00
when it comes to a multi-tenant environments,
00:00
there's a conflict of interest because
00:00
the Cloud provider is really
00:00
focused on maintaining the environments
00:00
for all customers,
00:00
so there is less attention
00:00
for the concerns of individual customers.
00:00
Escalation of privilege.
00:00
Because there is a co-mingling of information,
00:00
either when it's being processed or stored,
00:00
there are potential threats where
00:00
either once one customer's data is breached,
00:00
that the attacker may be able to escalate
00:00
their privilege level on
00:00
the application and comprise other piece of data.
00:00
Information bleed. We've seen this one before.
00:00
Failures or malfunctions in
00:00
>> an application or a database
00:00
>> can reveal information on
00:00
what applications or operating systems are running,
00:00
which can provide information to attackers that they
00:00
can use to use tailored vulnerabilities
00:00
>> in their attack.
00:00
>> Legal activity, when data is on the same server,
00:00
legal actions could potentially prevent
00:00
people from accessing any of the data on that server.
00:00
This is a potential risk when it
00:00
comes to multi-tenancy because you
00:00
don't necessarily think your data is going to be
00:00
affected by other customers
00:00
that's supposed to be separate,
00:00
but then that customer gets involved
00:00
>> in a legal dispute,
00:00
>> and part of discovery is
00:00
information that's stored on that piece of
00:00
hardware and all of the data
00:00
becomes inaccessible until
00:00
>> that legal action is resolved.
00:00
>> Quiz question.
00:00
An online retailers website is not working.
00:00
The IT department discovers that
00:00
the company can no
00:00
longer access critical data stored in the Cloud.
00:00
That company soon learns that the data
00:00
of one of the Cloud customers on
00:00
that hardware was involved in
00:00
a criminal investigation and
00:00
the server has been isolated.
00:00
This is an example of what multi-tenancy risk.
00:00
Conflict of interests?
00:00
Legal activity or information bleed?
00:00
If you said legal activity, you're correct.
00:00
There's no real conflict of interests here.
00:00
The Cloud provider has to adhere to
00:00
certain legal maneuvers and
00:00
restrictions when it comes
00:00
to their physical infrastructure,
00:00
and information bleed, that, as we said,
00:00
is when attackers are able to surmise
00:00
information about the applications or
00:00
services running on a piece of Cloud infrastructure.
00:00
In summary, we talked about
00:00
the risks associated with multi-tenancy,
00:00
and then we talked about some of the methods
00:00
for addressing those risks and multi-tenancy.
00:00
Whether it's really classifying the data
00:00
that goes in there and making sure that
00:00
nothing that is so critically important is in
00:00
a multi-tenant environment or can be
00:00
exposed to some of those legal risks.
00:00
I'll see you in the next lesson.
Up Next