Threats to Cloud Storage

---

• NIST SP 800-209 provides specific guidance on storage security
  • for on-prem and cloud

Long-term Storage

• threat include:
  • exposure
  • malicious access
  • integrity risks
  • denial of service
• side channel attacks

Ephemeral Storage

• same threats as long-term storage
• risk to IR/DF process
  • ephemeral storage can be automatically destroyed when systems are terminated
  • forensic artifacts may be lost
• side channel attacks

Raw Storage

• may be allocated directly on devices
• reallocation of data can leave fragments of data available to the next user of the block storage
  • always encrypt data
• side channel attacks