Many companies, especially smaller companies, may use shared infrastructure, where their websites, databases, or other systems are hosted by a 3rd party managed services provider. This means that hundreds of other companies could be using the same server or the same cloud systems. If a cyber risk issue affects one tenant of a shared server or software, it can put all the companies that use the server or software at risk of a cyber-attack.
Research indicates that companies using shared infrastructure are 2.5 times more likely to suffer a data breach than those using non-shared infrastructure. Shared environments inherently have a broader attack surface, increasing the likelihood of successful attacks.
It’s important that your customers are properly informed about the risks associated with shared hosting:
Shared Vulnerabilities: Shared environments often utilise common software and IP addresses. Vulnerabilities in these shared components can be exploited by attackers, potentially affecting multiple users simultaneously. For example, if a web server or database server has a security flaw, an attacker could compromise multiple accounts. Similarly, shared IP addresses can result in blacklisting, impacting all users on the server. Regular updates and security patches are essential to mitigate these risks.
Access Control Issues: Proper access control and privilege management are critical in shared environments. Misconfigured permissions or insecure default settings can allow users to gain unauthorised access to other users' data. For instance, if file permissions are not set correctly, one user might be able to view or modify another user's files. Implementing strict access controls and ensuring secure default configurations can help prevent such vulnerabilities.
Denial of Service (DoS) Risks: Shared hosting and cloud environments are vulnerable to Denial of Service (DoS) attacks. An attack targeting one user can impact the availability and performance of the entire shared infrastructure by exhausting shared resources such as bandwidth, CPU, or memory. This can lead to significant downtime and disruption for all users. Implementing rate limiting, traffic filtering, and robust monitoring can help mitigate DoS risks.
Data Security and Network Risks: In shared environments, insufficient segregation can lead to data leakage between tenants. Additionally, insecure network configurations can expose users to risks such as man-in-the-middle (MitM) attacks, where an attacker intercepts and potentially alters communication between users. Ensuring proper data segregation, using encryption for data in transit and at rest, and securing network configurations are vital measures to protect data security and privacy. Robust network segmentation and monitoring are also essential to detect and prevent such attacks.
If you have any other questions relating to the risks Breach Check has identified, please get in touch via our live chat.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article