A recent cybersecurity news item should trigger concern for anyone involved in cloud-based software development. As reported in CSO, an attacker breached a popular Node.js module. After building trust and gaining owner-level access, he or she was able to push a compromised version that hid Bitcoin and Ethereum hot wallet credentials for malicious purposes in the code.
Multi-tenancy, which involves the sharing of infrastructure, software, and network assets by more than one entity, is the predominant mode of computing in the cloud. There are good reasons for this. A multi-tenant environment is more efficient than alternative approaches like assigning each system its own individual machine. Cloud Service Providers (CSPs) host multiple companies' IT resources at once, providing each with cost savings compared to self-hosting all resources on-premise.
Organizations are flocking to the cloud in droves, but many question the security of migrating critical resources to off-site, cloud services. In fact, Forrester reports that 58% of companies outsource half or more of their data center operations, servers, network, and storage infrastructure!
