I recently had different discussions with different customers and we were looking into the key questions to ask, when you plan to move to the cloud (yes, I am working on a corresponding blog post). I was then asked whether we have an answer to these questions – well no. For sure not for all of them and I stated that I am not only sure whether we know all the questions yet…
I then stumbled across the following article Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds. A very interesting approach to attack a virtual machine in the cloud if you use Infrastructure as a Service – they used Amazon EC2 as an example.
This definitely introduces new ways of attacking an infrastructure – and therefore new questions and risk. So, make sure you have the proper risk management processes in place