Insider threats for Private Clouds

Question

Any one has any information or pointers to insider threats when cloud platforms like openstack etc deployed within corporate data centers ?

1. What are different kinds of internal threats in general for
   traditional corporate datacenters ( I.e when physical resources not shared across departments, partner employees etc )
2. What new attack vectors open up when the resources are virtualized and shared within the corporate data centers ?
3. Are there any other security and privacy concerns specific to private cloud deployment apart from the ones which public cloud deployments like Amazon EC2 has ?

Answer 1

In response to only (2) above: if a private cloud is actually allocating computing resources on demand to users with certain passwords/keys (like AWS) -- it is then over and beyond plain virtualization in the enterprise and risks additional to simple virtualization need to be mitigated.

If private cloud resources are allocated/deallocated and managed by the DC ops team, then it is no different to plain virtualization from a security perspective.

A couple of mitigation steps we took at a retailer that implemented something in between the two scenarios described above:

1. Managing provisioning passwords and/or keys, with information to users how significant they were and how to protect them. This is especially important for pivate clouds, which are generally in a trustful internal environment.
2. Immediate emails on allocation/de-allocation of resources, and frequent chargeback reports to multiple stakeholders in departments allocating resources.