Security should, hands down, be the number one concern when considering moving data to the cloud. And why wouldn’t it be? A cloud is a storage unit for all things personal, confidential and business-centric. Handing that key out to just anyone could be disastrous. The problem is that, all too often, it isn’t considered.
[easy-tweet tweet=”Security should, hands down, be the number one concern when considering moving data to the cloud.” hashtags=”tech, cloud, security”]
Written in the Stars
Over the years we’ve seen many fall victim to having their cloud-based data hacked. In August this year, Sage admitted to a security breach of its cloud computing systems affecting 280 companies. Dropbox has had to reset many of its users’ passwords due to a data breach that took place back in 2012. Of course, it’s not just these cloud service providers that are being targeted, individual accounts can also be in the hackers sights.
Pippa Middleton (sister of the Duchess of Cambridge) recently had her iCloud account hacked. The hacker made off with 3,000 of her personal photos and had quickly offered them for sale to a popular news site for £50,000. The trove of stolen photos contained private photos that included members of the UK royal family. A high court judge subsequently ruled that the photos shall be barred from publication. Pippa is just the last in a long line of celebrities to have found her security lacking.
AppRiver’s Q3 Global Security Report that looks at the threat landscape of the preceding three months showed that on any given day there were around 40 million unique threats locations – from malware, phishing messages and compromised or malicious websites and links.
What can be done?
Pippa’s iCloud hack should serve as a reminder to replace any weak or shared passwords you may be using.
Of course, any single security defence may be flawed and there’s no point creating the strongest password possible if hackers are able to obtain it by breaching the organisation and taking the customer database. Yahoo is one company that has had to hold its hands up to this, revealing it couldn’t be sure the data was encrypted!
[easy-tweet tweet=”To bolster passwords, enable two-factor authentication” hashtags=”security, tech, cloud”]
To bolster passwords, enable two-factor authentication whenever it is offered. To avoid falling victim to phishing attacks install a spam filter. Anti-virus will help keep your system free from malware and key loggers. Perhaps the most readily available security defence is common sense. If an offer seems too good to be true, it probably is so don’t click the link. When visiting web pages stay alerted and look for evidence that it’s secure, such as a padlock in the address bar, most browsers now offer a colour coded version to indicate the site has been verified and the https: at the start of the URL is another indicator. When on an unsecured network, use a VPN service to secure your connection.
While each defence can be great on its own, layered security is greater than a sum of its parts.
Troy Gill, Manager of Security Research at AppRiver
Troy Gill, GPEN, is a senior security analyst for AppRiver, which provides e-mail and Web security solutions to more than 45,000 corporate customers. Gill monitors customer data to identify cyber threats, methodologies or vulnerabilities that present threats to IT operations and identifies methods for blocking them. For more information, visit the AppRiver Web site: www.appriver.com