IT leaders are probably getting used to addressing security concerns about cloud computing by now, but they may be less prepared to discuss how naked images of Kate Upton and Rihanna wound up online.

Following news that several celebrities using Apple’s iCloud service found their personal data compromised a few days ago, there have been major questions raised, not only about the hacking techniques involved but whether any hosted data can ever be considered safe.

I spent much of the day Monday making stops at CTV News and CBC News, where I tried to explain a few basic points. They’re nothing CIOs don’t already know, but hopefully they could be something quick and easy to point users toward if they want to know more about cloud security.

As for the ultimate question — can we ever rely on the cloud after Jennifer Lawrence’s embarrassment? — I dealt with that in this clip that played on the radio. Tell users to trust me on this one.

 

For more of my comments on iCloud and Apple, see this story on CBC.

Apple said Tuesday after more than 40 hours of investigation, “we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Appleā€™s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.

It urged iCloud subscribers to use a strong password and enable two-factor verification — where the system sends users a random number to a smart phone in addition to asking for a password — for logins.



Related Download
Creating Efficiencies In Vendor Risk Management Sponsor: BitSight
Creating Efficiencies In Vendor Risk Management
In this eBook, we'll explore how vendor risk management (VRM) has traditionally been handled, why traditional strategies alone are inadequate, and advices for vendor risk managers on how to effectively and efficiently mitigate cyber risk.
Register Now