IT leaders are probably getting used to addressing security concerns about cloud computing by now, but they may be less prepared to discuss how naked images of Kate Upton and Rihanna wound up online.
Following news that several celebrities using Apple’s iCloud service found their personal data compromised a few days ago, there have been major questions raised, not only about the hacking techniques involved but whether any hosted data can ever be considered safe.
I spent much of the day Monday making stops at CTV News and CBC News, where I tried to explain a few basic points. They’re nothing CIOs don’t already know, but hopefully they could be something quick and easy to point users toward if they want to know more about cloud security.
As for the ultimate question — can we ever rely on the cloud after Jennifer Lawrence’s embarrassment? — I dealt with that in this clip that played on the radio. Tell users to trust me on this one.
For more of my comments on iCloud and Apple, see this story on CBC.
Apple said Tuesday after more than 40 hours of investigation, “we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.
It urged iCloud subscribers to use a strong password and enable two-factor verification — where the system sends users a random number to a smart phone in addition to asking for a password — for logins.
Understanding how IBM Spectrum Protect enables hybrid data protection
Abdicating your company’s data protection responsibilities to the first cloud solution provider you encounter is just as unwise as doing nothing at all to leverage the cloud. On the other hand, it can be a wise decision to investigate what results you might achieve by choosing a backup technology that is capable of supporting a hybrid protection approach capable of covering both on-premises technology and offsite cloud capabilities.