Menu
Celebrity nude photos scandal a wake-up call for Cloud users

Celebrity nude photos scandal a wake-up call for Cloud users

An apparent hack of Cloud storage sites that caused a slew of nude images of female celebrities to hit the Internet over the weekend should serve as a wake-up call for the public and for enterprises to be more cautious with the information they store on the cloud.

An apparent hack of Cloud storage sites that caused a slew of nude images of female celebrities to hit the Internet over the weekend should serve as a wake-up call for the public and for enterprises to be more cautious with the information they store on the Cloud.

Whether the scandal will make some enterprises, already nervous about Cloud security, more hesitant about migrating to the Cloud remains to be seen.

"This is a great example of what can go wrong with the Cloud," said Jeff Kagan, an independent industry analyst. "I don't know if this will make people or enterprises more hesitant about the Cloud, but it will make them more careful, and that's good. That's how we learn. We learn not to touch the hot stove when someone else gets burned."

Over the weekend, stories emerged about about nude photos of model Kate Upton and actresses like Mary E. Winstead and Oscar-winner Jennifer Lawrence appearing online. Some of the photos appear to be authentic. Others do not.

The FBI and Apple both told the NBC News that they're investigating what appears to be hacked iCloud accounts. Apple's Cloud-based service is used to store photos, music and videos from Apple devices.

According to a report in the Wall Street Journal, Apple said it is investigating reports that hackers exploited vulnerabilities in its cloud service.

A scandal involving Cloud security that receives attention in mainstream media could give pause to IT and business executives who have been moving toward the Cloud. Some companies already are nervous about reliability and security, and headlines about a Cloud hack and privacy breach could add to those concerns and slow cloud adoption.

Dan Olds, an analyst with The Gabriel Consulting Group, said the reported hack is not good news for Cloud computing.

"While some people might think that this is just celebrity chasing, consider that the guy who revealed all of this stuff didn't make any money on it," said Olds. "Wouldn't someone who was motivated to make money have even more motivation to steal trade secrets and things like that?"

A hacker going after an enterprise would be more motivated and might work harder, he said.

"What happens when true professionals start taking a run at data stored in the Cloud?" Olds asked. "I would think that all of this would give potential corporate and government customers pause."

However, what enterprise executives need to remember is that the cloud is not inherently less secure than any other IT deployment methods, said Allan Krans, an analyst with Technology Business Research. Individual users' Cloud accounts aren't given the same security measures that companies require of their own deployments, he said.

"There are security, password, and identity management issues with all types of IT systems that can and have been hacked," Krans said. "I think this type of personal backup service is more inherently unsecure due to the type of access allowed. It is not centrally managed by an organisation, but by a number of individuals who require frequent and easy access, which creates more security gaps that can be exploited."

Users who apply the same password for various services and want quick and easy access to their cloud accounts don't set up the same security levels that enterprises require.

Kagan noted that this celebrity hack should serve as a wake-up call for users to be more careful and for cloud makers to build more secure Cloud spaces.

"We don't know in this case whether the weak link was with the cloud itself, or with the user -- like with a weak password or no password," he added. "There are so many ways to break into the Cloud and users simply are not aware there is a risk. "

Patrick Moorhead, an analyst with Moor Insights & Strategy, said the problem isn't necessarily with Apple's iCloud service.

"It's possible that a Cloud service was hacked, but not probable," he said. "It's more than likely an intrusion came through compromising a PC, stolen phone or phone app passwords, or a rogue phone app."

If it turns out that the hack stemmed from a flaw in Cloud security, individual users and enterprises may be pushed to boost their own Cloud security.

"If a Cloud service was hacked, enterprises will be more hesitant about using the cloud," said Moorhead. "But in many ways, the Cloud is safer than on-premises IT as Clouds can afford the latest and greatest in security techniques... Enterprises need to assure that a few things are in place. It's important that all data is encrypted everywhere in the workflow, including the client device, network and the server. It's also important to limit certain data from administrators, who may have access to account information or unencrypted data."

Other analysts said that enterprises need to conduct their own penetration testing and should not treat all workloads and data the same. Some data and applications will need tighter security than others and IT departments should make sure they get it.

Companies also should start a Cloud deployment by using less sensitive data first, and then working up to more confidential data based based on what they learn.

Companies, and individuals, need to focus more on security when storing information in the cloud, Kagan said.

"We must focus more on security and protecting our private data," he said. "That just makes sense. Companies need to raise security to the top of the page... I would expect we will start to see some [cloud service] companies use security as a marketing tactic."

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Applecloud computingfbiinternet

Featured

Slideshows

Educating from the epicentre - Why distributors are the pulse checkers of the channel

Educating from the epicentre - Why distributors are the pulse checkers of the channel

​As the channel changes and industry voices deepen, the need for clarity and insight heightens. Market misconceptions talk of an “under pressure” distribution space, with competitors in that fateful “race for relevance” across New Zealand. Amidst the cliched assumptions however, distribution is once again showing its strength, as a force to be listened to, rather than questioned. Traditionally, the role was born out of a need for vendors and resellers to find one another, acting as a bridge between the testing lab and the marketplace. Yet despite new technologies and business approaches shaking the channel to its very core, distributors remain tied to the epicentre - providing the voice of reason amidst a seismic industry shift. In looking across both sides of the vendor and partner fences, the middle concept of the three-tier chain remains centrally placed to understand the metrics of two differing worlds, as the continual pulse checkers of the local channel. This exclusive Reseller News Roundtable, in association with Dicker Data and rhipe, examined the pivotal role of distribution in understanding the health of the channel, educating from the epicentre as the market transforms at a rapid rate.

Educating from the epicentre - Why distributors are the pulse checkers of the channel
Kiwi channel reunites as After Hours kicks off 2017

Kiwi channel reunites as After Hours kicks off 2017

After Hours made a welcome return to the channel social calendar last night, with a bumper crowd of distributors, vendors and resellers descending on The Jefferson in Auckland to kickstart 2017. Photos by Maria Stefina.

Kiwi channel reunites as After Hours kicks off 2017
Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Show Comments