Comfy in the Apple iCloud?

Cloud storage for organizations is smart on many levels ... but not all levels. Increasingly, we're finding businesses are getting a little too comfortable in the cloud. Data breaches and security leaks are on the rise. And, while you may like to think that it won't happen to your company, hackers and identity thieves are casting an ever-widening net. Take the recent Apple iCloud breach, for example. Using iCloud is supposed to be ultra-private and ultra-secure. It's also undeniably convenient. You can put anything in there, any time, and it seems completely private. Yet the iCloud breach proved that the contents of your cloud can easily be made public, as dozens of major celebrities discovered to their personal mortification.

How did it happen? Some analysts have blamed user error – the celebrities didn’t use strong enough passwords and failed to change them regularly. Or, they used easily discovered personal information for security answers, making it simple for a motivated hacker to break in and publish their nude photos for cash.

Others pointed out that the iCloud breach was partly caused by an iCloud vulnerability that allowed for multiple password attempts. With no lock-out protocols and an abundance of motivation, hackers could endlessly try combinations until all the files they wanted were at their fingertips.

Apple says this vulnerability is now fixed ... but was it really the cause? No-one is sure, and fingers are being pointed everywhere. Yet the core issue remains – what was meant to be private and protected was openly available. No matter who is at fault, the data (and images) are out there and there is no way to retrieve them.

Could your company afford a similar exposé of your most private files? Are your corporate pockets deep enough to withstand the damaged reputation of a Home Depot- and Target-style data breach? Who will ultimately bear responsibility for credit card compromises, loss of corporate intelligence, or even the leak of private medical data?

After all, it’s not just about money. Yes, data breaches add up to serious fines.

Case in point, Target owes a $3.6 billion fine to the PCI Council; that is approximately $90 per customer exposed for Target failing to uphold standards to protect cardholder data. But, responsibility is a broad term in today’s litigious culture, and your customers may not be happy to simply decimate your bottom-line. They will want to see someone held accountable.

In situations where no-one wants to take the fall, everyone suffers.

These are serious issues … and ones your company may not be wholly comfortable discussing. They’re worst-case scenarios, but nonetheless, they are real. Hoping it won’t happen to you isn’t exactly the best strategy to adopt. Instead, be proactive and put processes in place to help prevent data breaches from happening at all.

Twinstate Technologies® can support you by digging into your cloud hosting and data management needs, and recommending the best options for secure remote storage and backup. If you’re not 100 percent sure where you’re at risk, our Preemptive Attack Strategies™ (PAS) can inform you about services such as vulnerability assessments. Twinstate Technologies is one of the only Certified Ethical Hacking (C│EH) groups in its markets and provides evaluations of your organization to let you know where you’re vulnerable before true bad guys get wind of your weakness.

From there, our Information Security Services (ISS) and Information Security Advisory Team (ISAT) help you focus on keeping your private data secure. Our Multi-Threat Protection™ (MTP) methodology will assist your team to locate and minimize ongoing risk. You’re absolutely right to be concerned about potential data breaches, and we can aid you in taking the appropriate steps to keep your company’s private information just that – private!

You can have security without privacy, but you can't accomplish privacy without security.