LiveZilla Live Chat Software

Are you afraid of the cloud?

Written by Marc Chouinard on . Posted in Email Security & Antispam

Are you afraid in the dark cloud?

Cyberspace: the final frontier. These are the voyages of the data from your Enterprise. It’s a new kind of mission: to explore new solutions, to seek out savings and to boldly do what no one else has done before… to send your data to the cloud!

If you need only a cheap solution for your not-so sensitive data, the bargain bin option is good enough. If you really want to jump into the cloud, look deeper and spend a bit more. But is that enough? Cybercriminals, from basement-dwelling amateur hackers to professional criminal organizations, everyone is trying to get in. Once in, it’s all over: they can see absolutely everything. But how they do get in?

The weakest, and I mean WEAKEST point-of-failure is password-related, closely followed by Wi-Fi (but since we’re talking large scale here, let’s forget the Wi-Fi). In my 15 years of geekdom experience, I can tell you that the least secure password is often the most powerful one: the administrator’s.

Within a 5-year period, you’ve probably had at least 2 people with admin privileges who left the company. Was the password changed? Nah, they’re cool – they won’t do anything. In another 5 years, that number might reach 4-6 people who know the same password and who have also left the company. Why not change it? It’s too complicated; there are a lot of processes that use this account, and blah, blah, blah. (Ok: take a break to call your admin… Done? Ok, let’s continue!)

While shipping your data to the cloud, you keep the same password while the transition is in progress. Once done, you still keep it just in case… And the next week, you completely forgot about it.

Do you really want to give access to your goldmine: your customer base, billing and financial info? CAN the cloud be secured? Yes, but you need a damn good checklist! Most cloud services have very poor protection and security rules. Most of them use virtualization to save on space, power, etc. But a misconfigured network can easily give your neighbor access to your machines, and let him have a sneak peek (or an all-he-can-eat buffet).

Encryption is the key – even locally where your host/provider shouldn’t have access to your data (but never say never).

Many businesses don’t pay enough attention to these low-level details and instead spend too much money on high-level security, until they get infiltrated. This not only affects businesses, but Government data too.

And the password issue is only one of the reasons why you should fear the cloud.

Tags: , , , ,

Trackback from your site.

Marc Chouinard

Marc Chouinard

Marc Chouinard is an expert’s expert who has more than 15 years of IT experience. As Head of a Security Operations Team, he is always available, responding 24/7 to new threats: “Sleeping is a waste of time!” A natural fixer of broken things, he has an uncommon approach to problem solving and a phenomenal (some say scary) memory for numbers. Non-technical individuals might refer to what Marc does as IT Voodoo. Oh, and did we mention he has a great sense of humor too?

Leave a comment

Whitepaper Downloads

  • Spam Industry terms
  • Antispam checklists
  • Tips and tricks
  • In depth research analysis

Download

Customer Quote

Vicom's support rep went above and beyond all of my expectations - he was able to solve the problem and even provided support on MS SQL.

    Kevin Jamieson
    O1 Communications