Cyber Security
Cloud Hacks, What Is It And How To Protect Your
Information?
Meta Description: There are plenty of cloud-related precautions that security experts say you should
take
What Is Cloud Hacking?
To know what Cloud Hacks are, a few words about what Cloud Computing is would be in place. Cloud
Computing is a conglomeration of services such as storage services, spam filtering, utility-style
infrastructure, software as a service, web services, platform as a service, managed service providers,
service commerce platforms, Internet integration and many more.
Today, we use such cloud-based interconnections without much of it being in evidence, for example,
Gmail, where we keep even our most intimate e-mails. In fact, most IT customers today plug into
several isolated clouds of service individually. For example, we log on to different websites to read the
news, to do our financial transactions and to read our mails. In the enterprise, increasing use of
virtualization and SOA or Service Oriented Architecture is creating the idea of loosely coupled services
that run on agile and scalable infrastructure, eventually making the enterprise as a whole a node in the
cloud.
However, all this comes at a price. With the proliferation of cloud services and cloud-connected
devices, users now access data from beyond the firewall. This demands a shift in the way we secure
data. Now, security is no longer confined to locking down the perimeter, it is about understanding who
is accessing what information and whether they are allowed to do so. This calls for implementing an
identity-centric approach to security of data and this where the problem starts.
According to a recent Ponemon study, less than 30% of the organizations said they were confident
about authentication of cloud users. That leaves a huge gap for attackers bent on usurping the identity
of users and using it for clandestinely stealing sensitive information, financial data and other important
data. This in essence, is Cloud Hacking.
How To Protect From Cloud Hacking?
Most people believe that data stored in remote servers or cloud services are inherently safe, as the cloud
service provider would be watching over them. Well, that may be partly true, but that does not
exonerate the owner of the data from taking his own safeguards for protecting his data. After all, loss of
data, for whatever reasons, would be a primary loss to the owner, and possibly only a secondary loss to
others (the cloud service provider). Therefore, it is imperative that the data-owner assumes prime
responsibility in backing up his data in multiple locations other than his main cloud service.
Even as cloud computing opens up vast opportunities for individuals and organizations, it also opens up
the security soft spots for data thieves and cybercriminals. Although the cloud service provider may not
be lax in providing security arrangements for keeping data safe, the same cannot be said of the users of
the service. Many do not understand or are unclear about their privacy settings.
However, things are not all that gloomy in this new field of promise. One of the best ways of protecting
the data is to encrypt the whole thing. With encryption, you turn all data into something unintelligible,
and it remains this way to anyone who does not have access to the keys that will unlock the content.
Now, just like your login information, how you protect the encryption keys is critical to the safety and
security of your data.
Never Have All Your Eggs in the Same Basket
Use different passwords for every single on-line account. Password management is not very difficult
with the use of services such as LastPass or RoboForm, and you can even use them to generate hard-toguess passwords. Additionally, never link all your sensitive accounts together through your passwords.
Ref:
1. http://edition.cnn.com/2012/08/09/tech/web/cloud-security-tips
2. http://www.usatoday.com/story/cybertruth/2013/05/31/cloud-security-hacking-encryption/2375689/
3. http://www.journeytothecloud.com/cloud-computing/cloud-security-from-hacking-the-mainframe-toprotecting-identity/
4. http://www.infoworld.com/d/cloud-computing/what-cloud-computing-really-means-031