Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

The Biggest Cloud Computing Security Risk Is Impossible to Eliminate

The past couple of years have been tough for those defending the security of cloud computing and those trying to establish secure cloud infrastructures for themselves. For the most part, there have been DDOS attacks or defacements designed to embarrass or punish site owners.

However, even considering only websites or services from which hackers actually took over accounts, stole data or money, or planted malware to help steal data or money from others, the list of security failures is long and distinguished: Google, LinkedIn, Twitter, Hotmail, Global Payments (credit-card clearinghouse for Visa, MasterCard and others), Federal Express, Zappos, a host of local bank and police agencies, and the China Software Developer Network (which, all by itself, lost personal information on 6 million users to a single hacker named Zeng).

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

True, some of those victims offer services with access too restricted and services too limited to be considered "cloud." Except for the potential booty (money, data or notoriety), cloud and non-cloud services look pretty much the same to criminals trying to crack them open.

During 2010, only 4 million user accounts were compromised by hackers; in 2011 hackers penetrated 174 million accounts (thanks, Anonymous), according to the Data Breach Investigations Report published by Verizon in March. If anything, 2012 is going to be even worse, according to anti-virus/security vendor Kaspersky Labs.

All that hackery did generate tons of publicity, plenty of vocal outrage from victims, diluvian volumes of frettage from pundits and solemn warnings from security companies thrilled to find themselves center stage in a drama they've been narrating all but unheard for years.

Despite all that noise, it's odd to realize that the incident with the greatest potential to cause a change in attitude among users and IT is the hack of a single reporter's backup account on Apple's consumer-oriented iCloud storage service.

It wasn't even a cool hack. It barely qualified as social engineering.

Due only to the weak identity verification of Apple and Amazon, Wired reporter Mat Honan suffered what he described as his own digital death and dissolution. Not only did hackers get into his email and iCloud accounts, but they also used the data-sync connections among Honan's all-Apple suite of personal devices to wipe out all his backup data in the cloud. They deleted everything from his MacBook and iPhone, leaving him with no easily recoverable copy of any of his data, most of which was valuable to only him.

"In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted," he explained in a piece for Wired explaining "How Apple and Amazon Security Flaws Led to My Epic Hacking." "Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook."

Details of the attack are telling, but have been left out to annoy the readership into even more outrage at the poor security/customer service of Apple and Amazon. (They're actually in "Anatomy of a Successful Personal Hack," if you haven't read them elsewhere, follow the link to be appalled by them.)

Next: Why the Cloud is a Horrendous Security Risk


Page:  1 | 234  | Next Page »


Related Reading


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013



TechWeb Careers