New Year, New Security Breach; Three Potential Cloud Provider ‘Screw Ups’ to Watch
2012 is little more than a week old, but there’s already been plenty of cloud news. Predictions for 2012 continued to roll in — and not all of them are favorable. Simple cloud management, however, can solve many of the nagging issues that are holding the cloud back. Meanwhile, 45,000 Facebook profiles were compromised, mostly in the U.K. and France. The culprit? Users’ passwords.
Three Ways Cloud Providers Can Screw up in 2012
InfoWorld’s David Linthicum recently posted about three ways cloud providers can “screw up” during 2012. Linthicum pins the potential screw ups to increased tension between hype, demand and growth.
Here are the three areas:
- Security – “Everyone has a solution, but cloud security is more complex and more expensive than most providers understand -- specifically, the need for identity-based security down to the fine-grained service layers. Most cloud computing providers aren't yet smart about this.”
- Cost of migration – “The issue is that adopters who underestimate the costs will end up with project overruns that in turn cascade into failures as the cloud migration projects get larger and larger.”
- Performance – “Providers need to increase their numbers of subscribers, thus providing more for less as competition gets heated. That translates to less money for growing the infrastructure and keeping up with the jump in subscribers.”
Security, migration costs and performance issues can become blunders when unaccounted for, which is why a cloud management layer (such as Okta) is so important. Cloud management can help providers mitigate security concerns and migration costs, and multifactor authentication bolsters security. The cloud’s primed for rapid enterprise adoption in 2012, and thoughtful app management can help ease the transition.
New Year, Same Problems
It’s a new year, but some things never change. News broke last week that more than 45,000 Facebook logins were compromised, mostly in France and the U.K. Malware in the form of a computer worm, Ramnit, was to blame. The BBC picked up the news, and quoted researchers from security firm Seculert, who attributed user passwords as the cause of the breach.
"In addition, cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks," the researchers wrote in a blog post, as reported by the BBC.
Okta CEO Todd McKinnon, in a cloud predictions piece posted last week in Forbes, wrote that, due in part to unsecure passwords, one billion people would have their passwords stolen during 2012. A week and a half in to 2012, and only 999,955,000 security breaches to go.
Security Breach Timeline:
- JANUARY 5, 2012: 45,000 Facebook passwords compromised, mostly in the U.K. and France
- DECEMBER 14, 2011: China-backed hackers break into iBahn network, potentially accessing millions of confidential emails
- NOVEMBER 30, 2011: Duqu authors likely behind extensive C&C infrastructure wipe-outs
- NOVEMBER 10, 2011: Valve’s Steam server hacked.
- JUNE 24, 2011: Electronic Arts’ BioWare server hacked.
- JUNE 20, 2011: Sega hacked – 1.3 million users had sensitive information stolen.
- JUNE 20, 2011: Dropbox files left open due to bug.
- MAY 16, 2011: LastPass database stolen.
- May 10, 2011: Citigroup hack exposed the data of 360,000 accounts, millions stolen.
- APRIL 27, 2011: Sony PlayStation Network hacked.
- MARCH 30, 2011: Epsilon (email communications manager) had the email database for 26 companies, including Citi, Walgreens and BestBuy, stolen.