A new high-profile breach on Apple’s iCloud service has everyone wondering: Is cloud computing really as safe as it claims to be?
Several celebrities’ iCloud accounts were hacked into over Labor Day weekend, leading to risqué photos of actress Jennifer Lawrence being published online. (Model Kate Upton and actress Mary E. Winstead have been named as other victims of the leak.) The hack occurred, according to the Wall Street Journal, because hackers identified a vulnerability in Apple’s Find My iPhone service that allowed them to keep re-entering potential passwords until they found the right ones. (Apple apparently patched the issue by Monday, according to code hosting site Github, which originally discovered the Apple flaw.)
This latest breach—even if targeted at Hollywood stars and not businesses—raises new questions about the safety of storing sensitive information on the cloud. Businesses of all sizes are turning more and more to cloud-based services, whether Dropbox, Google Drive or Microsoft’s Office 365. A recent Intuit report predicts that 78 percent of small businesses will use the cloud by 2020.
Unfortunately hackers are always looking for new vulnerabilities and ways to break into the massive data droves held online. They often uncover vulnerabilities before companies and their IT experts do.
Last fall Google CIO Ben Fried sparked an uproar when he said that Google employees aren’t allowed to use non-Google cloud services such as Dropbox due to the security concerns of those services. The message may have seemed hypocritical, considering that Google assures people every day about the safety of cloud computing.
But tech experts point out that while cloud services can help businesses avoid having to manage and protect their own internal servers, they carry their own limitations. Businesses should ask cloud providers key questions about encryption measures and security protocols before signing up and assuming their data will be safe, corporate IT experts say.
Thomas Trappler, a corporate IT security adviser and director of software licensing for UCLA, told the Seattle Times last year: “It’s easy to overlook security because of the virtual nature of the cloud, but really your data is going over the Internet to another computer and not to some magical world where everything’s going to be fine.”
Read more articles on technology.