Apple launched iCloud a couple of weeks back with much fanfare. The service is meant to improve the lags, vulnerabilities, and complications of MobileMe. And neither is particularly bleeding-edge technology. Apple’s efforts (as is so often the case) were to simplify and beatify the experience of cloud computing for the consumer (whether on Windows or OS X).
The technology behind cloud computing is about two hours younger than the birth of the technology of the internet itself. But the security of the cloud has been a concern for just about as long. The scary stories for this Halloween weekend concern what can happen when demons infiltrate your virtual sanctuary.
Perhaps the fundamental goal/benefit of the cloud is to move your documents, photos, music, passwords, bank account… to servers that can house the masses of data of millions of people in environmentally kind ways. Moreover, having such data on the servers means the devices we use to access them can be smaller, lighter, and faster. They only draw on the information (and often the software to manipulate that information) when called upon, thus freeing the device of expensive hard drives that can fail and personal backup systems must draw power from batteries.
But the monstrous fact is that different companies have different security crypts, and the millions of different devices we each want to use have their own kinds of keys to access such crypts. So providers must find some way to provide general access to millions of people and devices while also cutting off those nefarious spirits that want to steal our e-souls. Somehow the crypt has to be kept accessible, yet secure.
Researchers in Germany recently found a number of security holes in Amazon’s Web Services (where addresses, credit cards, shopping patterns, hopes and dreams… are stored). Though they worked with Amazon.com to patch up the wounds, the programmers at the Rhur University are sure other services are just as vulnerable to attack.
And where these attacks are coming from vary geographically, culturally, politically, and with sophistication. Many of us are familiar with the multiple emails we get from our friends trapped in Naples or Nairobi and simply needing $1000 to retrieve their passports. Or that we have just won the Lottery in Aruba thanks to a neighbor’s generosit. But evidence of high-level military exercises in China that include hacking into NATO and US defense systems has been creeping out around the wall as well.
The excitement about what cloud computing could bring to individuals, businesses, and nonprofits is growing, and even those with horror stories about hacked Google accounts see the possibility of a new dawn breaking after the viruses and zombie attacks have been thwarted. Step one of inoculation? Though not a silver bullet or a stake of holly: simply use different passwords for any important-to-mission-critical online account – especially for any cloud-storage system you or your nonprofit are currently using.
If you or your organization have been the victims of such terrors, please let us know how you found out and what you did about it. We are all in this together!
Have a Happy (and secure) Halloween.