The Lessons Every Business Should Learn From 2014’s iCloud Hack
The 2014 iCloud hack that saw intimate images of celebrities being accessed and posted on the net, brought the security of the cloud into question last year. But is it the cloud itself that is the problem here?
Many argue that cloud computing is actually more secure than storing data within your own business, and with its significant efficiency and cost advantages, it undoubtedly has the potential to grow your business. Couple that with the fact that the 2014 hack was down to hackers correctly guessing passwords or using phishing techniques to acquire them from the victims and you start to realise that the problem lies not with the cloud but with those using it.
The end user is often the biggest risk to the security of the cloud – but the good news is that we can all do something about it.
Here are 5 lessons that businesses should learn from the 2014 iCloud hack
1. Implement a cloud security policy
IT policies provide a set of instructions for the correct handling of equipment. Implementing a cloud security policy will increase the efficiency of your business and getting it right will save you both time and money.
2. Improve staff training
You need to ensure security beyond the software – if your staff are not aware of the risks then they will not know how they are supposed to avoid them. Implementing a security policy will provide them with rules and regulations but simply handing them a set of instructions is not enough – you need to spend time training them. If they have been taught how to spot a phishy email, they will know how to avoid the security risks it poses.
3. Use strong passwords
This is one of the simplest ways to shield your business from cybercrime – but possibly the most crucial. An easy-to-guess password is the quickest way in for a hacker; this is what they will try first. The strength of your password can be improved in three ways:
- combining words, letters and numbers into mixed up sequences
- two-step verification – Needing a code sent to your mobile phone in addition to your password to log in
- using different passwords for work and home
4. Ensure employees’ own devices are secure
If your staff are accessing data from their own devices, how sure are you that the devices are secure? It doesn’t matter how tight your security is within the business if you are not extending these requirements to your staff’s own devices. Don’t let this be a gap in your defence.
5. Monitor access to the cloud
Both user activity and cloud activity should be monitored so that any potential security threats can be prevented before it is too late. Don’t just assume that your cloud provider will automatically alert you to user and cloud activity – make sure that it is in your agreement and run regular checks on it in-house as a back-up.
Talk to the experts at Serval Systems on how to avoid security threats and use cloud computing successfully – contact us now on 01342 895180 or info@servalsystems.co.uk