The “Cloud” as a catchall for online access has caught on faster than the Internet itself. The concept — of accessing stored material outside of local storage conditions — seems a no-brainer for those looking to eliminate physical storage devices. But just as has been the case with a new computer operating system, basic security issues to protect those using the Cloud seem to have fallen by the wayside. This is more than a shame because it’s dangerous due to the many malevolent types frequenting the online environment.
A 2012 Verizon Data Breach Investigation Report notes that the majority of attacks are acts of opportunity; the perpetrators simply taking advantage of known and exploitable vulnerabilities as opposed to massively intelligent schemes. For many, a security program (aka “anti-virus”) is off the table because it’s unwanted and considered complicated to use and manage. For these people, a focus on two basic steps will go far in protecting both their privacy and data when accessing the Cloud.
The first step is an obvious one — update the computer’s operating system to its most current version. In many cases, known vulnerabilities will be addressed in ongoing updates — closing “back doors” and other “opportunities” that can allow a perpetrator access.
Regardless of the operating system used, the process for updating has been simplified to where it’s just a few clicks, a wait as the download finishes and installs itself and a reboot for safety. This couldn’t be any simpler, whether the person seated in front of the computer is a “newbie” or a sophisticated user.
The second step is to update passwords from obvious ones based on the profile of the user which is common knowledge (such as his/her cat or place of birth, etc.) or, as is unfortunately found in some cases, to put in a password where none is being used at all. A “strong” password acts as a powerful deterrent to send an attacker elsewhere, as time is an issue to the perpetrator who will move on to a more “choice” victim. Think of this as a row of parked cars outside, where each handle is being tested to see if it’s locked or not. The attacker is more likely to try another handle if the one he is at is locked.
Of course other protective measures taken by IT departments are used to provide security. But just as a single weak link can take down the strongest chain, so too does security for the Cloud begin with the individual.