Welcome!

Python Authors: Matt Davis, Jyoti Bansal, Pat Romanski, Donald Meyer, Liz McMillan

Related Topics: @CloudExpo, Containers Expo Blog, Python, Cloud Security, @BigDataExpo, FinTech Journal

@CloudExpo: Article

The Dangers of Cloud Storage | @CloudExpo #BigData #SDN #DataCenter

The first thing you must do when using a cloud service is to choose a distinct password for it

Today nearly all of us have our information stored on the cloud. It's a very easy solution that allows users to seamlessly create back-ups of photos, contacts and other personal information, giving users access to their accounts anywhere from any device. Perhaps its most prized feature is that it has no storage limits, unlike mobile devices and PCs.

There is, however, a downside to cloud services. Although it is useful in storing data, it could be the reason data is lost. Recently, the celebrity iCloud hack went to trial. The hacker admitted he acquired the credentials by spear phishing his victims and once he had them, all the data they stored on the cloud, whether intentionally or not, was exposed and later posted online.

Many users are not aware of the different risks involved in using the cloud. It's easy to forget that it syncs automatically, storing data that was not intended to be uploaded and accumulating over time. Another side effect due to its remote nature is many users do not feel compelled to protect their cloud accounts as they do their computers and mobile devices, leaving themselves vulnerable.

Users should follow several guidelines to stay safe, while benefiting from the cloud's capabilities. Some of these are simple best practices that should be implemented regardless, such as being wary of phishing attacks and not sharing your passwords. Below is some advice on how to actively protect yourself when using the cloud.

Use a different password for your cloud service
The first thing you must do when using a cloud service is to choose a distinct password for it. Do not use the same password you use for other sites, since it increases the risk that your account will fall into the wrong hands.

Each year, millions of users' credentials are stolen from websites. The best thing you can do to protect yourself is limit the potential damage from such a breach by using a different password for each of your accounts.

In fact, this type of attack was already used to target iCloud users in the past. In 2015, attackers used credentials leaked from various website breaches, such as the eBay breach, to log into iCloud accounts. Once inside, the attackers locked users' iPhones and iPads, demanding ransom in return for releasing them. For the attackers, this was easy money.

Use Two Factor Authentication (2FA)
Two factor authentication is a technology identifying users by two different components. The components could be something you know (password), something you own (chip, phone, etc.) or something you are, for example a biometric fingerprint. Usually, the two factors used are a password and a one-time passcode sent to a mobile device by SMS or automatic call. Using 2FA makes it significantly harder for attackers using brute force to find their way into your account. Most storage and cloud services support 2FA, check out the list of services using it.

This is not to say that using two factor authentication on its own is enough to keep you safe. Unfortunately, malware writers have already managed to bypass even this security method. However, it is a good start, and the 2FA technology rapid development will protect users even further in the future.

Control what you are uploading
Users should be aware if their accounts are set up to sync automatically. While this could be a convenient feature, you might not want to store certain data on a server you do not control. It is also advised that you check what you have already stored on your cloud service and remove what is not necessary.

Stay away from dangerous hotspots
Last, be aware that your communication with the cloud can be intercepted. Even amateur attackers can set-up a fake hotspot with a deceiving name to fool users into using them or even take over legitimate public hotspots. Attackers that gain control of your hotspot can conduct a Man-In-the-Middle attack, stealing whatever data is passing through the hotspot. Users should use only trusted private networks when accessing sensitive data.

Enjoy the cloud, but be careful
While there are many benefits in using cloud services, there are also risks. Users should be aware of them and protect themselves, just as they do when using their mobile devices and PCs.

More Stories By Donald Meyer

Donald Meyer, Head of Product Marketing, Data Center at Check Point Software Technologies, has more than fourteen years of networking and security industry experience. In his current role, he is responsible for Check Point data center and cloud security solutions. Prior to Check Point, Meyer served as Sr. Manager, Product Marketing at Aruba Networks where he was responsible for marketing wireless security, network access control, and network operations product lines. Subsequently, he held various Marketing positions at Juniper Networks, Nokia, Inc., Mitel, AlitGen Communications, and the Associated Press. Meyer holds a Bachelor’s of Science in Business Administration, marketing concentration, from San Jose State University.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
Most technology leaders, contemporary and from the hardware era, are reshaping their businesses to do software in the hope of capturing value in IoT. Although IoT is relatively new in the market, it has already gone through many promotional terms such as IoE, IoX, SDX, Edge/Fog, Mist Compute, etc. Ultimately, irrespective of the name, it is about deriving value from independent software assets participating in an ecosystem as one comprehensive solution.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
SYS-CON Events announced today that Hitachi, the leading provider the Internet of Things and Digital Transformation, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Hitachi Data Systems, a wholly owned subsidiary of Hitachi, Ltd., offers an integrated portfolio of services and solutions that enable digital transformation through enhanced data management, governance, mobility and analytics. We help globa...
SYS-CON Events announced today that T-Mobile will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. As America's Un-carrier, T-Mobile US, Inc., is redefining the way consumers and businesses buy wireless services through leading product and service innovation. The Company's advanced nationwide 4G LTE network delivers outstanding wireless experiences to 67.4 million customers who are unwilling to compromise on ...
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
The age of Digital Disruption is evolving into the next era – Digital Cohesion, an age in which applications securely self-assemble and deliver predictive services that continuously adapt to user behavior. Information from devices, sensors and applications around us will drive services seamlessly across mobile and fixed devices/infrastructure. This evolution is happening now in software defined services and secure networking. Four key drivers – Performance, Economics, Interoperability and Trust ...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists will examine how DevOps helps to meet th...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
SYS-CON Events announced today that Hitachi, the leading provider the Internet of Things and Digital Transformation, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Hitachi Data Systems, a wholly owned subsidiary of Hitachi, Ltd., offers an integrated portfolio of services and solutions that enable digital transformation through enhanced data management, governance, mobility and analytics. We help globa...
SYS-CON Events announced today that CollabNet, a global leader in enterprise software development, release automation and DevOps solutions, will be a Bronze Sponsor of SYS-CON's 20th International Cloud Expo®, taking place from June 6-8, 2017, at the Javits Center in New York City, NY. CollabNet offers a broad range of solutions with the mission of helping modern organizations deliver quality software at speed. The company’s latest innovation, the DevOps Lifecycle Manager (DLM), supports Value S...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in compute, storage and networking technologies, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
@GonzalezCarmen has been ranked the Number One Influencer and @ThingsExpo has been named the Number One Brand in the “M2M 2016: Top 100 Influencers and Brands” by Analytic. Onalytica analyzed tweets over the last 6 months mentioning the keywords M2M OR “Machine to Machine.” They then identified the top 100 most influential brands and individuals leading the discussion on Twitter.
Judith Hurwitz is president and CEO of Hurwitz & Associates, a Needham, Mass., research and consulting firm focused on emerging technology, including big data, cognitive computing and governance. She is co-author of the book Cognitive Computing and Big Data Analytics, published in 2015. Her Cloud Expo session, "What Is the Business Imperative for Cognitive Computing?" is scheduled for Wednesday, June 8, at 8:40 a.m. In it, she puts cognitive computing into perspective with its value to the busin...