What Celebrity Hacking via Apple iCloud Teaches Businesses
The recent hacking of various celebrities’ Apple iCloud accounts (aka Celebgate) teaches everyone a valuable lesson about working in the cloud. It’s important for any consumer and business to fully understand what type of data is stored in the cloud and what security measures have been put in place by the vendor to ensure data doesn’t get into the wrong hands.
According to The Wall Street Journal, the celebrities’ accounts were compromised by hackers guessing the celebrities’ security questions correctly, giving them access to the accounts without the victims knowing. Apple has taken additional steps to keep hackers out of user accounts, including: iCloud users will now receive email notifications when someone tries to change an account password, restore iCloud data on a new device or when a device logs in to an account for the first time.
This is not the only story we’ve seen recently that has involved the leaking of sensitive data from consumers and businesses alike. Your data is one of your company’s most valuable assets, so what can you do to protect it? Here are a few tips to keep in mind with moving your data to the cloud:
Tier Out Your Data: This balances the risks involved with placing it in someone else’s data center. Some data simply cannot go to the cloud due to security and compliance concerns. For this type of sensitive data, Egnyte has an option for sharing and storing data without the cloud.
Know Your Cloud Vendor: Know what measures your cloud vendor has in place to ensure the security of your data. At Egnyte, security is always a top priority. Here are a few of the protections we have in place:
- Email Notifications: Similar to what Apple has recently added, Egnyte sends alerts to users when their passwords or email addresses are changed. Admins are alerted whenever a user attempts to reset a password or is locked out due to too many failed login attempts. We will also soon be adding alerts when users access their accounts from new devices.
- Two-Step Login Verification: Your account can be configured to require a second authentication factor when logging in. This second factor can be a passcode sent via SMS, a phone call or a push notification sent to your smartphone.
- Account Lockout: User accounts are locked out after a configurable number of failed login attempts. Lockouts can be for a specified duration or until explicitly unlocked by an administrator.
Don’t bare it all to hackers and the outside world. Keep your data safe by educating yourself and your teams on the security of the services you use to store your files. For more information on what Egnyte offers from a security standpoint, click here.
We also have a webinar on this topic scheduled for next Thursday, 9/25. Learn more and sign up here.