Skip Links

Recent cloud critics, including Wozniak, intensify debate

As cloud computing comes under the gun, vendors defend their industry

By , Network World
August 09, 2012 10:56 AM ET

Page 2 of 2

The takeaway from Honan's incident and ensuing criticisms stem from basic human error and a lack of common sense by both customer service support staff at major companies and end users, says Alan Shimel, managing partner at The CISO Group. Honan describes how the perpetrators allegedly socially engineered the attack by gaining access to his accounts and resetting his passwords through a customer service representative. Honan even admits himself that he could have had more hardened security and backup procedures in place.

Shimel isn't buying all of the solutions cloud service providers are offering. "Federating across multiple providers won't stop a disaster," he says, noting that Honan had multiple accounts hacked simultaneously. And if cloud service providers hold the keys to the encryption code, than the encryption is worthless, he says.

It comes down to using common security sense, and providers eliminating human and process errors that allow hackers to exploit users. Reports this week indicate that Amazon and Apple have amended their security practices, particularly related to password security in customer service calls.

If a hacker can call into Amazon and get a password reset by answering questions that could be found out about a person on the interview or through a five-minute conversation with them at a bar, there is something wrong with the system in general, Shimel says. "We need to move beyond passwords," he says. One step, on the personal cloud computing end, is to use two-factor authentication, as Shimel argues in a recent blog post, which ultimately is a protection end users put in place themselves, not relying on their providers to do it for them.

Network World staff writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.

Read more about cloud computing in Network World's Cloud Computing section.

Our Commenting Policies
Cloud computing disrupts the vendor landscape

 

Latest News
rssRss Feed
View more Latest News