Daily news headlines regularly report lax, or no, security for cloud data. In the past few weeks two very high profile businesses reported cloud breaches – Apple’s iCloud and Dropbox. It is no coincidence that my August column for eCommerce Times is entitled “The Cloud Privacy Illusion,” which of course I welcome you to review.
The Washington Post reported the Apple iCloud breach of security occurred when “the attacker was able to call Apple and convince a customer service employee that he was” the owner of the account.
Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. … A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses.
Businesses need to be mindful of cloud data protection as highlighted by the myriad of laws that make access to cloud data so easy, and as Apple and Dropbox has learned the hard way.