iCloud Celebrity Photo Leak Not a General Threat to the Cloud
NEWS ANALYSIS: The good news is that technically Apple's iCloud did not suffer a full-scale system breach, but Apple did need to fix its password security after a celebrity photo leak.The sensationalized leak of embarrassing photos of movie stars and models that was being called a breach of Apple's iCloud service wasn't really a breach in the technical sense. Nothing that happened at Apple makes the cloud any more or less secure than it was already, which in the case of enterprise cloud services is actually pretty secure. But it does point out some vulnerabilities common to consumer cloud services. Perhaps more important, the leak of those photos illustrates clearly why no one should be allowed to store sensitive business information on a consumer cloud site. This includes protected information such as health care data, credit card numbers or personally identifiable information such as Social Security numbers. So if your employees are stashing customer details on nearly any public cloud site, they should stop. The reason these sites aren't safe enough for business-critical data is that it's too easy to break in. Nearly all of these sites require a user name in the form of an email address and a password.
There's no provision for two-factor authentication on most sites, for example, so if someone can guess your password, he's in. Unfortunately, because email addresses are by nature public, they provide very limited protection at best.