iCloud Celebrity Photo Leak Not a General Threat to the Cloud - Page 2

He said it's also necessary to encrypt the data both while it's being transmitted and received to and from the cloud and while it resides there.

"Enterprise cloud services include asset control and identification," Rasheed said, explaining that such services have strong oversight and that security is contained in a number of layers, including both data security and physical security. It's critical that the entire cloud management infrastructure is secure, from the management consoles to the data and applications, he said.

Rasheed also noted that it's important to make sure that your enterprise cloud provider meets federal standards, which includes requirements for auditing, access control, and physical and data security.

While meeting federal cloud standards doesn't mean that a cloud service is impervious, it does mean that it's unlikely anyone can penetrate the security without specialized knowledge and if someone does manage to get in it's more likely the breach will be discovered immediately.

Of course, the very fact that data is located outside of the confines of your data center does add some risk. Part of the reason the cloud is so useful is because it can be accessed from anywhere, but that also means that, given the right expertise and resources, a breach remains technically possible. But as long as the risk is kept manageable, then the usefulness of the cloud offsets the risk.

Fortunately, you can manage the risk even in consumer-level cloud services. You can, for example, use an email address for your user name that isn't public and that exists only for that purpose. Then, as long as the only person who knows it is you, it's more secure.

You can also create two-factor authentication for your Apple ID, which will keep people from locking you out of your account. It will also keep anyone but you from making purchases using your Apple ID, and it may restrict access to your iCloud account, at least according to the tech support people at Apple. (Go to appleid.apple.com, sign in and follow the prompts to set up two-factor identification.)

But the real problem with any such cloud site, whether it's created by Apple or another company, is that users tend to want convenience over security. This means that they have their phones set up so that all photos are copied to the cloud automatically, as are all emails and documents. Even text messages can be saved to the cloud automatically. When that happens and at the same time you don't secure your data, it should be no surprise that someone eventually finds their way in.

Editor's Note: This article was updated to correct the spelling of the name of Fawaz Rasheed, Verizon's managing director of security solutions engineering.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...