In recent months, media has reported major data breaches by the Australia Broadcasting Commission, The Pentagon and telco giant Verizon. Netizens (users of the internet) are frustrated and are rightly asking, why? At the heart of the matter is ‘cloud storage’ where such breaches are placing increased scrutiny on some of the practices around using the cloud.
Areil Bogle (Technology Editor at The Conversation) explains in her article, ‘Why companies using cloud storage keep leaking data online’ that in each of the above examples it was a simple human error around security settings that led to the exposure of these massive data sets.
While these are the latest raft of data breaches, we have also seen many other massive leaks over the past 18 months:
- Yahoo – 500 million records
- Equifax – 143 million records
- Uber – 57 million records
- Verizon – 14 million records
The above data breaches were not related to the configuration of cloud storage but rather security flaws in systems, software and procedures. As a concerned netizen, what can you do to make sure that services that hold your sensitive data are at least adhering to standard security protocols on their website?
There are a number of free scanning tools available such as Qualys SSL Labs that will allow you to submit a web address and get a report on how their security stacks up. Another option is to check to see if any of your email addresses have been breached. The website haveibeenpwned.com is a great tool set up by Troy Hunt here in Australia who is a Developer Security professional. When you submit your email it checks it against a large number of known data breaches and returns a result.
The bottom line is that while the cloud can be such an enabler of technology and innovation, it still carries inherint risks that must be considered and adequately mitigated.
Return to News Home