Cloud Control: 5 Ways To Lock Up Personal Information
Lock It Up
The infamous celebrity photo leak from this weekend should have all users thinking about ways to protect themselves and their data. With most people backing up their credit card numbers, personal information, startup business ideas and, OK, maybe some private photos even to the cloud, it's time to get serious. Here are five ways to ensure personal information kept in the cloud is under lock and key.
5. Utilize this anti-brute-forcing mechanism.
Solution providers say cloud services with a login entry point that closes after five or 10 attempts for a set period of time offer an added level of security protection. So if cybercriminals are brute-forcing their way into an account, after only a few rapid-fire hits they'll be forced to sit there and wait. Mike Aquino, director of cloud services at MSP Cetan, said when a program is attempting to guess someone's password a million times, being forced to stop and wait 30 minutes to an hour can really deter the process.
4. Encrypt information before it goes up.
One of the most secure ways to use a cloud storage service these days is to encrypt files before they leave a computer or device to live in the cloud.
Bill Hackenberger, CEO of HighCloud Security, a Mountain View, Calif.-based security vendor, told CRN earlier this year cryptography can deter hackers seeking information.
"Many breaches are a result of simple mistakes and errors, and that exposure can happen in a lot of ways," he said. "No matter what your provider does and how good their intent is, you, the data owner, have legal responsibility for that data. ... Encryption is substantially less costly than it used to be. It runs on pretty much any commercial-grade server that is running virtualization, and there's really no reason to avoid it."
3. Mess with default settings.
The hijacking of female celebrities' personal photos may have occurred because the famous women didn't realize their items were automatically uploaded to iCloud by default. Users need to play around with the settings in their phone to easily manage content.
2. Go for two-factor authentication.
When in doubt, users need to go for two-factor authentication. While not all vendors utilize this feature -- or promote it as something users should take advantage of -- having the two-step process can deter predators from logging into an account. Even though it may be a pain for users to wait a second or two for their phone to buzz with a new log-in code, solution providers told CRN it is one of the best protections out there.
1. Step up the password game.
As if the news of Russian hackers stealing 1 billion passwords this year wasn't enough to scare users into making some changes, experts say it's definitely a key time for users to switch up their passwords. And they should be doing it as often as possible.
Include numbers and letters, capital letters and punctuation marks to fool hackers.
Experts say users also should vary their passwords across all different accounts. There are password managers available, too, to stay on top of all of the logins.