Subscribe

Why your cloud services aren’t safer than any other software

by Jay on January 25, 2010

: Image via Wikipedia

Computerworld UK has a great article on why the attempted Chinese takedown of several Gmail accounts is not an indictment of cloud computing:

This question is particularly interesting when you consider that the attack in question involved exploiting vulnerabilities in IE 6. Why would Google employees still be running IE 6, an outdated browser? Clearly Google’s corporate IT isn’t doing a good job. But the fact that the attacker used VPN to further its attack suggested that the initial victim machine may not be a corporate managed machine. However, we do not know for sure. In any case, Google is at fault here for not managing its risks adequately. And being one of the biggest cloud computing companies, they should know better.

Beyond the irony of a Google employee A) running Internet Explorer instead their own Chrome browser and B) running an ancient, buggy, universally despised version of IE at that, the real hitch in the giddyup here is that we all want to think that cloud computing is immune from the classic desktop-based security vulnerabilities. It ain’t.

Google is supposed to be taken down by some brute-force zombie net or an obscure, complex algorithmic logic bomb, not some telecommuting schmuck too lazy to update his Web browser. But that’s the dirty secret here: Cloud-computing has more exposure vectors, not fewer. At the end of the day, a cloud is just an array of servers connected to the Internet, and those servers are run by mortal admins, some of whom are too lazy or stupid to stop using IE6.

The bigger the cloud, the more servers. The more servers, the more admins. The more admins, the more likely there’s an IE6 user (or equivalent schmuck) in the mix.

It’s absolutely true that the Google takedown has very little to do with cloud computing or software as a service. The real moral of the story is that any organization of sufficient size is bound to suffer from the most pervasive and persistent security vulnerability of all: Dumb people.

Hope you’ve got a backup plan.

Microsoft Downplays Internet Explorer Security Hole (mashable.com)
Why France and Germany Got it Right: IE Must Go (readwriteweb.com)
Old Man IE6 shakes fist as Firefox surpasses him in browser share (downloadsquad.com)

Subscribe
The Backupify blog covers more than just Backupify, but also important tips and topics in cloud computing, social media, web privacy and internet security. If it helps you make smart decisions about your online data, it will probably show up in the Backupify blog.
- rss
- twitter
- facebook
What is Backupify?

Backupify is the leading backup provider for cloud based data, offering an all-in-one archiving, search and restore service for the most popular online services including Google Apps, Facebook, Twitter and more.

With one account you get centralized access to all of your information, stored securely, easily searchable, and ready for restoration or transfer at a moment's notice.

sign up - it's FREE!
Most Popular Posts

Why your cloud services aren’t safer than any other software

Subscribe

What is Backupify?

Site Links

About Us

Help

Legal

Follow Us

Why your cloud services aren’t safer than any other software

Related articles by Zemanta

Subscribe

What is Backupify?

Most Popular Posts

Site Links

About Us

Help

Legal

Follow Us