How many of your clients are on the same cloud?
1 September 5, 2014 at 4:34 pm by Carol KreilingSitting next to me on a flight last week, a fellow passenger enthusiastically explained his start-up – a new cyber-cloud, he says. A place for consumers to store their sensitive data, he says. So I had to ask, “What happens when your cloud gets hacked?” Suffice it to say, there was awkward silence for the remainder of the flight.
Fast forward to the news this week – cyber criminals have stolen celebrities’ risqué photos. Was their iCloud hacked? Is the cloud’s security impenetrable or fluffy? This story is evolving but one theory is that the “Find my iPhone” app was vulnerable — it lacked “brute force” protection. (Have you ever been locked out of an application after you have entered the wrong password a few times? Well, that, while frustrating, is an example of “brute force” protection and that is a good thing. Earlier versions of the “Find my iPhone” app did not include “brute force” protection.
Apple has now stepped up its security, resolving that issue in its app.) Lawyers for some celebrities whose photos were stolen have vowed to take action on behalf of their clients. But who exactly will be responsible for this breach?
Just yesterday, cybersecurity expert and blogger Brian Krebs reported that the hardware giant Home Depot’s computer systems may have been hacked. Krebs, who first broke the story last December about Target’s data breach, has reported that nearly every Home Depot store in the U.S. may have been hacked by the same cyber criminals who hacked Target. Home Depot’s breach may have begun as early as May — compromising customers’ banking information throughout the summer months. Home Depot confirmed that it is working with law enforcement and with banks to investigate “some unusual activity” relating to its customers. Home Depot Canada is “assessing” the possibility of whether its customers have been compromised in this data breach as well.
While photos of home improvement projects may not be hack-worthy, bank account information is indeed valuable to cybercriminals. Start-ups notwithstanding, there are only a limited number of cloud locations which could mean large accumulation issues to insurers if multiple clients are on the same cloud. The question becomes: How many of your clients are on the same cloud?
Note: By submitting your comments you acknowledge that insBlogs has the right to reproduce, broadcast and publicize those comments or any part thereof in any manner whatsoever. Please note that due to the volume of e-mails we receive, not all comments will be published and those that are published will not be edited. However, all will be carefully read, considered and appreciated.
Good point with this article. Cloud is great when you lose your computer or it dies and you need to retrieve your data. It is great for an insurance point of view as when there is a fire or flood, the client can retrieve the data from their cloud account and the data restoration efforts are way less. The storage is cheap and the capacity is fairly large for your average small business. The problem, as indicated in this article, is many of the suppliers do not care about the security as much. They run the “run of the mill” type of security on the server to prevent the normal attacks, but are not always up to date with the best security options available. The reason is the contracts only coverage the storage of the material, and not the breach of the server or theft of the data, that is the clients issue to worry about.
Not sure how we in the insurance industry is going to help overcome this other than pricing coverage for an event, that appears, is more likely to occur than was first predicted. That is only going to drive this pricing through the roof. Hopefully a solution can be created to help aid insurance and the client in protecting their data.