Chapter Author
Contact Graeme
Journalists, students, potential clients or anyone else email.......
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
Cloud Computing added to the IT Security Guide
Cloud computing is the latest fashion in computing and, like it or not, it will be the future. One day computers will barely store anything and you will connect to a remote hosted desktop meaning your desktop computer is no longer in your home but in a data centre somewhere. This of course will reduce costs, make backup easier and mean more flexibility but it opens a whole can of worms around security, continuity and privacy. Before picking a cloud service you really need to investigate and ask a bunch of questions like these................... Read the full page here.We offer ultra secure online backup...... no you do not
No this is not a Punch and Judy article, its much more serious than that, its about guarding your data.Last Saturday night (12th) I stumbled upon a company which offered "ultra secure" web hosting, vps, dedicated servers, hosted email and backup. So I sent them a email asking for more detailed information and securing policy details. In the meantime I thought there "ultra secure" backup option might be useful so I noticed they did a trial and signed up.
The strange thing was is that the login and signup page was http, i.e. not https and no encryption between me and them. So I signed up with a new password and also checked the source code and there was definitely no encryption. I installed the client backup agent and gave it a test folder to do.
It backed up swiftly and appears on the online portal. Great, all seems ok? Now time for some testing so I opened up Wireshark and could sniff the username/password, o/s, url, ips, file names, hard drive addresses - both for the website and backup agent. Shocking! I emailed the provider with what I found and no reply so far.
So the next time a company claims to have military grade security and encryption do not take their word for it! This is the problem with cloud service, you do not know how its controlled.
Not again Goliath (Symantec)..... Corporate sabotage?
On the 4/4/2012 I posted a blog piece about McAfee and Webroot [David (Webroot) Vs Goliath (McAfee): Corporate sabotage?] and now it seems Symantec are being unfair when it comes to their competition.
Page 54 of 57