Service Offerings
- Cyber security training
- Product reviews
- Blog or article writing
- Cyber security consulting for SME & HNWI
Chapter Author
Contact Graeme
Journalists, students, potential clients or anyone else, email.......
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
graeme@datasecurityexpert.co.uk
Something private to say?
PGP public key
Servers added to the IT Security Guide
- Details
- Category: Blog
Cloud Computing added to the IT Security Guide
- Details
- Category: Blog
We offer ultra secure online backup...... no you do not
- Details
- Category: Blog
Last Saturday night (12th) I stumbled upon a company which offered "ultra secure" web hosting, vps, dedicated servers, hosted email and backup. So I sent them a email asking for more detailed information and securing policy details. In the meantime I thought there "ultra secure" backup option might be useful so I noticed they did a trial and signed up.
The strange thing was is that the login and signup page was http, i.e. not https and no encryption between me and them. So I signed up with a new password and also checked the source code and there was definitely no encryption. I installed the client backup agent and gave it a test folder to do.
It backed up swiftly and appears on the online portal. Great, all seems ok? Now time for some testing so I opened up Wireshark and could sniff the username/password, o/s, url, ips, file names, hard drive addresses - both for the website and backup agent. Shocking! I emailed the provider with what I found and no reply so far.
So the next time a company claims to have military grade security and encryption do not take their word for it! This is the problem with cloud service, you do not know how its controlled.
Page 56 of 59