Cloud Security Archives - The Privacy Post

4

What the UPS Data Breach Can Teach Your Small Business

Posted by on Aug 22, 2014

UPS

The UPS truck is seen as a symbol of stolidity, but that doesn’t help it in a world of cybercriminals. Image source: qnr via wikimedia.com

Between January and August of this year, UPS computers were infected with malware that compromised the security of 51 stores across 24 states, and exposed the personal data of over 100,000 customers to hackers. While UPS currently has the situation under control, it demonstrates once again that companies can’t afford the luxury of lax security. From big business to mom-and-pop organizations, no one is invulnerable.

Continue reading…

Cloud Security Archives - The Privacy Post

4

Judge Allows Gmail Account to Be Read in Criminal Investigation- Effects for Privacy?

Posted by on Jul 22, 2014

gmail

Recently, a federal judge in NY allowed a Gmail account to be accessed by prosecutors.
Image source: Flickr user Cairo

One of the tricky things about legal precedent is that the precedent is so often set around the actions of criminals, or at the very least people accused of being so. This inherently- unfairly maybe, but generally unavoidably- militates against sympathy, and helps to excuse far-reaching actions that could one day affect everyone.

Continue reading…

Cloud Security Archives - The Privacy Post

1

Troubling Trends: Many Websites Still Not Patched for Heartbleed Security Bug

Posted by on Jul 3, 2014

Nearly 300,000 websites are not patched against HeartBleed. Image from blog.heightslibrary.org.

Over the last few months, there has been a lot of discussion regarding the infamous Heartbleed security bug. This bug has affected almost half of all well-known websites and millions of Internet users. Heartbleed could be considered one of the biggest security threats in Web security history, because it exposes the contents of a server’s memory, where most sensitive user data is stored. This vulnerability allows anyone on the Internet to read the memory of systems protected by vulnerable versions of OpenSSL. By exploiting this vulnerability, any attacker can read sensitive personal information such as usernames, passwords, credit card numbers, and financial data. Also, it can compromise the private keys used for encrypting communication and identifying trusted sources on the Internet.

Continue reading…

Cloud Security Archives - The Privacy Post

0

Best Practices for Protecting Healthcare Records in the Cloud: Patient Data Remains a Target

Posted by on Jul 1, 2014

Implement security best practices for better protection of healthcare records in the cloud.

Protecting the confidentiality and integrity of patient records has always been the prime focus of healthcare industry. This is probably one of the reasons why industries took a long time to adopt cloud computing for healthcare records. As we know, security of data in the cloud environment has always remained under question. Healthcare industries store an awful lot of sensitive personal data, such as patient names, addresses, dates of birth, and personal medical records. Unauthorized access to sensitive medical records can have a significant negative impact on healthcare services. With healthcare data doubling every year, organizations need to invest in hardware equipment, and tweak databases and servers for storing large amount of data. Cloud computing is an effective and flexible alternative for healthcare companies to handle huge amounts of patient healthcare records.

Continue reading…

Cloud Security Archives - The Privacy Post

0

Keeping an Accurate Data Trail: How Important is Log Management in Information Security?

Posted by on Jun 26, 2014

log management

Firewall logs should be monitored and managed effectively for better security.
Image source: Harald Mühlböck via Wikimedia Commons.

Security is a very important aspect of any business. Each day, organizations deal with huge amounts of sensitive and critical data. Loss of corporate data due to data breaches can have a significant negative impact on businesses. In order to protect their sensitive data, organizations invest in many security technologies like firewalls, intrusion detection and prevention systems, vulnerability scanners, anti-malware systems, and much more. These devices generate log files that help information security professionals to research and analyze security incidents. Thus, log management becomes a key component in the security process. Continue reading…

Cloud Security Archives - The Privacy Post

2

Why Small Businesses Are Lucrative Targets for Cyber Criminals and How to Protect Yours

Posted by on Jun 24, 2014

burglar cracking into safe on computer screen

With the advent of new technologies, small businesses have become vulnerable to data breaches.
Image source: Flickr user elhombredenegro

A few years back, business owners were under the impression that only big and well-known companies were at risk of cyber attacks. As big organizations handle enormous amounts of data and are highly interconnected, a data breach could have a significant negative impact on the economy. However, with the advancement in technology and the advent of cloud computing, things have changed. Now, small businesses are equally at risk of cyber attacks. According to a 2013 Verizon Data Breach Investigations Report, a study was conducted on 19 global companies to identify the occurrence of data breaches in the year 2012. The research indicated that 31% of breaches were from businesses with 100 or fewer employees, and another 9 percent were attributed to organizations with between 101 and 1,000 employees.

Continue reading…

Cloud Security Archives - The Privacy Post

2

The Importance of Secure Data Backup: Protecting Your Small Business from Big Risks

Posted by on Jun 19, 2014

 

data servers

Secure online backups are extremely important in order to protect valuable customer and employee information.
Image source: Flickr user Beraldo Leal

It does not matter whether you are a small or large business- data is a vital part of any enterprise. Losing corporate data can cost businesses millions of dollars. Today, a large majority of companies are relying on online data backups to protect their valuable information from being damaged, stolen, or affected by natural disasters like fire or flood. Online backup services have proven to benefit for many enterprises, as they give businesses the flexibility to access data anytime from anywhere.

Continue reading…

Cloud Security Archives - The Privacy Post

0

Identify Critical Assets and Maintain Clear Communication to Reduce the Impact of Data Breaches

Posted by on Jun 10, 2014

halftone cloud image

Enterprises need to bolster security practices for better protection of data in the cloud.
Image source: Flickr user Nick Merritt

Cloud computing has become an integral part of today’s IT market; however, the security of data in the cloud has always remained in question. Organizations tend to outsource almost 50% of their resources to cloud-based services because of their flexibility and cost effectiveness. Since huge amounts of corporate data rest in the cloud, they have become an attractive target for cyber criminals. A data breach in the cloud can cost organizations millions of dollars. Now the question arises: is the impact of data breaches in the cloud more significant compared to traditional IT systems? A recent study conducted by Ponemon Institute and sponsored by cloud-app analytics predicts that data breaches can be three times more costly in the cloud due to improper handling of resources by some organizations.

Continue reading…

Cloud Security Archives - The Privacy Post

4

Cryptowall Ransomware Spreading through Malicious Advertisements

Posted by on Jun 9, 2014

Cryptowall ransomware restricts access to important documents and files until a ransom amount is paid to the hacker.

As predicted by security researchers, 2014 is really turning out to be the year for new forms of ransomware attacks. Ransomware is a form of malware that takes over your system and restricts access to your files and folders until you pay the ransom amount to the malware author. Without the knowledge of the victim, the malware slowly manages to encrypt all the files, folders and documents present on the victim’s machine. Your system will not show any sign of infection, as it will take hours to encrypt all the files and folders.  Once all your files and folders are encrypted, a message with a timer will pop up on your computer screen asking you to pay a ransom amount or to lose access to your important files forever. Last year, a ransomware perpetuator named “Cryptolocker” managed to infect nearly 250,000 computers, stealing millions of dollars. Cryptolocker was very successful, as it was extremely difficult to detect.

Continue reading…

Cloud Security Archives - The Privacy Post

0

Protecting Data Against SQL Injection Attacks

Posted by on May 27, 2014

SQL Injection

There are several security vulnerabilities that can lead to SQL injection attacks.

Data attacks have unfortunately become commonplace these days, with new reports of penetrated security systems being reported on a seemingly regular basis. SQL injection is the most commonly used form of attack by intruders to compromise enterprise data, as it is highly effective and successful in gaining access. The SQL injection vulnerability has been around for ages, and could be easily fixed during the development life cycle. SQL injection attacks have been on the rise for the past few years. “According to Neira Jones, former head of payment security for Barclaycard, some 97 percent of data breaches worldwide are still due to SQL injection somewhere along the line.” Many well-known companies, like LinkedIn, Yahoo, and the Federal Bureau of Investigation have become victims of this form of attack.

Continue reading…