China launches “Great Firewall” attack against iCloud

According to a report by web censorship watchdog Great Fire, China's infamous state firewall is performing a MITM (Man-in-the-Middle) attack against users of Apple's Cloud-based services. It is suspected the attack has been launched in response to Apple's new default encryption methods.

It is possible to circumvent the fake site using a VPN, or one of iCloud's many other IP addresses.

Since iOS 8, authorities can no longer bypass on-device encryption to gain access. The convenient timing of...

By Ryan Daws, 20 October 2014, 0 comments. Categories: Government, Security.

Edward Snowden advises users to move away from Dropbox, Facebook, Google

Picture credit: The New Yorker/YouTube

Edward Snowden has told an audience at the New Yorker Festival to “get rid” of Dropbox as it doesn’t support encryption or protect private files, instead opting for a service such as SpiderOak.

The whistleblower, who was taking part in a ‘virtual interview’ through Google Hangouts, also criticised Facebook and, ironically, Google, although conceded their efforts in keeping user data safe were improving.

Yet when asked what someone who...

By James Bourne, 14 October 2014, 0 comments. Categories: Data & Analytics, Data Sovereignty, Privacy, Security, Storage.

Why mistrust from the iCloud leak isn’t necessarily a bad thing

In a society that celebrates the public broadcast of an individual’s life through multiple mediums, the return to a more modest ideal may be the only way forward.

Increasingly over the last ten years or so, Millennials, and what some refer to as Generation Z, have been pressured to share intimate aspects of their lives over the internet. If you look back, there has been an interesting trend with this.

Facebook...

By CloudWedge, 09 September 2014, 0 comments. Categories: Security.

Nude celebrity photo leaks: Cloud expert calls for common sense approach

After news broke of a series of leaked photos of female celebrities on Monday morning, there have been a series of developments – with one expert calling for a common sense approach to cloud data.

Ivan Harris, cloud services development director at Eduserv, explained that “things will happen” despite the best laid plans.

“Nothing is 100% secure,” he told CloudTech. “What...

By James Bourne, 03 September 2014, 1 comment. Categories: Best Practice, Security.

4chan user reportedly hacks iCloud with nude celeb pics – as Google strengthens security

An anonymous hacker on the 4chan site has published a series of naked photos of more than 100 celebrities, including Jennifer Lawrence, Kate Upton and Mary Elizabeth Winstead, after reportedly hacking into the users’ iCloud accounts.

Even though the photos appeared to originate from iCloud devices – and even though 4chan users mentioned it – it’s not been confirmed that Apple’s cloud storage system provided the leak. Other theories are being banded about as to how the photos were...

By James Bourne, 01 September 2014, 3 comments. Categories: Compliance, Security.

Community health systems, HIPAA, and cloud hosting: The facts

On the heels of the recent Community Health Systems (CHS)  data breach, in which 4.5 million Personal Health Records (PHI) were compromised, the industry is abuzz about data security in the HIPAA Compliant cloud businesses.  Data breaches like the one at CHS are not the exception – they’re the norm.  The FBI warned that the healthcare industry is extremely vulnerable to hackers in a recent

By Logicworks, 21 August 2014, 0 comments. Categories: Compliance, Security.

HIPAA, cloud, and your business: What you need to know

By David Linthicum

When it comes to HIPAA compliant solutions, security, and cloud adoption, what most find frustrating is how to sort the myths from reality.  The “addressable” requirements of the security rules tend to be the most difficult to meet.  Thus, these addressable requirements have a tendency to fall off the radar, and could therefore create issues with compliance.

Under the HIPAA Omnibus...

By Logicworks, 31 July 2014, 0 comments. Categories: Compliance, Security.

The lowdown on the UK government’s new Cyber Essentials Scheme

Recognising that not all organisations have adequately dealt with cyber security, the UK Government has recently developed a Cyber Essentials Scheme which aims to provide clarity on good cyber security practice.

In its Cyber Essentials Scheme, the UK Government sets out five controls which it is hoped will provide all types of organisations with basic protection against the most widespread type of Internet threats. As such, the Cyber Essentials Scheme should be viewed as a form...

By William Long, 08 July 2014, 0 comments. Categories: Europe, Legal, Security.

Code Spaces RIP: Code hosting provider ceases trading after “well-orchestrated” DDoS attack

Code Spaces, the web-based SVN and Git hosting provider, has ceased trading after revealing a devastating DDoS attack which wiped its cloudy data would cost too much to both resolve and keep the company going.

The unauthorised user gained access to the company’s EC2 control panel, created a series of backup logins and randomly deleted items to the extent where most of Code Spaces’ data had disappeared, with no backups in place. The attacker had also demanded a large sum of money to stop the DDoS,...

By James Bourne, 19 June 2014, 0 comments. Categories: Disaster Recovery, Security.

One in three cloud services was susceptible to Heartbleed, research shows

One third of cloud services was vulnerable to the debilitating Heartbleed virus, it has been revealed.

The findings were posted in a research paper from cloud security provider Skyhigh Networks’ Cloud Adoption & Risk report, and found that 1,173 cloud services from the 3,571 in use had left data exposed by Heartbleed when the bug first broke.

Skyhigh reports that the number of vulnerable services was less than 1% a week later following cloud providers stepping in to address the breach. However there...

By James Bourne, 12 May 2014, 0 comments. Categories: Security.

Healthcare cloud security: Now and into the future

By David Linthicum

Healthcare providers and payers that utilize cloud platforms to store and access personnel records (and like data) are probably storing protected health information (“PHI”), which is protected by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Rules now in place govern the use of cloud computing to store health-related data, including personnel-related data.  The consequences for failure to comply can be severe to a company’s...

By Logicworks, 11 April 2014, 0 comments. Categories: Big Data, Government, Security.

Six of the best: Scams, shams and snoopers

The latest edition of CloudTech’s look at the best links from around the web has a slightly nefarious tint to it, with stories of scammers, snoopers and sham artists. Thankfully though, there are some good news stories further down, proving good things come to those who wait.

1)  Beware: The cloud’s Ponzi schemes are here [Infoworld]

David Linthicum, writing for Infoworld, sheds light on an announcement...

By Cloud Tech, 07 April 2014, 0 comments. Categories: Big Data, Editorial, Security.

The Affordable Care Act and cloud computing: Understanding the links

The Affordable Care Act (ACA) aims to reduce costs while improving quality of care.  Of course, those in Healthcare IT have been trying to reduce costs and improve care for years.  Perhaps there are some real opportunities to improve IT delivery around the ACA, and those opportunities may exist more in cloud than traditional approaches.

Delivering high-quality clinical care is impossible without the support of strategic, integrated,...

By Logicworks, 03 April 2014, 0 comments. Categories: Industry, Security.

Demand for data sovereignty puts home grown data centres in the spotlight

The continuing revelations by former US National Security Agency employee Edward Snowden about the extent of data surveillance are rumbling like thunder around the cloud computing industry.

This is likely to be more than just a passing storm in a tea cup as there could be lasting repercussions on where cloud users and providers store their data.

Companies, governments and the European Parliament are starting to take a long hard look at the whole issue of data sovereignty which may well trigger a rush for...

By Simon Taylor, 11 March 2014, 0 comments. Categories: Big Data, Data & Analytics, Data Centres, Europe, Security.

The outlook for privacy and data protection for cloud in 2014

2014 is likely to prove to be a big year in data protection for many industries - none more so that the cloud computing industry with the possible adoption of the EU’s proposed Data Protection Regulation, implementation of European cyber security strategies and moves by Germany and France to set up a European Communications Network.

In a recent weekly podcast, German Chancellor Angela Merkel suggested a European Communications Network should be set up to avoid potential access to data by the U.S....

By William Long, 06 March 2014, 2 comments. Categories: Big Data, Legal, Security.

Moving your law firm’s data to the cloud: Easily said, easily done

This blog post is for informational and educational purposes only. Any legal information provided in this post should not be relied upon as legal advice. It is not intended to create, and does not create, an attorney-client relationship and readers should not act upon the information presented without first seeking legal counsel.

In a profession notorious for being slow to change, cloud-based solutions for many of the traditionally office-based systems like...

By Logicworks, 14 February 2014, 2 comments. Categories: Industry, Legal, Migration, Security.

Research claims UK businesses struggling to cope with cloud boom

A new research report from cloud identity management provider Okta has revealed that nearly four in five (79%) UK IT decision makers are looking to increase the amount of cloud applications in their company through the coming year.

Yet the report, entitled ‘Identity Management in a Cloud and Mobile World’, also found that data security remains a concern of cloud adoption for seven in 10 organisations.

Not altogether surprisingly, the report from an identity and access management (IAM) firm focuses...

By James Bourne, 05 February 2014, 0 comments. Categories: Adoption, Industry, Research, Security.