So, we are now in the cloud era, where our files are kept on secure servers around the world and we can sleep at night knowing that we can put all of our records in an area that we have never seen, do not know the location, and have NO idea the amount of security that is on those servers. Wow, this certainly makes me more relaxed, how about you?
This reminds me of the story of Ali Baba and the 40 Thieves. Although reputably a part of the 1001 Arabian Nights, it has been challenged that it is not really part of the original stories of that very colorful legend, but nonetheless we will assume it to be for the purposes of this article.
The story goes something like this: Ali Baba, a poor man, is cutting wood one day and he hears the beating of hooves. Hiding in a nearby area, he spies a group of riders approach the side of a cliff and then hears what looks like the head of this band say “Open Sesame.” At those words, the side of the cliff opens and the band enters with the leader saying “Close Sesame” closing the wall behind him. Now the story goes on in some detail of how Ali Baba uses the password to go into the cave and steal some treasure only to be found out and then employing an ally to ultimately defeat the thief’s leader, but the main reason for re-telling this story is the “password of passwords.”
You see, the leader knew that the password had been compromised, but did nothing to change that password, instead trying to “seal the leaks” by disposing of the people who knew that password. Once a password is compromised, the chances that it will be distributed is high. What happens when a “password of passwords” is compromised, similar to one that many systems administrators have to do their daily jobs? Pure chaos.
If I were a stranger and asked you for the key to your home, would you give it to me without gathering some information about my background, or my reputation? Probably not, but yet we are willing to trust our sensitive data to others that we have not verified. The cloud security is probably very good, but until that can be affirmed, placing sensitive information in that area is somewhat disconcerting. After all, all a “black hat” would have to do is to get ONE password or set of credentials that would allow access to all records and then there would be chaos.
So, what is the solution to this for the household computer use? Get an external drive and software to back up your computer and use THAT to store your important files. As for the rest of the industries that are using cloud security, such as the health information and bank information industries, it is vital that THEY inform the consumer their security posture (leaving out the details so that intruders do not gain access). In the meantime, continue to make your passwords strong by making them longer and more complex. Don’t know how? There are many references on passwords, including a children’s book on the subject by yours truly called “Granpappy Turtle Talks About Passwords” available at http://www.lulu.com.
Learn, Offer, Value, and Educate http://www.grectech.com