On Wednesday, security firm Imperva released new data that illustrates how any user in a cloud service, such as DropBox or OneDrive, can retrieve files across the network without anybody ever noticing. Additionally, Imperva found that attackers could also infect other users with malware and viruses.
Cloud file storage has become increasingly more popular for personal and business use alike, allowing friends and multiple employees to easily share data amongst each other. Imperva’s report, named Man in the Clouds, warns that saving these hacked accounts is not always feasible in some instances. When a security token is obtained from an attacker it becomes extremely easy for an individual to fool the host that the attacker is the owner of the data sharing account.
In rebuttal to this recent release, DropBox’s CTO Patrick Heim stated in an interview today that, “…look at the track record of cloud computing, it’s significantly better from a security perspective than the track record of keeping stuff on premise.” When asked what enterprise users of file storage utilities like GoogleDrive can do to keep their data safer, he said that by using cloud infrastructures that employ a skilled and dedicate staff, businesses are much more likely to keep their data safe in comparison to having to hire less experienced employees in house.
Additionally, Imperva has said that businesses should invest more time and resources into monitoring their sensitive data that is being stored both in the cloud and on-site. Cloud hosting customers can also use services such as Cloud Access Security Brokers, or CASB, solutions that automatically monitor the access and usage of their data.
On a final note, it seems that the general recommendation is to be vigilant in the prevention of theft and protection of data stored both locally and in the cloud; something that has been advised of since the age of computing itself.
Image Credit: Wikimedia Commons http://bit.ly/1P1MB26