Not all forms of cloud computing are the same. In general, private clouds (a hosted infrastructure or solution built for a single organization) are more secure and reliable than public clouds (a pre-existing web-based service that any user can sign up for). Private clouds not only have more in-place data security than public clouds, they can also be customized to include advanced protections such as firewalls, antivirus, and content filters.
Perhaps nothing has illustrated the differences in security between private and public clouds as starkly as the recent hacking of the journalist Mat Honan. The ex-Gizmodo reporter described in an August 6 Wired article how cyber-thieves infiltrated his public cloud Amazon, Google, Twitter, and Apple accounts. The hackers changed all of his passwords, posted obscene messages to his Twitter feed, and deleted all the files on his phone and laptop, including the only copies of photos of his infant daughter. The attackers breached his accounts by exploiting the weak security controls and impersonal customer support of the public cloud providers. One of the hackers actually contacted Honan afterwards and explained step-by-step how they infiltrated all of his accounts:
-The hackers visited the reporter’s personal website linked to his Twitter page and found his Gmail address.
-Using the Gmail account recovery interface, they were able to find out his secondary email (where the public cloud service would send a password reminder or a new code), which was an iCloud address.
-The hackers found out Honan’s home address from an online search. They then called Amazon’s customer service and supplied a fake credit card number and the reporter’s name, email, and address in order to gain access to the account. From inside the account, they were able to view the last four digits of all Honan’s real credit cards.
-Finally, they called Apple customer support and provided Honan’s iCloud address and the last four digits of one of his credit cards to receive a new password. With access to his iCloud account they were able to request a new password for his Gmail account. And with access to his Gmail account they were able to request a new password for his Twitter account. Through iCloud the hackers were also able to remotely delete all the files on his iPhone, iPad, and MacBook.
A private cloud would have prevented this attack in several ways. First, private clouds do not have the same automated account recovery process as a public cloud service. To receive a new password for a private cloud solution users have to contact the hosting provider directly and identify themselves. The user population of the service may be small enough for a technician to remember an individual user’s voice or writing style. Otherwise, the unknown phone number or IP address of the hacker will tip off the technical support personnel to the scam.
Second, private clouds have automated breach detection and notification systems. These programs search for and detect unusual behavior (unknown IP addresses, strange login times, mass deletions or migrations of data) and send alerts to the on-duty technical personnel. And unlike public cloud technicians that have to monitor and support millions of different users at the same time, the dedicated staff of private clouds can actually respond to a breach quickly enough to prevent or mitigate data loss.
Third, even if hackers were able to infiltrate a private cloud, they could not have permanently deleted its files in the same way they wiped Honan’s iCloud. Most private clouds provide automated and complete data backups for all users.
With security features that include around-the-clock monitoring, dedicated technical support, and full daily backups, IronOrbit’s private clouds offer the best protection from threats like the Honan breach. Whether your organization requires the data security equivalent of a picket fence or a fortress, IronOrbit will design and build your private cloud to match your security requirements. Don’t risk your data with a public cloud—trust with a private cloud from IronOrbit.