What information do you and I entrust to cloud services?
We all like cloud services – for modern businesses, especially smaller businesses they give access to software, services and functionality that when we started Octagon Technology would have been beyond their reach.
Then there are the back-ups – in the early days of Octagon I can remember a job where we had to sort through piles of tapes the new client had been cycling for years – only coming to us when the server failed. The tapes were stretched and damaged.
More – what about Microsoft 365 or Google Workspace they are essential tools – and have grown more so since the pandemic – and handle our business information.
If (when) these services are breached what information is leaked.
Even leaked raw SQL data which at first glance looks useless can be reassembled into something that a black hat hacker could exploit, either directly or by selling to a data miner.
This article from the SANS Internet Storm diary demostrates this type of exploit.
Sensitive Data Shared with Cloud Services
Before using any cloud services check their terms and conditions and especially their security, encryption and back-up policies.
Not sure that this is worthwhile use of your’s (or a comsultant’s) time when big tech is involved? I will ask you this question. “Have you checked your responsibilities when it comes to your information stored in Microsoft 365?”
Clive Catton MSc (Cyber Security) – by-line and other articles
