Tuesday, June 7, 2011

Will iCloud be the next target for hackers?

With Apple's announcement of iCloud at WWDC on Monday, the migration
of data and assets to the cloud space seems to be accelerating and
irreversible.
iCloud's massive online storage system allows users to access their
data from any decive connected to the Internet. You can access your
music library, documents, photos, and all contents from any iOS
device, from anywhere. In an era where everyone juggles multiple
devices, iCloud answers the hassles of keeping all your devices in
sync.

With recent security breaches in RSA, Sony, L3 and other big name companies, can AAPL be the next target?

Personally, I believe that AAPL should leverage two factor authentication and encrypt data with FIPS 140-2 Approved algorithm.  At this point, only apple ID is used for the authentication. This could be a brute force target for the hackers.

Also, AAPL should evaluate a good Identity and Access Management solution to provision the user and provide attribute based and fine grained access control. With the cash from its line of business, it is not too late for AAPL make good investment in the cloud security before AAPL become the front page of Washington Post due to security problems.

No comments:

Post a Comment