The reading notes record thoughts from things I read. 這網誌是我的一些閱讀後的思考和摘要記錄。My website 我的網頁: http://raympoon.playgroundhk.com

Protect your cloud data

Cloud computing is the order of the day.  It is receiving much attention and many companies have moved their IT platform to the Cloud.  However, the fact that the core of Cloud computing is to relocate your data away from you has created a sense of insecurity for many.  Security measures for the Cloud have been well developed; but this cat and mouse war will never end.  All advices say that one has to be prepared for the black swan, and be aware that the weakest link in personal data security is yourself.

Recently, CNN has an article offering some tips on cloud security.  Surprising, it came from an IT expert who himself suffered from a careless mistake.  You may wish to take a look at this article.

Here are five useful tips that are worthwhile to follow.

1. Backup everything — in the cloud and on the ground.
Although it is convenient to have your data in the cloud, to be accessed anywhere and with different devices, it is important to have them backed up elsewhere.  Cloud providers will back up their data in order to maintain a quality and uninterrupted service.  But when someone else, or yourself, messed up the data, the corrupted data will also be put as back-up copy.  Harddisk storage is now very cheap.  It is a good practice to spend a little time to back up your cloud data on your own harddisk regularly; better still, back up more than one copy.

2. Use a bunch of different passwords.
Always use different passwords for every single online account.  It is obvious that this can protect you from every account being hacked should you accidentally leak one password.  Too many passwords may be difficult to remember.  You can devise a secret system yourself for password allocation, or use a password management service available in the market.  The simplest way is to write the passwords down in one place.  But be careful of how you write it so that other people cannot understand should the paper be stolen.

3. Don’t link all of your accounts together.
This is daisy-chaining.  If you use Facebook, Twitter or Google to log in to other social networks or websites, you may run the risk of all those accounts being compromised at once.  It is convenient to link accounts sometimes, but you should try to think like a hacker when you are doing it.  Try not to link accounts with important information with others.

4. Use two-factor authentication on Google and Facebook.
This one is vey useful.  Both Facebook and Google offer two-factor authentication or sign-in.   For Google, you will be sent a code via text or voice message as second authentication when you sign in.  You will then need your password and the code to log into your Google account from an unfamiliar computer if you have two-factor authentication turned on.  Facebook has a similar feature called Login Approvals.  It is used when you log in from an unfamiliar computer.  Some other services, including Amazon and WordPress have two-factor authentication.  Turn them on for extra protection.

5. Don’t use ‘Find My Mac’ on Apple computers.
If you use “Find My Mac,” which is designed to help you locate your laptop in the event of a theft, you run the risk that a thief or hacker could wipe it clean, which is what appears to have happened to the writer.  When you perform a remote hard drive wipe on Find my Mac, the system asks you to create a four-digit PIN so that the process can be reversed.  But if someone else who gained access to your iCloud account through malicious means performs that wipe, there’s no way for you to enter that PIN.