Although cloud-based file storage services have long been popular among Internet users, the indisputable convenience of such services is to some extent offset by a number of risks.
An example of these risks include the fact that many users follow the advice of gurus and store scans of their passports and other documents in the cloud – though sometimes vulnerabilities in the service jeopardise the security of their personal data. At the same time, using cloud technologies for purposes other than those for which they were designed can do even more harm. For example, it's easy to find sets of instructions for computer owners who want to use such services effectively to remotely control and monitor their machines, control torrent downloads etc. By following these recommendations, users inadvertently create different kinds of security gaps which can be easily exploited by cybercriminals – particularly in the case of targeted attacks.
One possible scenario is cybercriminals gaining control of an employee's laptop via a Dropbox client installed on it. This could happen when the employee is away from the office. If infected documents are placed in cloud folders, Dropbox will automatically copy them to all devices connected to the corporate network that also run the same service. Dropbox is not unique in this respect – all popular cloud storage applications, including Onedrive (a.k.a. Skydrive), Google Disk, Yandex Disk etc., have automatic synchronization features.
After analysing data from consenting
"A careful analysis of statistics has shown that the risk of the corporate network being infected via cloud storage is currently relatively low – one corporate user in 1,000 risks having his or her computer infected during a one-year period. However, it should be kept in mind that, in some cases, even one infected computer can result in an outbreak engulfing the entire network and causing significant damage. Configuring the firewall to block access to these services is a painstaking process, which requires constant updates of firewall settings." commented
A standard recommendation for system administrators in this case is to install a fully functional security suite featuring heuristic and behavioral antivirus protection, access control (HIPS), operating system control (System Watcher or Hypervisor), protection against vulnerability exploitation, etc. on each workstation on the network.
Most Popular Stories
- Bolivar Appointed to NSHMBA National Board
- When to Say No to Investors, Yes to Mentors
- Duke Energy, Strata Partner on Big Solar Project
- Rosneft Growth Slowed by Western Sanctions
- SBA Kicks off Hispanic Heritage Month
- Lindsay Lohan Claims She Handled Whitney Houston's Body Bag
- Ukraine Offers Temporary Autonomy to Rebel-held Areas
- Bently Creates Alabama Small Business Commission
- Creepers! Microsoft Buys 'Minecraft' Maker for $2.5 Billion
- Thousands Risk Losing Health Care Aid