Star exposure no joke for cloud providers

Celebrity photo leaks point a lesson for a range services suppliers, says Mike Jackson

Suppliers of cloud services are bound by legal frameworks such as the Data Protection Act in the UK which requires them to ensure that data lodged with them is kept as safely and securely as it can be within the limits of current technology.

As even in the best-maintained systems problems still occur, suppliers should also make clear to customers what actions they will take when security breaches happen.

Much of the best practice in this area is set out by the Cloud Security Alliance, a not-for-profit organisation set up to promote security assurance within cloud computing.

The much-publicised failure of iCloud brings richer pickings for hackers.

It's clear that someone has been able to obtain private pictures of celebrities. We can't tell at this point whether this is as a result of many individual attacks on the computers owned by the stars, or the outcome of a single attack on Apple's iCloud.

From a hacker's point of view, there would be a lot of work involved in hacking into many individual machines, whereas a security hole in iCloud would mean that millions of pieces of information would become available at once.

Whenever you place information on a computer, that information becomes less secure. If you connect a computer to the internet, the security risk grows.

If you store information on a cloud service, you rely completely on the security measures of the service provider.

Once in the cloud, it's these security measures which make the difference between privacy and the whole world being able to access your documents and pictures.

Cloud services and IT suppliers should take note.

Mike Jackson is a professor of computing and director of academic quality and enhancement at Birmingham City University