The Implication Of Consumers Not Having Their Heads Online

Customers CAN Better Protect Themselves

The majority of cloud consumers don’t understand what cloud is let alone what the implications of transacting in the cloud or of having their data and digital assets stored in the cloud. As a result most consumers are their own worst enemy when it comes to putting themselves at risk in the cloud. The ramifications of not understanding the risks can result in anything from consumer data exposure or loss of digital assets, to online reputation damage or worse still, incurring the same for their children. The good news is with a few tweaks consumers can better protect themselves.

Read up!

Most explanations of cloud are geared at technical business users and very few are aimed at consumers. In fact, Katie Couric’s very recent The Cloud Explained is one of the very few pieces that I have seen that describes cloud in its simplest incarnation as a network of computers and in a way that most non-tech, savvy consumers can easily digest. I strongly encourage consumers to find a starting point on the web that they can easily digest and over time to gain as much knowledge as they can of the cloud services they use.

What is your Cloud Blueprint?

Cloud is something that become an increasing part of our reality and may have sprawled into a number of different, though very useful services. In fact, we have reached the inflection point where it would be difficult to opt out of having some aspect of one’s life in the cloud. Some consumers may have been initially conscripted into a cloud service without their explicit consent. It may have happened, for example, as their utility company moved its infrastructure to the cloud, or through their doctor’s office now using online appointment settings or through their mobile phone synching settings, even for those who may not necessarily opt to have their information backed up to the cloud. Then there are those who have opted to use cloud storage services knowingly. It may have started with backing mobile phone or computer storage settings to the cloud for assets like songs, photos, videos and documents or even using online applications and sharing tools such as Facebook. However, consumers started out in the cloud it’s probably a good time to mentally audit their cloud services to understand which services are storing, transacting or have access to their data or other digital assets.

Try to find secure cloud storage options

The proliferation of cloud services has resulted in many cloud providers, especially storage providers who have differentiated their services on security. For those using cloud services to store photos, documents and other personal assets there are providers who offer encryption services or those that allow for a layer of encryption to be easily added. Such a layer of security could protect against personal digital assets being hacked into or even accessed accidentally by others.

Connect securely to cloud services

Many consumers find managing passwords a nightmare and despite the well publicized dangers associated with using “password” or sequences of letters and numbers, too many consumers often resort to just that. Consumers need to find something that is memorable to them that others would find extremely difficult to guess. A password phrase like “IstartedskatingwhenIwas15” might be difficult for both friends and hackers to guess but personal enough for the consumer to remember. Consumers also often don’t understand the risks of sharing passwords with family and friends but they need to treat their passwords as a penultimate secret. It is careless password management or lack of a strong password that create the biggest vector for hackers looking for credit card data or other sensitive personal information.

Where possible consumers should also connect using two-factor authentication to cloud services.

Included is an image provided by https://twofactorauth.org which offers a nice list of sites currently offering 2FA.

2-factor-sign-in

Two-factor authentication provides stronger identification of users by requiring two different identity components. A good everyday example is the identification banks require for withdrawing money from a cash machine – the correct combination of a bankcard and a personal identification number (PIN).

Be cautious about oversharing on social media

Most consumers don’t associate social media sharing tools as a cloud service but it is. Oversharing on social media has also become a problem also for businesses who often find that workers blur the lines between their work and their private lives. My guidance to consumers is to only share on social media what they don’t mind sharing about themselves publicly. This advice even goes for photos for which one’s settings may be only family and friends, but over time through other people’s shares may be more broadly circulated.

Cloud is our new digital reality and for the most part the convenience benefits outweigh the risks. The tweaks that I have suggested above are a starting point and by no means a comprehensive list. Finally, remember that different consumers will have different thresholds for data security and privacy so there isn’t a single blueprint that applies equally to everyone.

By Evelyn de Souza

Gary Taylor
Hybrid Worker Risks Organizations are under pressure to secure their remote workers, but they are also worried about the potential impact on user experience. Can they have it both ways without compromise? The pandemic has ...
Gilad David Maayan
Cloud Security Posture Management Cloud Security Posture Management (CSPM) enables you to secure cloud data and resources. You can integrate CSPM into your development process, to ensure continuous visibility. CSPM is particularly beneficial for DevOps ...
Frank Suglia
Managing Data Sprawl Over the last two years, our world experienced a dramatic acceleration of digital transformation. The COVID-19 pandemic upended normal operations for many businesses and shifted the pace of technology adoption into warp ...
Gary Bernstein
Managing Your Internal IT Your company's internal IT team is responsible for keeping things running smoothly, and they deserve all the support you can give them. Here are ten ways to make their lives easier ...
Rakesh Soni
Businesses now see the cloud as a standard, and they are always on a hunt for ways to leverage the cloud to its full potential. And if enterprises need to be competitive in the ever-expanding ...

SECURITY TRAINING

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.

  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.