TrustMeSecurity.com

Tim Anderson of IT Week has written a terrific article that highlights why online services need stronger security if business users are to entrust their critical data to the cloud. This is the very core of the services that TrustMe provides.

Marko Karppinen, who uses Apple’s .Mac online services, got a shock when he tried to log into his Apple Developer Connection account (see his blog here). He found that the password and the email address associated with his account had been changed. Apparently, someone other than himself contacted Apple’s Developer Relations unit claiming to have forgotten the password, and Apple responded by changing both the email and password without any further checks - ­ effectively handing over the account to the hacker.

No doubt this was an isolated incident, but it is one that highlights several security issues. First, it underlines the drawbacks of single sign-on. Apple is one of several IT giants offering a suite of services linked to a single user account. What Karppinen lost, as he noted in an indignant email, was not just his developer account, but files stored in the iDisk remote storage services, an iTunes account, personal email, and more. Single sign-on is convenient, but increases the risk to you, and the value to criminals, if that flimsy username and password combination is discovered.

According to an article from InfoWorld:

Gartner Research says 20 percent of the revenue of messaging security tools currently comes through the cloud delivery model. But this will jump to 60 percent by 2013.

Gartner defines cloud computing as a type of computing where IT-related capabilities are provided as a service using Internet technologies to multiple external customers. This delivery model is getting closer towards widespread acceptance, according to Gartner, because it allows enterprises to gain security services such as distributed denial-of-service attack (DDoS) protection without huge capital investments.