News broke late last month that files were found online containing 68,680,741 Dropbox user accounts plus their salted and hashed passwords. This was linked to a data breach that took place in 2012.
Back in 2012 it was speculated that Dropbox had been hacked, although the company denied it at the time. Dropbox contacted an unknown number of users explaining that an employee Dropbox account had been accessed with a stolen password and this contained “a project document with email addresses”. Dropbox went on to apologize and state they had “put additional controls in place to help make sure it doesn’t happen again.”
When security software firm Trend Micro calls for Windows PC users to uninstall Apple’s Quicktime video software, it’s time to listen up.
What is QuickTime? It’s Apple’s cross-platform software that runs video, sound, animation, graphics, text and music. QuickTime can be used to play content on Mac OS and Windows computers. In this case, the advice to remove Quicktime from computers only applies to QuickTime on Windows computers.
Why the rush? Why delete QuickTime on Windows?
TrendMicro cites two reasons for their urgent call to action:
- Apple is ending its support for QuickTime on Windows. The company will no longer be delivering security updates for the Windows version of the product
- TrendMicro has discovered two new security vulnerabilities in QuickTime on Windows
These ‘gaps’ in security could be exploited by hackers, enabling them to take control of a user’s computer.
I know what it’s like to have the company on your shoulders, to ultimately be responsible for each decision and action taken in the business. That’s your job as a CEO or Company Director. You are already juggling requests from employees and keeping an eye on sales and marketing budgets, invoices and administration. On top of all this, do you really need the headache of managing compliance with Data Sovereignty laws?
You need to know where the data is
Where in the world is your company data? Like many businesses, you might be taking advantage of the low cost and easy scalability of cloud storage. In addition to IT infrastructure cost shifting benefits and low cost storage, using cloud based storage boosts the productivity of your staff, enabling them to work from anywhere and on any device.
However, when your staff upload company files to the cloud – hopefully to a company controlled cloud and not to their own personal cloud storage accounts, such as a personal Dropbox or Google Drive account – company management should be asking: Where in the world is our data?
Mossak Fonseca “has now become a poster child for the shortcomings of widely relied upon security solutions,” wrote Seclore chief executive Vishal Gupta, in an email to SCMagazine.com. “Unless data-centric security solutions capable of persistently controlling use of documents are in place, there is very little likelihood Mossak Fonseca, or any data breach victim, can remediate the damage done from this incident.”
The Panama Papers leak is the largest data hack and information leak in history.
According to Wikipedia, the leak has resulted in the release of 11.5 million confidential documents. These files provide detailed information about legal and financial dealings of more than 214,000 offshore companies listed by Mossack Fonseca, a Panamanian law firm and corporate service provider. The scale of the breach and the contents of the secret documents has implicated high profile individuals and corporations in the use of complex company structures to avoid taxes, launder money and circumvent financial sanctions.
On 6 April 2016 Ramon Fonseca, a partner at Mossak Fonseca, stated that the leak was not the outcome of an ‘internal job’ but was the result of a hack traced to servers located abroad.
In late March/ early April the company reportedly sent an email to its clients saying the security of its files had been compromised after “an unauthorised breach of our email server”.
The developers of Australia’s only File Sync + Share solution – CloudFileSync – hosted Hon Philip Dalidakis, Victorian Minister for Innovation, at their Richmond office today.
Welcoming the Minister, Regan McKay, founder and Chief Executive Officer said: “We built CloudFileSync to solve the challenges businesses face when employees need to access, share and collaborate on files. Our software works on any phone, tablet, computer or web browser. With CloudFileSync, businesses have full visibility of file sharing and file storage, plus all file storage and sharing is protected with bank level security.
Your staff are on the front line when it comes to protecting your business’ data. But, how well prepared and resourced are they to act as your cybersecurity guards?
Cybersecurity threats come in many shapes and your business can be exposed through various ‘threat vectors’. Often your staff are among your most vulnerable breach points. These risks are exacerbated when they don’t have the tools they need to do their jobs.
Cloud storage and file sharing apps allow your staff to access, sync and share large files with people at work, as well as with clients and external suppliers from anywhere and on any device. Using these services can boost the productivity of your staff, especially when they are traveling or working away from the office.
But, if your employees are using unsanctioned, third party file storage and sharing services, your business could be exposed to data security risks, loss of data ownership and potential breaches of privacy and other legal obligations or industry standards.