The Business-Technology Weave

Apr 18 2011   9:40AM GMT

More Clouds in the Cloud – Consider DropBox



Posted by: David Scott
Tags:
application as a service
cloud access
cloud applications
cloud apps
cloud security
cloud services
cloud vulnerabilities
computing as a service
data as a service
hardware as a service
IT security
platform as a service
software as a service
the cloud

 

I hate to sound prescient, but these Cloud apps, services, and storage areas really do present risk.

 

At the same time, The Cloud ain’t goin’ nowhere.  Further, folks are going to continue taking advantage of the free and low-cost solutions there, and their ability to make solutions and enablements readily available virtually anywhere – quickly.

 

However, as I state very plainly in  I.T. Wars,  powerful enablements come with what can be extreme liabilities.  You must carefully manage potential liabilities, and while The Cloud is hardly unique in this respect, realize that standard recognitions like maintenance, survey, repair, and safeguarding may be totally out of your hands.

 

Deep breath.  Relax.  Fresh cup of coffee… (ahhhh… coffee.  Is there anything it cannot do?).

 

I was tempted to call this article, Dropping DropBox.  But, I rather like DropBox, and have to use it with some clients who use it.  Again, to reinforce something we said a couple days ago:  Even with a free service, be certain to weigh ROI against TCO.  See the bottom of this article concerning ROI and TCO, as necessary.

 

The purported problem with DropBox is the way it authenticates users, and thus the subsequent allowance (authorization) to files:  It uses a hexadecimal code – a “hash code” – stored as plain text, on users’ hard drives.  Anyone breaching and obtaining this code has access to a user’s account – and files.

 

Further, in case you’re a DropBox user and are rushing to change your password – it’s immaterial:  A fresh password will not obviate third-party access via the hashcode.

 

This security liability, involving a pre-eminent Cloud app and data repository, really hammers home the point we’ve been making here in The BTW:  Be careful about where you procure and place your “solutions” involving storage, process, accessibility, and so on.  Do your homework.

 

Remember that clouds rain every once in awhile… including The Cloud.

 

 

A Couple days ago:  In 1954, Joe Turner releases “Shake, Rattle & Roll.”  Check out the original.  (Didn’t get around to posting this one, but had to still acknowledge Joe).

 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: