The other day I was invited to a Hang Out on Google + where several IT Pros and a couple of journalists discussed storage issues. One of the topics that came up for discussion was how to secure your content.
After listening to some very insightful discussion about how to do it, I added that you probably can’t secure your data. Do I hear your scoffing? It’s true. When hackers like Anonymous get inside some of the most secure facilities on the planet (or ones that we think are anyway), you have to wonder just how secure any site is.
And that was driven home in a big way when eCommerce site Zappos, which is owned by Amazon (ouch) had a major data breach last week involving 24 million customers, exposing their passwords. Fortunately for them, no credit card data got out, but it was a major embarrassment nonetheless for Zappos and its corporate owner Amazon.
Meanwhile, as I was writing this yesterday, Anonymous–apparently upset that the feds arrested four principles at file sharing site, MegaUpload and shut down the site—went on a hacking rampage attacking the White House, the Department of Justice, The US Copyright Office and the RIAA and the MPAA (among others) for good measure.
Do you suppose you have the same stringent security measures as say, whitehouse.gov, a site that is probably relentlessly attacked by hackers every hour of every day?
Chances are you don’t, and yet you probably believe that your site is secure. I have a friend who refers to airport security as “security theater.” It’s a nice veneer, but is it really keeping us safe? It’s probably similar theatrics in your data center, given how easily Anonymous can have its wicked way with just about any network.
Sorry to be so blunt, but let’s face it, the entire Internet security infrastructure is vulnerable. One day it’s the White House, another it’s Zappos. When is it your company’s turn to play security breach roulette.?
You think you have control of the situation, but the fact is, you probably don’t . I’m sure the IT pros at Zappos and The White House thought they too had it under control, but until we face the fundamental flaws that appear to be inherent in across all networks, we will continue to see these types of breaches — and I hate to say it, but you could be next.