Somehow the titans of Silicon Valley have managed to avoid some of the risqué scandals inherent in being a Hollywood celebrity so when those two worlds did collide – it was quite an outrage. In early September 2014, the media (including entertainment, technology and business) all reported that nude celebrity photos, allegedly from an Apple online service called iCloud, appeared much to the amusement of many – even Twitter.
The Wall Street Journal said, “…reports…suggested hackers accessed the photos through Apple’s iCloud system but Apple has denied that its online system had been breached.” Over the past few weeks, the Wall Street Journal said that people’s love for the Apple brand diminished a bit but because the proof of Apple’s involvement is scarce, Apple’s beloved reputation is still in-tact.
The interesting discussion is, while this was clearly the work of hackers many experts in the media are using this incident to demonstrate how vulnerable we all are when we use the cloud to post our photos or even important documents. You see, at any time a smart hacker or cybercriminal can grab your cloud-based postings – credit card account numbers for instance. For celebrities such as Jennifer Lawrence, whose naked photo was part of the scandal, brand, reputation and embarrassment is in order. For “regular” people – financial, personal and business reputation risk is also at stake. “We should expect to see a flood of litigation surrounding this leak,” explains Adam Kutner, a prominent Las Vegas personal injury attorney.
According to Entrepreneur magazine, Twitter users are treating the incident with much levity. “Twitter users are … posting pictures of the amusing, strange and downright embarrassing things that would be exposed to the public if their phones were hacked. The images, uploaded with the hashtag #Ifmyphonegothacked, include a man kissing a horse, a dog posing 'that time she got a bad haircut' and the Star Wars character Chewbacca playing the cello.”
“Anonymity has allowed the most unscrupulous individuals to post the most damaging content under the protection of the Communications Decency Act,” says Todd William, founder and CEO of Reputation Rhino, an online reputation management company in New York.
Entrepreneur warns, “Virtually everyone depends on the cloud to share sensitive information, but now we know that whether it’s sensitive pictures or critical business plans, it’s all potentially vulnerable.” As such Entrepreneur notes that “real people” who potentially own businesses must take a strong interest in security and privacy and demand “…end-to-end encryption and two-factor authentication for every service we depend on.”
Scared? Everyone should be cautious if not slightly afraid. Entrepreneur and other technology and business experts suggest the following:
1. Make sure you know what is in the cloud. For example if you send sensitive information – while it is in the cloud (which means the information is stored in a remote server managed by another company other than yours) know that “…you and your employees may be inadvertently sending sensitive data to insecure servers,” reports Entrepreneur.
2. Make sure to use end-to-end encryption for email. As we touched on before, using any cloud service from Gmail to Outlook, make sure the information is encrypted. Most e-commerce technologies are encrypted, but as we all know from heartbleed and Target – nothing is safe forever.
3. Have a strategy if data is compromised. When sending sensitive information (whether naked photos or mission critical information for business) have a strategy in place if you find your data is compromised. You can do this by making sure your solution providers and tech vendors are using safe services and that they can fix and identify red flags for you even before you are aware of a security breach. Although leading enterprise software companies like Altibase, IBM and SAP Hana are implementing best-in-class data security measures, small and midsize businesses need to continually review their existing cybersecurity strategy. Security data breaches can be harmful and expensive, so having a “damage control” plan for just in case is a strategic tactic all businesses, regardless of size should consider.
So in conclusion, the Des Moines Register says it the best: “… Unless you’re in the (show) business, never exchange erotic photos with a significant other or any other. And don’t store them digitally (either). In fact, don’t take them.”