What Apple’s iCloud Means for All of Us

If you use Gmail, Hotmail or Yahoo, you know your email is accessible from any computer or smartphone. That’s because your messages are stored “in the cloud.”

What is iCloud? Apple puts it like this: “iCloud stores your music, photos, apps, calendars, documents, and more. And wirelessly pushes them to all your devices — automatically. It’s the easiest way to manage your content. Because now you don’t have to.”

If you take a picture on your iPhone, it appears on your Mac. If you write a document on your iPad, it appears on your iPhone. If you buy a song on iTunes, it becomes available on all your devices.

The cloud isn’t new, but when Apple pushes out a product, they often find a new and improved way to utilize existing technology.

iCloud was designed with three things in mind: convenience, portability, and consolidation. It allows you to keep your devices in sync, to access your data from anywhere, and do it all within a single, central hub. That last design feature gives Apple a certain degree of control over the user base.

Apple’s iCloud and its consumerization of centralized, cloud-based data and services will undoubtedly result in even more consumers connecting to even more devices.

Better yet, iCloud will spur even more innovation among Apple’s partners and competitors. Soon, we will see more products and services consolidated in “the sky,” which other cloud services will connect to. Consumers will also have more options for creating their own personal clouds, in the form of smarter home-based servers, making it easier to manage all of their devices and keep them secure.

And for all you PC lovers, there will surely be many more offerings to keep your digital life in sync, because, well, not everybody likes apples.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

 

How the Cloud Will Change Technology

You may have noticed that over the last decade, computers have grown faster and more powerful, with more RAM, bigger hard drives, and improved processors. This is made possible by the development of better, cheaper technology, coupled with a corresponding need on the part of consumers and corporations. It has also come in response to software developers, who have continued to introduce more complex and demanding programs.

Then, “the cloud” came along, and software such as office programs, contact managers, editing programs, and data storage went virtual, no longer requiring local computer space and speed.

As a result, old, slower PCs have a new life, and new devices like mobile phones, netbooks, e-readers, and tablets rely on the cloud to function as fully portable productivity tools and entertainment centers.

One of the cloud’s most significant impacts so far has been in music. Since the digitization of songs, we have seen dramatic changes in devices and hardware for music consumption, as well as in distribution mediums.

Last year, a Gartner report predicted that cloud-related spending would reach $258 billion by 2020. It accounted for $28 billion in 2010. This rapid increase should prompt investments in related technologies, applications, and services to account for 45% of all IT spending.

In the short term, as the cloud grows, more jobs will be created. In the long term, however, it is likely that many of the smaller administrative tasks that are currently performed on local PCs will take place in the cloud, managed by big companies along the lines of Amazon, Microsoft, Google, and even AT&T and Verizon.

The cloud will encourage the development of identification technologies designed to authenticate individuals online and via mobile and card technologies. The advantages and sheer connectedness facilitated by the cloud and our complimentary devices will ultimately allow for a more seamless and secure digital life.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

What to Look for In Cloud Security

Is your data in the cloud? Right now as we speak billions are being invested my major corporations to store and back up data in the cloud. It’s cheaper and it’s safer.

When you think of a cloud, do you picture fluffy white pillow-things that float in the sky without a care in the world? “The cloud,” as it relates to technology, actually refers to millions of servers, which may be owned and operated by either corporations or private individuals, sitting in homes and offices. We can only hope that they are under tight security.

Data stored on your computer is kept together, in one nice little controlled place. Whereas data stored in the cloud is spread out, all over the world. But what’s more secure, your local PC or a server in a dark room in Des Moines?

The reality is that all cloud-based data, just like local PC-based data, is vulnerable to physical theft if the building isn’t properly protected, power outages if there aren’t redundant power backups, natural disasters if Mother Nature decides to have a bad day, and criminal hacking through system weaknesses, phishing, and social engineering.

Then there is Murphy, of Murphy’s Law: what can go wrong will go wrong. And with technology, there is much that can go wrong. CNET recently reported that Amazon’s cloud was down for almost two days. “In April, the cloud storage service experienced a two-day outage that brought many Web site operations to a halt. When a cloud-computing provider has trouble, of course, it raises worries about the dangers of outsourcing operations to another company.”

Cloud-based data is vulnerable both in the cloud, where it’s stored, if it is not properly protected and encrypted, and in transit, via your own Internet connection.

Most cloud service providers won’t explicitly outline what they do to protect your data because it could offer potential hackers information on how to compromise their networks. But one provider for example promises “strict security policies, military-grade encryption, and world-class data centers for optimal data protection of your business’ computers and servers.”

Some providers offer two-factor authentication which is another good way to protect the integrity of cloud-based data, making hacking more difficult than obtaining a simple username and password.  To remind, two factor authentication means you have to use two different things to prove your identity.  Typically this is something you have, like an ATM card, and something you know like a PIN code.

Computer users are responsible for the security of locally stored data, and data that is transmitted via their Internet connection. They can avoid phishing and social engineering scams. But beyond that, they are reliant on the cloud provider to adequately secure their data. Have you checked with your cloud provider yet on their security measures?

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Tracking Lost or Stolen Devices

Lost your iPad? Someone steal your iPhone? Can’t find your laptop? Misplaced your Android phone? You can call your phone and hope it rings, but maybe it’s on vibrate, or miles away. If your car gets broken into and your laptop goes missing, what do you do?

There are plenty of software programs that can track your device, using location data such as GPS and IP addresses to pinpoint it on a Google map. Some services can even activate the laptop’s webcam to take snapshots of a thief!

Prey Project works on MacBooks, Windows, and Android to keep track of your phone or laptop at all times and to help you find it if it ever gets lost or stolen. It’s lightweight, open source software, and free for anyone to use.

Find My iPhone is a free application that can be enabled on your iPhone or iPad. You’ll need a MobileMe or iCloud account to sign in from your iPhone, iPad, or any computer, to display your device’s approximate location on a fullscreen map. Find My iPhone also allows you to send a message to whoever may have found the phone, and if you’re near your phone but can’t find it, Find My iPhone can override your vibrate setting and emit an alarm. In a worst-case scenario, this application can remotely wipe your phone’s data to help prevent identity theft.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hackers hacking hotels on CNBC. Disclosures

Back Up Google And Facebook Data

We are increasingly reliant on online calendars and address books, but when you store everything in the cloud, there is the possibility that your essential data could evaporate.

Some insist that you have nothing to worry about but what if you got hacked and all your data was deleted? What if you temporarily lost Internet access, but you need your contacts or calendars?

Backing up any type of vital data is always a smart decision.  Here’s a few simple and inexpensive tools to back-up data you’ve stored in the cloud:

MyCube Vault, for Mac or Windows, is a free utility that backs up your Facebook data, Google Contacts, and Picasa photos and albums at regular intervals. You choose how frequently and where your data should be saved. Once you have installed the app and authorized it to access each of the services you want to back up, the process is painless and automatic. If you’re concerned about downtime or wary of keeping your data in the cloud, MyCube Vault is worth a look.

Backupify, for Google Apps, keeps independent backups of all your Google Apps data, where it can’t be stolen, corrupted or deleted, even by your own domain users. You can search, download, and restore your Google Apps data any time. Backupify offers a free trial.

In addition to using a cloud-based backup storage service, you should also back up this data locally on an external drive.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hackers hacking hotels on CNBC. Disclosures

Online Payment Alternatives to PayPal

I’m a little more than a casual online shopper, so I make lots of electronic payments. I prefer to avoid stores, so I buy almost everything aside from food via the Internet. I frequently use eBay. I’m also something of an airline mileage fanatic, so I prefer to pay with a credit card that earns me miles and free upgrades.

PayPal is great but the various fees they charge you to receive payments are not so great. And if, like me, you prefer not to connect your PayPal account to your bank account, they certainly don’t make it easy for you.

You can link your PayPal account to a credit card, but once you’ve spent or received a total of $10,000, you are required to connect a bank account. PayPal will draw funds from that bank account from then on, which means no more credit card rewards. If you look closely, there is an option for PayPal to draw funds from your credit card instead, but it’s an obscure link that most people miss.

PayPal’s ubiquity makes it hard to avoid, but there are a few other options.

Amazon WebPay allows you to make online or mobile payments using your email address, just like PayPal. This is a no-brainer. There are no fees for sending or receiving money, and you can add funds with a bank account or credit card. Not everyone accepts Amazon WebPay, but I use it whenever it’s an option.

Square is an application for Android and iPhones. The app, along with Square’s external attachment, turns a mobile phone or tablet into a credit card terminal, allowing anyone to accept person-to-person payments. I use Square when someone owes me money after a night out. Instead of splitting a dinner check with a large group, I can pay with my card and everyone else can pay me. There is, however, a 2.75% fee per transaction.

Dwolla charges a 25-cent fee for each transaction, which can take place online or at a brick and mortar store. Their mobile application allows smartphone users to find nearby merchants that accept Dwolla.

Take five or ten minutes to investigate each of these options in order to determine which makes the most sense for your particular online payment needs.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hackers hacking hotels on CNBC. Disclosures

Signals of PC Failure and Contingency Plans

Has your computer ever refused to turn on when you hit the power button? Or maybe it turned on, but only to display a blue screen? The best (really the worst) is when you’ve been working on a document or presentation all day, and your hard drive crashes.

If this has yet to happen to you, you’re likely overdue. The following signs indicate your computer may be close to death:

  • A blue screen is often a sign of a driver conflict or hardware issue. When your formerly fully functional PC displays a blue screen informing you that a serious error has occurred, it could mean total failure, or require a simple reboot.
  • Lengthy start up or shut down times may mean that your computer is overwhelmed by too much software, or particular programs are not shutting down properly. Or it could mean that motherboards or hard drives are not long for this world.
  • If you hear strange noises, like beeping, whirling, or grinding, during startup or when computing, this may be a sign of hardware failure.

If you fail to plan, you plan to fail. Like a Boy Scout, be prepared. Here are a few things to keep in mind to prepare you and/or avoid issues with your computer.

Back up your data. There are many options for real-time automatic backups to the cloud, as well as for local backup. Combine both, and you’ll never lose your data.

Back up your set-up.  A great way to do this is by using something like Belarc Advisor, a free program, to take a snapshot of all your software and serial numbers. Set a monthly reminder to take two minutes and do this manually. It will provide an easy guide of what to install when you replace your computer.

Replace your personal computer every two to three years. If you are a casual user, you can ignore this. But if you’re on your PC for four or more hours a day, it will need to be replaced eventually. And setting up your new PC will be far easier to do if the old one is still functioning.

Computers are like shoes. They wear out, and replacing is preferable to repairing. And like shoes, once you break your new computer in, you’ll be happy.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hackers hacking hotels on CNBC. Disclosures

Mobile Banking More Secure Than Computer E-Commerce?

Mobile banking is on the rise for more reasons than convenience sake. In truth, it’s more secure than traditional online baking.  Accessing your banks mobile website or using your banks mobile application is inherently more secure than using a computer.

Why?

Computers are big targets for thieves. PC’s mostly run on Microsoft’s most hacked operating system, they typically contain a great deal of data, and they are vulnerable to viruses created by criminal hackers. Over the past decade criminals have learned the ins and outs of exploiting online banking using PC’s. In the past 15 years or so, the desktop computer has been hacked in every possible way, making the computer and the data it contains and transmits extremely vulnerable to fraud.

Mobile banking on the other hand is relatively new – the operating systems vary, viruses and other malware aren’t as prevalent and the technologies in handsets themselves vary greatly among manufacturers.

Computers are still the “low hanging fruit” while mobile phones aren’t as attractive due to computers being so vulnerable.

The mobile carriers’ networks are more difficult to hack than your home or local coffee shop’s wireless network. Mobile carrier services like 3G have a much higher level of encryption and aren’t open like broadband internet. Meaning you can’t just jump on someone’s 3G connection in most cases.

With mobile banking there is the added benefit of additional layers of authentication, in which the account holder authorizes various transactions via text message or call backs with an additional code, making mobile banking even more secure.

As mobile banking becomes more popular, investigate it and try for yourself. You will love the convenience and appreciate the security.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto.

The Benefits of Multifactor Authentication

The Federal Financial Institutions Examination Council (FFIEC), a formal government interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions, recently issued a supplement to the 2005 document “Authentication in an Internet Banking Environment” effective January 2012. The FFIEC has acknowledged that cybercrime is increasing and financial institutions need to increase their security and that of their customers.

Specifically the FFIEC states: “Since virtually every authentication technique can be compromised, financial institutions should not rely solely on any single control for authorizing high risk transactions, but rather institute a system of layered security, as described herein.”

This means the simple “username/password” combination for accessing your online banking is ineffective. And that banks should “adjust their customer authentication controls as appropriate in response to new threats to customers’ online accounts” and “financial institutions should implement more robust controls as the risk level of the transaction increases.”

The FFIEC’s previous statement implies it is encouraging the use of dual customer authorization typically seen when using digital security devices including smartcards and password generating key fobs.

This is where multifactor authentication comes in. Multifactor is generally something the user knows like a password plus something the user has like a smart card and/or something the user is like a fingerprint. In its simplest form, it is when a website asks for a four digit credit card security code from a credit card, or if our bank requires us to add a second password for our account.

Some institutions offer or require a key fob that provides a changing second password (one-time password) in order to access accounts, or reply to a text message to approve a transaction. All of this extra security is good for you.

Like Mom used to say, “Broccoli: like it or not, it’s for your own good.”

These measures provide layers of protection, which allow you to enjoy the convenience of online services with minimal risk. The benefits of logging in online and adding an extra code is far more convenient than schlepping all the way to the bank in person.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto.

5 Security Considerations for a Mobile Phone

Nielsen reports “We are just at the beginning of a new wireless era where smartphones will become the standard device consumers will use to connect to friends, the internet and the world at large. The share of smartphones as a proportion of overall device sales has increased 29% for phone purchasers in the last six months; and 45% of respondents indicated that their next device will be a smartphone.”

Mobile users have recently captured the attention of cyber criminals. The Department of Homeland Security and the STOP. THINK. CONNECT. program recommend the following tips to help you protect yourself and to help keep the web a safer place for everyone.

You can protect yourself from cyber criminals by following the same safety rules you follow on your computer when using your smartphone. These rules include:

Access the Internet over a secure network: Only browse the web through your service provider’s network (e.g., 3G) or a secure Wi-Fi network.

Be suspicious of unknown links or requests sent through email or text message: Do not click on unknown links or answer strange questions sent to your mobile device, regardless of who the sender appears to be.

Download only trusted applications: Download “apps” from trusted sources or marketplaces that have positive reviews and feedback.

Be vigilant about online security: Keep anti-virus and malware software up to date, use varying passwords, and never provide your personal or financial information without knowing who is asking and why they need it.

Don’t jailbreak an iPhone: Most of the infections that have plagued iPhone users occur when the phone is jailbroken. Jailbreaking is the process of removing the limitations imposed by Apple on devices running the iOS operating system. Jailbreaking allows users to gain full access (or root access) to the operating system, thereby unlocking all its features. Once jailbroken, iOS users are able to download additional applications, extensions and themes that are unavailable through the official Apple App Store.” Jailbroken phones are much more susceptible to viruses once users skirt Apples application vetting process that ensures virus free apps.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto.