Can You Really Trust Apple To Protect Your Customer's Mobile Data?
By Jay McCall
I read an interesting story recently about how an editor at Gizmodo had his digital identity stolen. The hacker gained access to his Twitter account, his Gmail account, and his Apple account. After the security breach, the hacker deleted the victim's Gmail account, posted messages on his Twitter account, and even went so far as to remotely wipe out his MacBook, which contained more than a year and a half of family photos that weren't backed up anywhere else.
Where was the point of vulnerability? According to the hacker, who messaged the victim after the attack, he started with the victim's Twitter account and worked backwards, eventually leading to the goldmine: the victim's AppleID account.
Here's the bottom line from the victim's experience after contacting Apple and trying to regain control of his digital life: There is a huge disparity between what Apple says it does to protect your account and what it actually does to protect you. Basically, if a hacker knows someone's name, address, and the last four digits of their credit card, he or she has enough information to break into most Apple accounts, unless additional security measures are put into place.
I think it's important to share these kinds of stories with your customers who are bringing their consumer devices to work and intermingling corporate applications and data with consumer-based cloud backup services (e.g. SkyDrive, DropBox, iCloud) and to make them aware of how serious this issue really is. Even though Apple makes great products and has millions of devout followers, there is a big difference between storing data in iCloud compared with a business-class cloud data center.
As frustrating as it would be to lose year's worth of digital family photos, it's a whole other matter to have customer or patient data get compromised. Besides the potential fines for not complying with industry regulations, your customer's business reputation could be seriously tarnished, which means that not only could current customers leave in droves, but future customers will be much more difficult to attract. Those reasons alone should be enough to convince them why they need to entrust their data to a professional rather than taking matters into their own hands. And, paying for business-class cloud storage and monitoring is money well spent.