On 8/7/2014 gardenman said: As long as data has value people will be looking for ways to get it and profit from it. Back in the old days when people had paper receipts for credit card transactions there were people actively searching trash containers for those receipts and the data on them. A fully up to date, well maintained computer system is pretty safe these days, but a whole lot of people/places use older systems that have vulnerabilities.
My mother just got out of a rehab facility after a mild stroke where every computer is still using Windows XP or Windows 98. Patient records, prescription records, billing records are all on those computers. Are they as safe as can be? Absolutely not. Those operating systems have known vulnerabilities and are obsolete, but the cost to change the OS and software on every computer there is enormous, so the facility gambles that no one will gain access. Her opthamologist uses Windows 95 on the computers he uses to display videos showing the services he provides. He keeps his billing computers behind the public area so I don't know what OS he uses on them, but I'm guessing it's not the latest and greatest.
The future lies in the cloud. Computers like Google's Chromebooks and Chromeboxes will ultimately benefit greatly from these data breaches. More and more data will be centralized and strictly monitored in central locations where hacking is easier to detect and prevent. This will make those sites the Fort Knox's of data making them a bigger target, but also easier to protect. Now data is spread out all over the place and you have to hope that those with your data are doing their best to protect it, but in many/most cases they aren't. In some cases they aren't aware how vulnerable they are. In other cases they just can't afford to make the necessary upgrades. Amazon and their associated retailers are pioneers in safer computing and with the Amazon cloud, your data is probably safer than elsewhere. Data security has always been a big issue and will remain a big issue for decades to come. The cloud will ultimately provide better security than anything we have now, but those clouds will be even bigger, richer targets.
It's funny isn't it that we seem to be taking a giant step backwards with the cloud. Early computing utilized essentially dumb terminals and centralized storage. PCs were developed and the storage and operating capacity essentially grew to reduce centralized data storage because of all the problems associated with centralized processes. Now, in an age where the hackers seem to be smarter than the developers we're jumping back in to centralized data storage - comes off a bit like Pearl Harbor to me....put it all in one place to make it easier and faster for the hackers!
I'd rather rely on my own security measures than "trust" that the central server operators are actually doing their jobs. I was on a "tiger team" about 15 years ago that went in and reviewed the system management operations at a DoD facility. System management had been outsourced and what we found was beyond belief. We documented instances where even nightly backups that ran into problems were simply aborted and the backups not done. Security patches that were reported to have been installed were not actually installed. The contractor was terminated, but so much damage was found that it caused major changes in operations.
Blogs & Forums
Forums
Blogs
)
), but I wish they would reinstate it for those we edit ourselves. It's my opinion, but I prefer it to be notated when a post has actually been changed by its author.
