The hack that exposed hundreds of nude celebrity photos is causing some soul-searching across the cloud computing industry. The incident has led to calls for more secure protection, better passwords, and a re-thinking of how customers use the cloud.
The hack -- which exposed nude photos of Jennifer Lawrence, Kate Hudson, an underage Jennifer Maloney and others -- underscores the lingering mistrust that has surrounded cloud storage services, even as customers have signed up in droves. Whether the high-profile infiltration will actually be enough to sway consumer opinion, though, remains to be seen.
“I don’t believe, in the long term, this will hurt the cloud services industry bottom line,” said Gary Davis, the chief consumer security evangelist at McAfee, Inc. “The cloud services industry would be impacted if this opens the door to rampant and regular exposures of this type."
Consumer cloud adoption has surged in recent years, with an International Data Corporation study predicting that the industry, which was worth an estimated $47.4 billion in 2013, will be worth $107 billion by 2017. That 23.5 percent compound annual growth rate is five times that of the broader technology market, the IDC said, easy to believe considering Dropbox attracted 150 million new users between mid-2011 and November 2013. A similar prediction from the International Business Machines Corporation (NYSE:IBM) suggested that American businesses will spend more than $13 billion on cloud computing in 2014 alone.
But IDC analyst Fayaz Khaki said businesses should use the hack to ask the question: "how secure is the cloud?" For businesses, whether to adopt cloud services is a question of risk management. Just how much risk are you willing to undertake? You need to decide "whether moving to the cloud is not increasing the risk exposure to your organization," he wrote in a note to clients.
For consumers, the scandal hit close to home as more and more young people implicitly trusting data companies with potentially embarrassing pictures of themselves. As always-on, network-connected devices, the smartphone is vulnerable, particularly when they are automatically storing data on cloud servers.
Shawn Murphy, CEO of the cybersecurity firm PrivateGiant, said consumers should be aware of the business model behind the cloud services they're using.
“Folks really need to identify the services that don't focus on privacy first and say to themselves, 'I'd rather choose something that values my privacy versus something that views me as a product,'” he said. “Convenience is always going to outweigh something that requires any sort of complexity, but the onus lies on these companies and their developers to create the tools to protect people. Companies that don't do this are eventually going to experience a drop off.”
Davis, the McAfee security executive, said the onus is on both companies and customers to keep their data safe. “Companies need to ensure that consumer’s data is only accessible only by the consumer using strong, multi-factor authentication,” he said. "If you don’t want something to get in the hands of someone not intended to see it, then don’t post it to the cloud.”