TBayIT Blog

With the uptake of cloud computing becoming more common place the use of one username and password to authenticate is becoming the norm. A single username and password can now authorize you to access all sorts of things. Your Google Account for example will allow you to access Google Docs, Calendar, Analytics, Adwords/Adsense, the Android Marketplace and a myriad of other services Google provides. Your Facebook/Twitter email and password is being utilized to do things from post comments to create third party website accounts. No doubt a great way to avoid creating dozens of different accounts on every site you visit – but at what risk?

Apple is at the top of the list for providing mega-accounts. Your Apple email and password allows you to purchase songs, books, apps and login to any Apple service including their new iCloud to syncronize calendars, contacts, email and save files. This great convenience also brings great risk. If a hacker can get into one of these accounts they can cause headaches and even cost you financially if you have a credit card connected to one of these accounts. Not to mention that if you are using iCloud, you could be locked out losing access to important work files.

Apple iTunes is hacked regularly and more often then they want the public to know. With millions of worldwide users and millions of devices – an Apple ID is very lucrative to fraudsters. Just recently I received a charge from the “Apple ITunes Store Luxembourg”. I am very careful with passwords ensuring numbers, uppercase/lowercase letters and characters. Not to mention I have changed it twice in the past three months. Doesn’t matter much if their system is the weakest link.

Read this discussion thread on Apple’s discussion site. Almost 60 pages of comments from people experiencing hacked accounts, unauthorized credit card transactions and drained gift cards. You would think that given the advanced technology found in idevices that it would employ advanced security practises (facial scans, voice authorization, location based security – even a simple private pin could help).

My reccomendations are simple.

• Use a prepaid or very low and expendable credit card to attach to your account
• Use strong passwords and change them monthly – never use the same password across multiple websites
• Create secondary email accounts for iCloud if you are depending on it for important documents
• Back up locally (sounds stupid to back up from the cloud but this habit can save you in a variety if situations)
• Syncronize regularly to a laptop or desktop computer
• If you use an iTunes gift card, spend it immediately after adding it to your account
• Check your Credit Card statements regularly, take action immediately after finding unauthorized transactions
• Never connect a PayPal account, especially if you have other bank accounts connected to PayPal
• Use common sense to protect yourself against viruses, spyware and phishing

The bigger the mega-accounts become, the more they will become a target. We will only hear more and more of these stories as cloud computing grows.