If Facebook is Vulnerable, What Else Can Hackers Access?
News of the latest Facebook breach is spreading fast and providing ammunition for legislators who want any reason to regulate big public cloud companies like Facebook under the guise of protecting data privacy. Facebook said nearly 50 million user accounts were breached, although the company does not yet know who was behind the attack.
The Vulnerability of Big Cloud Vendors
I've said it before, big cloud vendors have been drawing a lot of negative attention to themselves for the past several years. After the Edward Snowden revelations, public cloud providers became legitimate targets from legislators wanting to protect the data and privacy of their constituents. Whether or not lawmakers succeeded (i.e., GDPR), we shall see. What is clear, however, is that more laws are coming and MSPs need to be ready.
How Can MSPs Prepare Customers?
One of the biggest weapons MSPs have is the power of education. When Facebook announces nearly 50 million user accounts have been compromised, that's a great opportunity to talk to your customers and prospects about their strategy for protecting IT assets and data.
All data is precious. The Facebook breach indicates this. There are no bank account numbers, social security numbers, or health care data retained on most user's accounts. Still, Facebook was breached for a reason. We must get past this idea that only certain types of data are valuable to cybercriminals, and therefore worthy of protecting.
All data has potential value to a hacker, especially when you combine different data points of a person (or entity) those data points accumulate in value and usability for the hacker.
If Facebook, with all its millions spent in security software, hardware, and people, can be hacked, then what does that mean for smaller organizations?