Security threats are fait accompli. It is important to recognize their existence of threats in your cyberspace and deal with them appropriately.

Fortunately, the digital world frequently reviews the threat landscape. So, you should not be surprised when you read reports and news items that list the types of digital threats that have been identified and the statistics on their impact on the cyber universe.

The top threats to Cloud and Internet based applications of the year gone by—2012—have been identified, classified, and categorized.

Top ten threats have been listed on the basis of incidents as under:

1. Blackhole   exploit kit 28.8%
2. Palevo   Command and Control Activity 7.19%
3. Cridex   Trojan 4.36%
4. Fake-AV   Trojan 3.69%
5. Possible   Bot: Rapid Forum Posting 2.83%
6. W32/Toolbar_MyWebSearch.Q 2.76%
7. Zeus   Command and Control Activity 0.98%
8. SpyEye   Command and Control Activity 0.92%
9. ZeroAccess   rootkit Command and Control Activity 0.92%
10. TDL4/TDSS   Command and Control Activity 0.92%


Check with your Cloud vendor and understand the security measures they have taken against these top ten threats and any other kind of security threats that may be perceived by them or you. Ensure that you have the latest security patches installed on your system. Remain alert to security breach alerts that are generated and displayed on your system. Maintain constant dialogue with your service provider regarding handling these threats.  Since most of these threats attempt to exploit the vulnerabilities of your browser and applications like Adobe Flash/ Reader or Java, it will be in your interests to disable JavaScript and Flash in your browsers wherever possible and keep the operating systems updated at all times.

But, security is not a standalone project. Nor is it entirely the responsibility of your Cloud vendor. Security begins right at your desktop. Your employees should be trained not to open any unsolicited mails or links.  Unused applications and services should be uninstalled.  Employees need to understand that security breaches can occur due to carelessness on their part or maliciousness on the part of an individual within the organization.  All desktops should be password protected and the password protection should kick in even when the system is left idle for a few minutes. It will be in the best interests of the organization if employees are trained to shut down the system or activate the password protection when they need to leave their seats for any length of time.  Passwords and system access protocols should not be shared and strict logs of user activity should be maintained and monitored to ensure that employees follow these simple rules.

Securstore’s Cloud backup solution, powered by Asigra, is FIPS 140-2 and ISO 27001 certified, and has never been compromised since 1986, the year Asigra launched its Cloud backup software.