I really like this way of thinking outside the box! Some of the old, and current, concepts on password complexity, length, history etc. are being revised. There is some new thinking on the matter, based mainly on trends and analytics Microsoft has done via millions of hack attempts on Azure based resources.
New Microsoft recommendations:
- “Maintain an 8-character minimum length requirement (and longer is not necessarily better).
- Eliminate character-composition requirements.
- Eliminate mandatory periodic password resets for user accounts.
- Ban common passwords, to keep the most vulnerable passwords out of your system.
- Educate your users not to re-use their password for non-work-related purposes.
- Enforce registration for multi-factor authentication.
- Enable risk based multi-factor authentication challenges.”
Read it here
We had a few break ins in the neighborhood recently so I decided to set up an outdoor surveillance camera. But I needed to upload motion detected videos to an FTP type of site. So I had to provide for video file storage for an outdoor WiFi based security IP camera. I will use a D-Link video camera and a cloud based location to store the videos. As this is for home use, there is no server. I used to have servers at home, but nowadays, I work off Azure or other Cloud based companies and it is no longer needed or feasible: the server is cloud-based. Besides, home servers are too loud, although I when I had them at home, they were pretty nifty ;>
Anyway – here are the home Surveillance Video Project specifics!
Quick, which is more secure, premises or cloud based data?
This fellow makes an excellent point on Cloud Security and the common question, that is that maybe the Cloud is only as secure or insecure as the Business owners, Executives and I.T. Department desire. Maybe the hacker are the least of our problems?
“The truth: Although you may not control the data on your premises, you still own and control the data. You may not be able to visit the data center and have lunch in the server room, but you still can control both the data and the layers of security safeguarding it. I’ve yet to see a public cloud provider that does not allow this configuration. No, your data is only as vulnerable as your security protocols, cloud or not.”
It’s not the hackers you should fear