Cloud-computing critics will tell you that Web-based applications aren't secure. New data says they may be more right than any of us expect. Or at the very least, the belief that Web applications can be hacked has let loose a flood of attempts. Facebook and its 800 million-plus members have emerged as top targets.
Roughly 600,000 tries at cracking Facebook accounts occurs daily, or 0.6% of the 1 billion or so logins recorded by the social network every 24 hours. We don't know how many of those are successful, but we do have a model for what happens when hackers think they've found a target worth going after.
Adobe Systems (Nasdaq: ADBE ) has become a hacker favorite because of real and perceived problems with Flash and Acrobat, forcing the company to devote additional resources to plugging holes.Microsoft (Nasdaq: MSFT ) has faced similar problems with Internet Explorer.
To its credit, Facebook is working on additional security measures to help users stop hackers or malicious (ahem) "friends" from breaking into their accounts. Both are in testing according to a recent blog post from the Facebook security team:
- Trusted friends, which Facebook says is the digital equivalent of giving your neighbor a spare house key in case you're ever locked out of your account. Users can name up to five friends whom the social network would send access codes to on your behalf.
- App passwords, for creating separate logins for applications accessed through Facebook. The logic here is simple. Too many of us use a single password to access multiple services. Thus, one password failure creates a cascading effect that can have devastating consequences. The 2009 Twitter leak came about as a result of exactly this sort of carelessness.
As the world's largest online network and a large and growing platform for accessing apps, tech buyers and investors will rightly pay attention to how Facebook addresses security threats. So far, I think they have a lot to be pleased with.
On the other hand, the slightest misstep could set both the company and cloud-computing peers such as Google (Nasdaq: GOOG ) and salesforce.com (NYSE: CRM ) back years in their efforts to replace install-and-maintain software alternatives. You've only one chance to get this right before going public, Facebook. Don't blow it.
Now it's your turn at the podium. Do you trust Facebook's security measures? Please weigh in using the comments box below. You can also keep tabs on the cloud computing movement by adding these stocks to your Foolish watchlist: