After the “Meltdown,” How Can You Protect Your Database?
By Julia Cook, iDatalabs.
As a data scientist, you might be responsible not just for solving problems with data, but for the security of that data—especially in smaller organizations. You’ve likely watched with dread as Google researchers at Project Zero unveiled a series of kernel flaws that affect all Intel systems, and laid out two potential attacks on those flaws: “Meltdown,” and “Spectre.” You’re not alone. In the fallout since Wednesday three class-action lawsuits have been filed against Intel, and their stock has posted an $11 billion loss. This is a problem, over twenty years in the making, that will affect individuals and their companies unless proper measures are put in place.
Wired outlined the implications of Meltdown and Spectre on Wednesday, and here you’ll find a list of the systems affected. Predictably, machines uploading work to the cloud pose a higher risk, as server information can come flooding from that crack—where privileged and basic security permissions were once separate, they’re now mixed in the deluge. And our old friend memory cache can collect them for hackers’ use.
So if you haven’t already, make sure site isolation is turned on in your browser.
Here are the instructions for:
Luckily, Microsoft and Apple have already issued a patch for their machines to plug the proverbial crack in the wall, but be sure to enable auto-updates on your PC, and even your phone. This may slow down your PC, but don’t fret. A report published by TechSpot Thursday detailed the true loss of performance in the online gaming sphere—the results were mostly negligible, with 7-zip compression and decompression unaffected, but 4K read performance was indeed slower. Now that we’ve all had a deep breath, let’s examine what this means for your database, whether it’s mostly Kaggle competitions or your whole department’s CRM.
What can be done at the cloud and server level?
Bio: Julia Cook is a Marketing Manager at iDatalabs.
- Cybersecurity: Managing Risk in the Information age, Harvard online short course
- Does Machine Learning Have a Future Role in Cyber Security?
- Machine Learning and Cyber Security Resources