‘Highly Secure’ Cloud Tool, Huddle, Exposes Private KPMG + BBC Files

By   ISBuzz Team
Writer , Information Security Buzz | Nov 17, 2017 11:41 am PST

Following the news that security flaw has been detected in office collaboration tool Huddle which has led to private documents being exposed to unauthorised parties. Huddle has confirmed instances of a corporate user logging on only to be re-directed to another company’s account. This is particularly concerning given that Huddle software is used by the Home Office, Cabinet Office, Revenue & Customs, and several branches of the NHS to share documents, diaries and messages. Geoff Webb, Vice President, Strategy at Micro Focus commented below.

Geoff Webb, Vice President, Strategy at Micro Focus:

isbuzz author male 1“What we see here is a symptom of the increasing complexity of managing access to web-scale services. It’s something that more and more organisations are having to wrestle with – how do you make sure that you securely manage who has access to what when you’re dealing with millions of users from around the world?

“The challenge requires development of technology that manages this kind of security problem from the ground up, and more and more also includes multiple “factors” of authentication – that is, including more than just passwords, but also including things like smartphones as smart tokens, or other biometric sources.

“Simply put – our lives are moving online, and the companies that want us to trust them with our information, and who want us to use the services they offer, will need to grapple with the problem of making sure they can implement solid, secure, and private access controls. If they don’t, they run the risk of bad publicity and lost confidence amongst the very people they want to serve.”