We hear regularly about SQL injection continuing to be a problem (it is) and malware causing data loss for many companies. We've got misconfigured firewalls and backup tapes being lost. However even if we could solve all those issues, we'd still have security issues.

A new study shows that many workers share a tremendous number of files with coworkers, and potentially friends on a regular basis through the various cloud services. I don't worry so much about cloud service providers being hacked themselves, or their employees selling information. It could happen, and probably does, but it's also likely just isolated incidents that have limited impact. However I'm more worried about the poor security practices of the employees.

Many people tend to use the same passwords on different sites (a bad practice). They also often open attachments from "friends", unaware of how dangerous it can be to pass along and share documents that can embed malware. Malicious coders are becoming smarter, learning to make their actions more subtle, often only infecting a device to use it to send emails or files to other users who are the real target of the malware. With all of these issues, it's much more likely that a user will end up creating their own hack for malicious servers than targeted attacks will work. It's also highly possible that many users will share documents with friends, unaware that they might be exposing corporate data to the general public with confusing settings in some of these services.

Ultimately I'm becoming more cautious about sharing information with others. I won't open many files sent to me by people I don't know well, and never look at any "humorous" attachments. I won't accept a USB key from you and plug it into my laptop. It's sad because we've built some amazing services to allow us to communicate easier and faster than ever before, however we've also not built these applications with an eye towards security first, and convenience second.