Cloud Security

In my last post I outlined some of the larger e-file storing companies. Regardless of what system you go for, there are things you need to consider to address your concerns about security. What I have done here is reproduce a few excerpts from articles about cloud file security from trustworthy sources (down below) but in summary they all say the same basic things:

  1. Check your provider encrypts the files when being uploaded or downloaded (Look for the “https://” or the  padlock beside the URL in your browser.) Otherwise you will need to encrypt them on your computer before uploading (there are apps for that too).
  2. Your password is the weakest link. Follow guidelines for choosing great passwords – unique, not the same as any other login you use, and a method of remembering it securely too!
  3. The other major risk is if that provider is one day prosecuted at a top government level and all the files they store get frozen. As far as I know this has only significantly happened with MegaUpLoad (think KimDotCom) and the likelihood of THAT is pretty slim!

In my opinion if you go for one of the big providers and read up on their security measures, your main vulnerability will be around your password and sharing options – things entirely within your own control. So don’t let internet paranoia or someone else’s bad experience get in the way of embracing these fantastic paperless options for storing and sharing files.

ARTICLES of note:

Safe Cloud Storage Options

by Stephanie Crawford for How Stuff Works   (The full article can be seen here)

Your provider should be storing copies of data in at least 3 different locations

Here are some safety features to look for when you’re shopping:

  • A company with a reputation for excellent physical and network security
  • Multiple-level redundancy, meaning there are multiple copies of your data to prevent loss in the case of a single disk or server failure
  • Redundancy across multiple geographic locations, so when a natural disaster destroys your data at one location, that same data is still available elsewhere


How to Safely Store your Data in the Cloud

by Boston University – Information Services & Technology  (The full article can be seen here)

The first step in using the cloud service is to choose a provider that fits your needs. Some points to take into consideration on your search are:

  1. Are their security standards appropriate? Do some research. Make sure that the company has a good reputation and  solid security policies. Remember, you are trusting this company to store your personal information.
  2. How much data will you be storing? Search with a realistic expectation of the size you need to store all your files.  Many companies charge by the amount of storage you are requesting
  3. Is your data encrypted when being uploaded to or downloaded from the cloud? Make sure that your browser or app requires an encrypted connection before you upload or download your data.  Look for the “https://” or the  padlock beside the URL in your browser.
  4. Is your data encrypted when stored in the cloud? You will have to read the terms of service to find this out, but often your data will be stored on the cloud server with no encryption, this means that anyone that has (or can get) high level access to that server will be able to read your files.  This may not be an issue for many files, but you should carefully consider what kind of information you are storing in the cloud and whether you are comfortable with some other person you don’t know accessing it.  At a minimum, no data that is protected by law (medical information, personal identifiers, financial data) should be stored in the cloud unless the storage solution is encrypted and you know who can decrypt it (it should only be you or your organization) and for what reason.
  5. Understand how access is shared with your cloud folder. Several cloud storage providers allow you to share access to your online folders with other people. Be sure you know in details how this works.  Can they read only or can they change the file?  Will you know who changed a file last?  If you share the file with a group, do you know who all is in the group?  Are you notified if the group changes?  Does the service allow you to make files public?  If you do are your personal details (name, account, email, etc.) attached to that file if a stranger looks at it?
  6. Understand your options if the cloud provider should be hacked or should lose your data.Services like this require that you sign their terms and conditions before they allow you to use the service.  In the vast majority of cases, these conditions state that you have very little, if any, remedy if anything bad should happen.  Be aware of what you are signing away.

Once you have found the service that best fits your needs, it is important to make your data as safe as possible. Here are some general rules that you should follow for all your internet habits, but particularly for your data storage:

  • Pick a good password. All Cloud services require a master password to get into your files, so make it a good one, something that is pretty long.  When it comes to passwords, longer is better.  True, it can be a hassle to remember a strong password but it’s an even bigger hassle to have your information stolen. For tips on creating passwords, read more here
  • Don’t reuse your passwords. The password you choose to access the Cloud should be unlike any other password you use. If a hacker gets access to your Facebook password which also happens to be your email password, they will not only have a clear view of where you hold financial accounts, but they will be able to reset all of your passwords without your knowledge. Voila! Easy access!
  • Don’t share your passwords. Even with a trusted friend, sharing your password is never a good idea. The more people who know your password, the more likely it is to be spread around. Your password is the lock to your information, don’t let more people in than need be there.
  • Back up your data. The same way you back up your computer’s hard drive, back up your Cloud data. There are some companies that offer a small amount of storage free of cost. Take advantage of this and make sure you have your most important data backed up in case of an unexpected loss.


The Best Cloud Storage Solutions

The ability to back up files, store them in the cloud, and automatically sync all that data across multiple devices has radically changed the way we use computers, mobile phones, and other Internet-connected devices. That data could comprise home movies, your personal music collections, or work files that you and a colleague are collaboratively editing together. No matter what you put into a cloud storage and syncing solution, the benefit of being able to access it nearly anywhere is phenomenal.

If you don’t have a service for storing and syncing your data in the cloud, you need one. You might even need more than one.

Many of the best solutions do something specific, like handle photos exceptionally well and make them easier to share with your friends. The services you choose should be right for the job that needs doing. There isn’t one magic bullet that fills all needs. That’s not a bad thing. Using multiple services allows you to compartmentalize your data, which in turn may let you take advantage of the free space allotments most services offer. Separate your music from your photos from your office files, and each set might weigh in under the free account limit with three different services.

Sometimes, however, it’s worth paying for a service. Perks often include increased access to file-version history, more security, or more features for collaboration and working with teams.

Not every service on this list doubles as a file-syncing service, but many do. File-syncing has become an integral part of online backup. For tips on how to use a file-syncing service and deeper explanation of how some people use them, see Get Organized: File Syncing Services to the Rescue.

Different services can offer vastly different features and perks, and many of them are not directly comparable. If you want the utmost in comparisons, take a look at the insane chart of cloud backup services on Wikipedia.