Cloud Storage: Is it Private and Secure?
Would you agree with those who say “I would NEVER put my files out there on some cloud server... they're much safer on my hard drive!” If you're thinking about using cloud services like file storage, online backup, webmail and document sharing, you may wonder about the privacy and security of cloud computing. The parade of high-profile data breaches in the past year may have some people worried. So are your files and sensitive data safe and secure in the cloud, or are they vulnerable to hackers, snoopers and other threats? Here's the scoop on cloud storage security... |
Is Your Head (and your data) in The Clouds?
Cloud computing – storing data and using web-based software "up there" in the cloud of Internet servers – is becoming more and more common. See my related article Try These Free Cloud Services for some examples of popular cloud services. But are they safe? Can you trust some company on the other side of the wire with your business or personal data? Can you depend on software that isn't on your computer to be available when you need it? What are the risks of cloud computing, and how can you mitigate them?
The first risk you run is being cut off from your computing resources by a breakdown in communication between you and them. But that's rather unlikely, really. The Internet was designed to route data around broken communication lines, crashed routers, and other obstacles. Unless you live in a country with a totalitarian form of government, the Internet tends to be self-healing, unlike your desktop computer. So before fuming at your cloud storage provider for going down a whole five minutes, estimate how long it would take you to obtain and install a new hard drive, then restore everything from your local backup. Half a day, at least?
Risks of Cloud Storage
Data theft is a second and more serious concern of cloud computing. It's not that cloud-computing providers are sloppy about security. They're more conscientious about it than many large enterprises and most small users. But the bigger the castle, the more barbarians there are at the gates. As more companies deposit their top-secret data in cloud-computing providers' castles, more hackers turn their efforts to breaching those high walls. It's a never-ending battle, but fundamentally no different from you versus a lone hacker -- and most home users are no match for a skilled hacker.
To those who believe their files are safer on their hard drive than in the cloud, I say the following: Does your home have gated perimeter access, 24x7 on-site security guards, and security cameras? Do you have a fire detection and suppression system, backup power generators, and a disaster recovery plan in the event of hurricane, flood or earthquake? Do you have sophisticated network monitoring and intrusion detection software? You can bet your cloud storage provider has all that and more in place to safeguard your data.
Google's Cloud Security FAQ, for example, goes into detail about how your data is protected: "Our data centers are built with custom-designed servers, running our own operating system for security and performance. Google’s 700+ security engineers, including some of the world’s foremost experts, work around the clock to spot threats early and respond quickly. We get better as we learn from each incident, and even incentivize the security research community, with which we actively engage, to expose our systems’ vulnerabilities... we undergo several independent third-party audits on a regular basis. For each one, an independent auditor examines our data centers, infrastructure, and operations."
Government monitoring and seizure of data is a third issue with cloud computing. The European Union has strict, high standards of privacy protecting citizens against government intrusion into their personal business. Not so in the United States, where the law gives government agents enormous latitude to spy upon and seize personal data, if they can get their hands on it. Did you know that the Electronics Communication Privacy Act passed in 1986 allows law enforcement to access emails stored in the cloud for more than 180 days without a warrant? (See the "What About Encryption?" section below.)
Another important consideration is death. What happens to your information stored online in the event that you're no longer around? Everyone should have a plan to pass along important login/password credentials in the event they die. In addition to cloud storage, make sure you think about your webmail, online banking and social media accounts.
And it's always possible that your cloud-computing provider will go out of business. But in the event that a popular, reputable cloud storage provider was planning to shut down their service, they should provide ample notice and opportunity for customers to retrieve their data. In the unlikely event that a cloud provider suddenly goes dark, what happens to your data in that case? My advice is to keep local backups, or use a second cloud-computing provider for redundancy.
What About Encryption?
Popular cloud storage services like Microsoft Onedrive, Google Drive and Dropbox will encrypt files as they travel between your computer and the cloud servers. So you don't have to worry about some hacker or wifi sniffer peeking inside your spreadsheet as it zips along the information highway. Your files are protected by strong physical security measures, so they are encrypted both while in transit and "at rest" on the cloud server. However, each of those services controls the encryption key, and could (in theory) access your files. There are good reasons for that, however. Without the encryption key on the server side, you couldn't easily view them over a web interface, share them with other users or do collaborative online editing.
If the shared encryption key issue makes you uncomfortable, or you don't trust the server-side encryption that cloud services like these offer, you do have other options. Using client-side encryption, you can encrypt the files BEFORE they leave your hard drive, and you control the keys.
Boxcryptor is a third-party add-on that works with Google Drive, Microsoft OneDrive, Dropbox, and other cloud providers to provide "zero knowledge" encryption for your files in cloud storage. With Boxcryptor, your files are encrypted on your device before transfering them to cloud storage. Only you can access your data. No third party, including Boxcryptor has the encryption key.
If you want to handle the encryption on your own, my article Is it Time to Start Encrypting Your Files? discusses VeraCrypt and some other options for encrypting your files. This can work well if you want to use a cloud storage option that doesn't offer encryption. Most cloud backup services such as Carbonite and iDrive offer you the option to use a personal encryption key so that your files are encrypted before sending to the offsite cloud backup, and only you can decrypt them.
The downside to these client-side encryption options is that if you lose or forget your encryption key, your files are locked forever.
Cloud computing is definitely here to stay, and its benefits are compelling. You shouldn't avoid cloud storage services because of imagined or falsely inflated fears, but you should be ready to deal with the real risks.
Are you storing files in the cloud? Got comments or questions about cloud storage? Post your thoughts below...
|
|
This article was posted by Bob Rankin on 22 May 2024
For Fun: Buy Bob a Snickers. |
Prev Article: Geekly Update - 16 May 2024 |
The Top Twenty |
Next Article: Geekly Update - 23 May 2024 |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- Cloud Storage: Is it Private and Secure? (Posted: 22 May 2024)
Source: https://askbobrankin.com/cloud_storage_is_it_private_and_secure.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Cloud Storage: Is it Private and Secure?"
Posted by:
charlie
22 May 2024
"...Do you have sophisticated network monitoring and intrusion detection software? You can bet your cloud storage provider has all that and more in place to safeguard your data..."
Right up until they don't..
...“Unprecedented” Google Cloud event wipes out customer account and its backups
UniSuper, a $135 billion pension account, details its cloud compute nightmare...
https://arstechnica.com/gadgets/2024/05/google-cloud-accidentally-nukes-customer-account-causes-two-weeks-of-downtime/
Posted by:
Hugh Gautier
22 May 2024
So, you want me to trust the "Cloud", something that Mr. Snowdon broke into and then told the world what he's done while working for the US Government?
I'll trust the 7-SSD drives I can attach to my system more than the cloud. The neat thing about these drives is that I can turn them off individually without having to remove them. While I'm on the subject of external SSD Drives, my entire computer has 5.25 TB of storage space.
Now, on top of that Bitwarden approved my 32-character-password. (Yes, alpha-numeric and special characters along with Cyrillic characters made for one extremely tough password.) They commented it was the toughest that they had seen. It could be because I worked in code security while in the military and then retired back in the late 90s and into the new millennium.
Posted by:
snert
22 May 2024
the only cloud i trust is my own. i don't trust any big techs word. and when i'm not at my computer, it's not plugged in!!!
Posted by:
Phixer
22 May 2024
Have had photographs disappear overnight from websites.
A couple of email newsgroups have been wiped out overnight, losing all the messages and files.
Why would you trust someone you don't know with your sensitive files?
Presumably the same people that walk around with their banking and other sensitive and personal data on a small 'smart' phone that can be lost or stolen. I found one in some long grass while out for a walk; was some time before the owner realised their loss.
Posted by:
Phixer
22 May 2024
Those big fluffy clouds are nice to look at when you lie back with a drink in your hand.
Then you wake up next day to a clear blue sky.
Posted by:
Phixer
22 May 2024
"You can bet your cloud storage provider has all that and more..."
How often do you win a bet??
Plenty of card sharks out there.
Posted by:
Jeff Brothen
22 May 2024
If you haven't already, look into PCloud. I have been using it for several years now and love it. It
has client-side encryption and is very easy to use since it will create a virtual drive on your pc.
Posted by:
Bill
22 May 2024
Back when we only had VT100 and VT220 terminals cloud storage was the only option. But then low cost local storage I.e., hard drives became available local storage was the preferred option. Would I trust big business to look after my stuff? Not a chance.
Posted by:
Ernest N. Wilcox jr.
22 May 2024
I use OneDrive on my desktop PC, but keeping all my files locally. This way, my files are stored on OneDrive, and my local desktop PC, so when I perform my daily system backup, using Macrium Reflect, all my files on OneDrive are backed up too. I also use a second cloud service, MEGA.io (and their desktop app, MEGAsync), to keep my data on a second 'cloud' storage service, so my files are stored on at least three locations (OneDrive, MEGA.io, and my desktop PC), as well as being backed up regularly. I have Macrium Reflect encrypt, and password protect my backup image files, and I have BitLocker enabled to encrypt the files on my system drive, so even if some miscreant manages to break into my desktop computer, they shouldn't be able to use anything they get.
Currently, I'm looking for a software package to encrypt my data locally, before it's sent to OneDrive/MEGA.io, so everything is as safe from prying eyes as possible. One possibility I've found so far is Cryptomator, but I have a few issues with how it works. What I want is the ability to encrypt my OneDrive folder on my local system drive (with the encryption key in my hands), so when anything is synchronized to OneDrive, it encrypted before it's uploaded. The ideal solution would be for Microsoft to provide end-to-end encryption, with the encryption key stored on my computer, so they don't have the ability to decrypt anything I have stored on OneDrive, but I don't see that happening any time soon, if ever at all. The reason I want everything I have stored on OneDrive/MEGA.io encrypted, is to guard against a data breach against either of those services. If all my data's encrypted, and the storage service can't decrypt it, intruders won't be able to, either.
These are a few of the things I'm doing/planning to do to keep my data as safe from loss/data breach as I can. I'm not concerned with email encryption/security because I regard anything I put in an email message as being the same as broadcasting it out to the world. If I ever have to communicate anything I don't want the world to have access to, I'll do it in person, or with an encrypted file that only me and the intended recipient(s) can decrypt, sent either via an email attachment, or in a text message.
Ernie (Oldster)
Posted by:
SQLGuy
22 May 2024
As does Jeff, I suggest pCloud after several years of use.
Support of zero knowledge encryption, efficient upload/download speeds, ease of use are big factors for me.
Pricing model is more than competitive. Suggest waiting for a holiday when they typically have very attractive options.
Also, the mobile (iPhone for me) app is clean and straightforward to use.
Posted by:
Arnie
23 May 2024
What's that expression? It's not will it be hacked but when. And the big time hackers are not after me - I'm not worth their trouble.
Would you trust Google or any of those ghouls with your personal data? Plus laws safeguarding your data can be changed on a whim. A court order can be ginned up by any devious agency.
Posted by:
Ian
23 May 2024
You can store one of your back-up drives in a locked, fire-proof safe of course.
I would also add that not everything needs to be encrypted. I use my cloud site for distributing the classical music I write so it does not really need strong encryption. However sensitive information is stored in an encrypted disk image with a long password; I doubt anyone would want to spend a 10000+ centuries (according to Kaspersky) cracking it. I also use offshore providers for both cloud storage, web hosting and email. I doubt hackers are interested in me but I am not sure about our own government.
Posted by:
Glen
23 May 2024
First, let me start by saying I am a senior if that matters. My issue about cloud storage is that I don't really understand how to use it. I tried some cloud services and ran into issues such as syncing. It said I need to turn it on but not how to do it. I had a number of questions in addition to syncing, like how to select specific files to go to the cloud and ensure some did not go, if I delete a file in the cloud, does it delete it on my PC, etc. I can definitely see advantages of using the cloud but will just continue to use my external SSD drive.
Posted by:
Brian B
23 May 2024
"Can you trust some company on the other side of the wire with your business or personal data?"
NO, NO, NO. If hackers can access Department of Defence and the like, then cloud storage facilities are child's play. What are the odds of fire, flood and earthquakes compared to cyber breaches? I know which I would choose. Home storage with hardware redundancy, and a couple of 2TB thumb drives on a lanyard.