Is Cloud Storage Secure?

Category: Cloud

Are you using cloud-based services like online backup, webmail and document sharing? Most people don't know much about the safety and security of cloud computing. Are your files and sensitive data safe and secure in the cloud, or are they vulnerable to hackers and other threats? Here's the scoop on cloud storage security...

Is Your Head in The Clouds?

Cloud computing – storing data and using application software "out there" in the cloud of Internet servers – is becoming more and more common. See my related article Seven Free Cloud Services You Should Try for some examples of popular cloud services. But are they safe? Can you trust some company on the other side of the globe with your business and personal data? Can you depend on software that isn't on your computer to be available when you need it? What are the risks of cloud computing, and how can you mitigate them?

The first risk you run is being cut off from your computing resources by some breakdown in communication between you and them. But that's rather unlikely, really. The Internet was designed to route data around broken communication lines, crashed routers, and other obstacles. Unless you live in a country with a totalitarian form of government, the Internet tends to be self-healing, unlike your desktop computer. So before fuming at your cloud storage provider for going down a whole five minutes, estimate how long it would take you to obtain and install a new hard drive, then restore everything from your local backup. Half a day, at least?
Cloud Storage

Oh, and you DO have a backup, right? If not, see How I Got Hacked... And Why You MUST Have a Backup! for a cautionary tale, and Hard Drives Are Not Forever to learn more about options for backing up your important files.

Risks of Cloud Storage

Data theft is a second and more serious risk of cloud computing. It's not that cloud-computing providers are sloppy about security. They're more conscientious about it than many large enterprises and most small users. But the bigger the castle, the more barbarians there are at the gates. As more companies deposit their top-secret data in cloud-computing providers' castles, more hackers turn their efforts to breaching those high walls. It's a never-ending battle, but fundamentally no different from you versus a lone hacker -- and most home users are no match for a skilled hacker.

To those who say "I would NEVER put my files out there on some cloud server... they're much safer on my hard drive," I say the following. Do you have gated perimeter access, 24x7 on-site security guards, and security cameras? Do you have a fire detection and suppression system, backup power generators, and a disaster recovery plan in the event of hurricane, flood or earthquake? You can bet your cloud storage provider has all that and more in place to safeguard your data.

Government monitoring and seizure of data is a third issue with cloud computing. The European Union has strict, high standards of privacy protecting citizens against government intrusion into their personal business. Not so in the United States, where the Patriot Act and other laws give government agents enormous latitude to spy upon and seize personal data, if they can get their hands on it. It's easier to serve a subpoena on a cloud-computing provider than to serve hundreds or thousands upon individuals.

And it's always possible that your cloud-computing provider will go out of business. What happens to your data in that case? Well, you should be keeping local backups, or engaging a second cloud-computing provider to back up your data for you. On the other hand, if the applications that you use are provided through the cloud, it can be a serious blow if your provider suddenly goes dark. That's what a business continuity plan is for. You should make plans to recover your data and keep using it in the event that a cloud-computing provider goes out of buinsess.

What About Encryption?

Popular cloud storage services like Microsoft Skydrive and Google Drive will encrypt files as they travel between your computer and the cloud servers. So you don't have to worry about some hacker or wifi sniffer peeking inside your spreadsheet as it zips along the information highway. Your files are protected by strong physical security measures, but they're not encrypted while they're stored on the Microsoft or Google servers in the cloud. There are good reasons for that, however. If the files were encrypted in the cloud, you couldn't easily view them over a web interface, share them with other users or do collaborative online editing.

Dropbox does take the extra step of encrypting user files with SSL (Secure Sockets Layer) and AES-256 bit encryption, once they've been stashed on the cloud server. That gives you the assurance that if Evil Hackers were able to break into Dropbox, they wouldn't be able to read your scrambled files. But the caveat is that Dropbox itself has the decryption keys needed to unscramble the files. This quote from the Dropbox security FAQ explains why:

"We do have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that's the rare exception, not the rule. We have strict policy and technical access controls that prohibit employee access. In addition, we employ a number of physical, technical, and heuristic security measures to protect user information from unauthorized access."

If you're uncomfortable about the lack of encryption for files in SkyDrive or Google Drive's cloud storage, or you just don't trust the server-side encryption that services like Dropbox offer, you do have another option. With client-side encryption, you can encrypt the files BEFORE they leave your hard drive, and you control the decryption keys. My article Encrypt Your Hard Drive discusses TrueCrypt and some other options for encrypting your files. Honestly, I'd recommend this only for very sensitive data.

Cloud computing is definitely here to stay, and its benefits are compelling. You shouldn't avoid cloud storage services because of imagined or falsely inflated fears, but you should be ready to deal with the real risks.

Are you storing files in the cloud? Got comments or questions about cloud storage? Post your thoughts below...

 
How Else Can I Help You?   (Enter your question in the box above.)
 

Sign up now for AskBob Updates!

Boost your Internet IQ, keep up with the latest online trends... get your FREE subscription now!


Email:


Posted by on 17 Sep 2012


For Fun: Buy Bob a Snickers.
Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
The New iPhone 5 is Here

The Top Twenty
Next Article:
Are Ultrabooks a Smart Buy?

Link to this article from your site or blog. Just copy and paste from this box:


Most recent comments on "Is Cloud Storage Secure?"

Posted by:

Tom S.
17 Sep 2012

I'll put all my data on my own external hard drives, thank you very much! Recently I bought a 2tb h.d. for $60, which is more then enough for at least a year or two of storage.

This way when I need the data I turn the drive on, when I don't need to access the data the drive is turned off, AND secure!!


Posted by:

ManoaHi
17 Sep 2012

All my backups are local hard drives, because they are faster. I have a set at home (more than one computer to backup), one at work and one I carry with me. I take my laptop with me. I have my own hot spot, so as far as connectivity, not an issue.

I use DropBox rather extensively, mainly because they were there early on. But I do have most of the others: Box, SkyDrive, Google Drive, iCloud and Amazon Cloud Drive. I never backup to the cloud. The cloud gives me the ability to share. As far as I am concerned, if those ever get hacked (or monitored) I don't really care, because I never leave private information there.


Posted by:

Peggy
17 Sep 2012

Hi,

Interesting article since these issues have been on my mind lately. Good to have more info. I'd be interested in what you have to say about the different providers.
Thanks!


Posted by:

James Busse
17 Sep 2012

Very timely and useful article, especially with the large increase in tablet use. I am comfortable with cloud storage, but could see the advantage of permitting encryption for those that want it. As I see it, tablet use virutally assures that cloud storage will become a standard feature.


Posted by:

snert
17 Sep 2012

Mr. Bob,
As you've stated before, numerous times, the 'cloud' is nothing new. It's been around for years, but now we have cloud storage for boucoup personal data.
Use two or three different places in the cloud so you would be cool if one goes 'dark', if you rely on the cloud. This might be an idea to persue, but I wouldn't rely solely on cloud storage/backup.


Posted by:

Art Frailey
17 Sep 2012

Excellent article on Cloud Storage. Some things I would never have thought of were covered.
Mentioned were the possibities of the Cloud you chose of sinking. Well, two clouds might be better than having an external hard drive, that you may not be able to access if something goes aray with it. So, just make sure you are able to access it, not matter what. One thing for sure, a cloud will not burn or get flooded, which is my biggest concern.


Posted by:

Dr. Rohan H. Wickramasinghe
18 Sep 2012

Thank you for this article. I was uneasy when I first heard about cloud computing at the thought of my data going to the other side of the world. Your comments have made me feel better about this.


Posted by:

Stewart
18 Sep 2012

Giving any data to a 3rd-party, particularly one you don't know, is going to come with a risk.

There have already been photo storage and newsgroup sites which disappeared overnight either because of malicious intentions or because the owner of the server went bust.


Posted by:

Mary
18 Sep 2012

My two biggest complaints: the bandwidth caps placed on me by my ISP and my upload/download speeds. If I wanted to move/copy my music, videos, documents, etc to the cloud it would probably take a couple of months . . . maybe longer. And I'd get hit with some outrageous overage fees. That's why I'm sticking to multiple external hard drives and old-fashioned file backups and system images.


Posted by:

Rob
27 Sep 2012

Dropbox secure?? Excuse me but Dropbox had four incidents this year where there was a problem with access rights. At those moments everyone could access all data. From a business perspective I would rather choose for a private cloud model, eg. Hyperdrive. It offers much of the same functionalities as Dropbox, Skydrive etc., but the data remains within the company and you'll have the ability to integrate it with Active Directory for central management.


Posted by:

ansh
09 Jan 2013

Are My Stored Files Really Safe in Cloud?
http://tech-support-center.com/2012/12/22/are-my-stored-files-really-safe-in-cloud/


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! And please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are previewed, and may be edited before posting.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.


Free Tech Support -- Ask Bob Rankin
RSS   Add to My Yahoo!   Feedburner Feed
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google.


Article information: AskBobRankin -- Is Cloud Storage Secure? (Posted: 17 Sep 2012)
Source: http://askbobrankin.com/is_cloud_storage_secure.html
Copyright © 2005 - Bob Rankin - All Rights Reserved

 
Free
Newsletter
Get the FREE  "AskBob Updates" newsletter!       Email:    (Details)