“Cloud VPN” could be an easy shorthand for securing cloud-based resources. Or it could be an overused buzzword bolted …
According to research firm Gartner, Inc., consumers will store 36 percent of their digital content in the cloud by 2016.
With all of this information housed on servers and zipping around the airwaves every day, it’s no wonder that cloud storage has become a prime target for hackers.
Fortunately, with a little information and some simple investigation, you can make smart decisions about how you use the cloud.
The Basics of Cloud Storage
The cloud is a network of servers that can be accessed remotely by personal computers, mobile devices, and applications.
The servers, which may contain your information, files, photos, and music, sit in a building somewhere.
Security Issues of Cloud Storage
The main security concerns related to cloud storage are malware outbreaks and hacker theft.
It is no secret that wireless networks and even wired transmissions can be intercepted and used to unsavory ends. Because of the need to connect remotely to cloud storage each time you use your password, upload a file, or download a file, your data and information are at risk of hackers with the proper tools.
Most, if not all cloud storage providers will help protect you with some level of encryption, however recent investigations have shown that knowing exactly what is encrypted, and what is not, is important.
Wired recently examined Apple’s popular iCloud service and discovered that, while documents, photos, and media were scrambled to prevent access, notes and emails sent through the @me.com address were not.
Even with these concerns in mind, there is hope for cloud storage yet.
Do Your Part to Protect Your Data
The most rudimentary step you can take to protect your data is by using a strong password. The basics are simple: longer, mixed-case, combinations of letters, numbers, and special characters that do not follow the rules of English grammar are best.
Research has shown that an all lower-case, six-letter password takes as little as 10 minutes to crack. Remember that randomness is your friend (instead of cowgirl87, try c0Wg1rL#87!) and refrain from using the same password at multiple sites, no matter the convenience.
Next, make sure your connection and transmission of information to the cloud is encrypted. Begin by password protecting your wireless network (using the password rules above), selecting the WPA setting.
Since data sent over the connection may not be encrypted until it is received by the server, encrypting your data prior to uploading is also a wise step. This article describes a product (free for users, $100 for businesses) that creates a virtual partition of your data, which can be used with services like Dropbox and Skydrive to encrypt your data prior to sending it to the service provider.
Finally, consider what you are uploading to cloud storage and whether or not the convenience is worth it. Having your tax returns readily accessible if you work remotely is certainly handy, but is it worth it to put such delicate financial information at risk?
Home media such as photos, music, and video are less costly if lost or stolen, but your identity is priceless. And this kind of identity theft does happen when individuals upload their life to the cloud: a Wired writer effectively had his entire digital life erased when a hacker broke into his cloud storage. The risks are very real and the implications may be scary, but arming yourself with this kind of knowledge can make the Internet a less treacherous place.
Choose Your Cloud Service Provider Wisely
The last step that you can take to ensure data safety involves a simple call or email to potential service providers. Here are some questions to ask when vetting your vendor:
- Has your organization experienced a data loss breach in security and, if you have, what have you don’t to prevent future intrusions?
- Do you offer two–step authentication?
- Does your service keep multiple copies of my data in case of server loss?
- Does your service distribute multiple copies of my data across servers in different geographic locations in case of natural disaster?
- What precautions do you take to keep your employees from stealing information?
- At what point (upload, storage, download) is my data encrypted and are the encryption keys kept on a central server?
- How long does it take for a file and all copies to be deleted from your servers? Are my files ever truly deleted from your servers?
The key is to determine what risks you are taking when utilizing each service. Know your risks, know your assets, and you’ll find yourself much better equipped in the event of a breach or data loss.
In the information age, information is your most powerful tool. Use good passwords, encrypt your connection and data, and weigh convenience against security when choosing what to store in the cloud.