Cloud Security Basics: Are You Really Safe Up There?

Published March 18th, 2014 by Michael Farin

Once upon a time, the main concern about cloud storage was “Is it reliable? Will my data be there when I need it, or will the vast wilderness of the Internet make it disappear when I’m not looking?” Now that the cloud is as reliable as most other data storage solutions, those worries are less scary.

But it ain’t over yet.

These days, cloud concerns have shifted to security. Is the cloud really “safe?” If you store data on someone else’s servers, will it be secure? Will the government have access to your information?

Don’t freak out! Here’s a basic guide to dealing with cloud security. Follow the steps below and you’ll have a much better grasp of what you should – and should not – worry about.

What should I know about the cloud?

The cloud has two major parts. The first is consumer-facing services and applications like Google Docs or Dropbox. Individuals or businesses run web apps for these services online, rather than downloading and running them off their own computer.

The second part of “the cloud” is the overall concept of cloud computing, where users rent server space and time from outside companies like EndLayer, Amazon Web Services and Rackspace, in order to power tools, databases or apps. That way they don’t have to maintain their own servers, and they only pay for the time and power that they use.

For the sake of simplicity, we’ll just focus on cloud #1: business- and consumer-facing services.

Can I use the cloud?

Depending on the provider that you use, your data may not even be allowed on the cloud. Sensitive data is not always permitted to be stored on public clouds like Google, Rackspace or Amazon. Different states and countries have different laws governing the type and sensitivity of data that can be stored publicly. (For instance, if you store your data in a cloud of U.S.-based data centers, the U.S. government may be allowed to look at your information under the Patriot Act.)

Certain types of security requirements may make it impossible to “trust” the cloud. (That’s why Adobe Creative Cloud has created a smaller, separate private version of its cloud software that’s not connected to the public cloud versions.)

What kind of security features does the cloud have?

Most of the major cloud services – Google and Dropbox, for instance – offer encryption and security processes to protect your data. Some are safer. Some are not so safe.

Google just added AES-128 bit encryption to its cloud services, and Dropbox and Microsoft also offer good AES encryption. (Dropbox partners with Amazon to ensure data is secure.) So, you can see they’re trying.

One way to make your data safer on the cloud is to encrypt it before you store it, using a password management app like 1Password. That way, even if the cloud is accessed by some other organization, you still have a level of security in place.

Is it just safer to store all my data on my own machine?

At first glance, a Windows or OS X operating system seems secure – and after all, you own it. But can you really control your data? Hackers can still remotely log in and access seemingly “secure” personal networks. And you may not have the proper protection or firewalls in place.

It may seem counterintuitive, but a major cloud storage company usually will have better security than a local server you manage yourself.

What’s the #1 cloud safety tip?

Always make sure you’ve protected your passwords and your accounts properly. Encrypt your data before storing it on the cloud, encrypt it again on the cloud, and use two-factor authentication to keep your passwords secure and different.

Remember, the cloud is here to help you. As long as you use it wisely, you’re good to go.

Comments ()

Stay Connected

Contact Us

Phone: 1-855-363-5293 Email: Newsletter