The days of keeping all your documents, photos and music on your computer's hard drive are gradually coming to a close. Today, cloud storage is helping to solve the ever-present need for more storage space to hold all of your digital property. But is all your personal data safe out there on the Internet?
To answer this question, we need to examine two things. First, we need to decide what constitutes data security. Is password access to the storage sufficient, or should files be fully encrypted on the storage device? Some of that will be up to you, but everyone should note these important security points:
Advertisement
- Passwords can be hacked. This doesn't mean that passwords aren't safe, just that they're vulnerable to dictionary and brute force attacks, as described in our article How Hackers Work. If you choose a cloud storage solution that relies on a password to access your data, choose a password that's difficult to hack with dictionary attacks, and change your password often to reduce the chances of success from brute force attacks.
- Passwords can be hacked. This doesn't mean that passwords aren't safe, just that they're vulnerable to dictionary and brute force attacks, as described in our article How Hackers Work. If you choose a cloud storage solution that relies on a password to access your data, choose a password that's difficult to hack with dictionary attacks, and change your password often to reduce the chances of success from brute force attacks.
- Data can be captured en route. Fortunately, most storage services will encrypt the data while it's traveling back and forth, making it impossible to read even if someone captures the files. If your cloud storage works through a Web app, look for "https" instead of "http" in front of the URL in your browser's address bar. That extra "s" indicates the form is using secure HTTP. If you have a standalone cloud storage app installed on your computer, check to be sure that app uses some type of encryption for its Internet exchanges.
- People are more dangerous than computers when it comes to hacking. Don't give out your password to anyone, even someone claiming to be from technical support. One of the biggest dangers for security is social engineering: creating a trust between the hacker and the end user that causes the end user to happily hand over personal information. Note that when you speak with the real technical support specialists, they'll require only minimal identifying information from you, and most likely not your password.
- Hackers usually want the most information for the least effort. This means they will likely attack the heart of a cloud storage service rather than its individual users. Thus, you probably want to find a service provider with a good history of keeping its clients' accounts and data secure.
- Your data isn't always immune to search and seizure by local government entities. In the U.S., for example, any cloud storage company could be served a subpoena requiring them to open their clients' data for government examination.
We also need to look at cloud storage providers to see which ones are doing the most to keep your information safe. Next, let's look at how the major cloud storage providers protect data and go over some tips for choosing a safe cloud storage service.
Advertisement