30 Sep, 2019
With myriad options to store data — and feasibility to access it anywhere, using cloud storage services has become quite common these days. Since 2013 the number of cloud users has soared from 2.4 billion to 3.6 billion in 2018. If you have been backing up your camera roll to the cloud, you are one of them. But while doing so, have you ever been skeptical if it’s safe in the hands of your cloud provider? Or does this superior convenience come with potential risks like a breach of data or even data wipeout?
If you have then this article will help you to understand how secure is your data in the cloud. We’ll go through what are the concerns that cloud storage may face, how does the cloud providers address these issues and what steps you can take to protect your data.
There are two primary concerns when you store your data in the cloud: security and reliability.
Security – From backup of personal photos to important documents that need to keep handy — we store a range of data on the drive. But uploading it to the cloud means we are at the potential risk of compromising the data either to the hands of the service provider or to the hackers.
Reliability – Another major concern when it comes to cloud is reliability. You would not want to store your data in an unstable system or provider that’s prone to failure. While there are a very few chances of failure with the popular cloud service provider — as they practice various methods to address this concern — there are possibilities that the entire system could crash.
When users put trust in the cloud provider, it’s their responsibility to provide the best security and reliability. And to ensure this, most of the cloud providers follow a combination of security methods and practices. Here’s what Google has to say about it’s G Suite security.
“We’ve spent years developing one of the world’s most advanced and secure infrastructures. More than 700 full-time engineers—including some of the world’s foremost experts in computer security—work to protect your information. Security is at the core of our architecture, and we work to improve it every day. The Google security team has published hundreds of academic research papers on information security. It has led the way in discovering software vulnerabilities and broadly implementing protections like data encryption and 2-step verification.”
While every cloud provider may cater to different functionalities and features for security, here are some of the common security practices they follow.
Cloud service uses encryption to secure your data stored in the cloud. This means your data is converted into a conceal file that is gibberish and meaningless when stored. And you need a decryption key to decipher that is provided only to the authorised party. When your data is stored and encrypted, the key is passed to you so that you can access it anytime you want.
Authentication is a common mechanism for accessing the data from the cloud. It enables the access of the data only to the authorised person. There are various methods for authentication but the primary one is authentication through a username and password authentication.
Authorization makes secure sharing of private data possible. Here the user can grant access to the data stored in the cloud to the other people. The authorization may come in different levels such as a limit on access provided to the file. One of the best examples of this is Google Docs that lets you provide authorization to view, comment or edit the file.
Redundancy is the method to mitigate service failure by duplicating multiple copies of the data. Thus, if the actual data gets corrupted or the service faces some issues, the user can access the backed-up versions. This ensures that the users can access the data anytime even during unplanned system failures. Most reputed cloud storage providers backups the data on machines usually at least at three places.
Given that the high-security measures these cloud storage providers take, your data in the cloud is safe. But it doesn’t mean it’s not hackable or failure-proof. Even providers like Google and Amazon don’t claim to provide 100% reliability. Amazon claims to be 99.99999999999% (11 times 9) reliability on their website and even claims 99.9 percent reliability in the G Suit Service Level Agreement.
Of course, there are almost negligible chances of failure, but 99.9% is nowhere near being called unreliable. When it comes to security, there are chances that the encrypted data could be cracked but that would require an immense amount of processing power and time which makes it next to impossible. And if you want to take your cloud data protection one step further, you can consider the following measures.
Storing your data in the cloud to back up is a good idea –but an additional backup in local storage such as a desktop or hard drive gives you more reliability. It also ensures that you have access to your data even when you are offline or in the case of extended downtime.
The massive attack on Apple’s iCloud that questioned its cloud storage security was actually the result of vulnerabilities in Apple’s password security system. The cloud itself was not hacked but the weak and guessable passwords of the accounts were the real reason. This means you need to be extra vigilant about your account’s password. Follow the best practices to create a strong password such as a combination of numbers, symbols, upper-case & lower case letters, avoid using a dictionary word, use character substitution and most importantly don’t use a common and easy to guess password.
Even though security methods keep your data safe in the cloud, being an internet-driven service there are always chances of risks and vulnerabilities. If you are highly vigilant about your sensitive data, avoid storing it on your cloud. Instead, you can encrypt it and store on multiple local storages. If you want to keep sensitive files handy yet protected at the same time, use a vault app like Digital Private Vault. It will hide and lock your data such as photos, videos and notes on the phone itself and only you can access it when needed.
Encrypt your data before uploading to the cloud to provide an additional layer of security. Local encryption before uploading not only makes your data protected against hackers but also against the cloud providers as well. There are many encryption apps available in the market that makes this process a bit easier.
We live in an internet-driven era that is exposed to risks and vulnerabilities more than ever. That’s why we must be extra vigilant about the security of our data, understand the technology, its flaws and follow the best practices so that we don’t trade our security for the convenience and utility technology brings.