Eight Tips for Secure Cloud are for are using the extremely useful services whose security are still regarded as uncertain. What users can do in this situation? Answer is obvious – we need to ensure our security more. These Eight Tips for Secure Cloud is definitely not the ultimate list, there are more points which we should check to maintain, but these points are nearly mandatory to check. Larger documents outside of your own computer storage, creating files or folders available to other people, isstill considered a small masterpiece of technology. For these today you no more need any engineering degree.
Dropbox, Google Drive, Microsoft Skydrive – only the list of few cloud storage providers. Except a few differences, all online storage solutions work with an identical principle : The user logs in to uses an username and a secret password known only to the user. With these data it user can log in to the online service and drop files or folders on the memory system of the provider, edit or delete. There are obviously more Cloud Services – all Social Networks, indeed are on Cloud.
Eight Tips for Secure Cloud : Know the Standards and Business Models
Small additional programs or the use of standard tools such as WebDAV facilitate integration into the local file system. WebDAV requests are aimed at a storage resource on a remote server – so here is direct access. Other solutions, for example the product or the use of the local clients to synchronize the data from the remote resource and in this way allow a faster access.
Typically the providers employ the freemium business model. This means that the basic service is offered free services and beyond, such as the expansion of space, are chargeable. The size of the free memory offered varies, depending on the provider, may be 2-5 gigabytes is free. So far, so easy to understand. But these can trigger Privacy and Security uncannily.
Eight Tips for Secure Cloud
Tip 1 – Read The Fine Print
Since there are so many providers, the choice is difficult. As with any contract applies here: The closer view of the business agreements is particularly important. As an example of security problems that can occur even at this stage, we want to remember the first version of the general terms and conditions of the Google service in certain countries : Here was the “fine print” – Google has the right to continue to use all documents created by the user. The company has this clause referred to as translation error in non-English speaking users and completely replaced the section. The incident shows clearly how important the business arrangements are for security and integrity of the data that you store in a cloud storage.
Tip 2 – Always Backup Multiple Times
Even if the seller always like to suggest that when using a cloud storage all data is absolutely certain from safety aspect : The online storage should never be the location for important data. These cloud services are a practical alternative to other storage media, such as traditional backup systems or external hard drive , as they protect against destruction or natural disasters on its own site. But they do not help, for example after hacking of the provider. If a service has been stopped because of economic difficulties, it can happen that data are gone in one day to the other or to none. So here is the only Note : Regular backups are important.
Tip 3 – Note the Server Location
There has been much talking in the media about the “Patriotic Act”and the sometimes it is reported for the European and Asian market to weak data protection policies in the United States. The discussions about the Patriot Act are known: U.S. authorities such as the FBI, CIA or NSA also without a court order can access information on servers of U.S. companies. This also applies to foreign subsidiaries of U.S. companies. These are even obliged the authorities to grant access if local data protection policies prohibits in another country.
Tip 4 – Protocol Issue
In 2012, one Institute published about The Security Of Cloud Storage Services with a security analysis of the online storage market. The overall result is a slap on the face for the industry, as none of the seven tested solutions were without defect. While the user assumes naively that the connection is protected between him/her and his/her service provider against unauthorized access, some vendors probably a little loose.
Tip 5 – Be Careful When Sharing
Many cloud storage offer the ability to share data with other users. We also refer here again to the aforementioned analysis of the researchers, who point out that the possibility of sharing depending on the technical implementation can be problematic. So some solutions generate very long, hardly predictable URLs to allow in this way for an exchange of data with an unregistered user. This also means that this data so freely available on the internet. Although no one would come up with this link, but the crawlers of the search engines may well be lucky and pick up the resources in the search.
Tip 6 – Use Own Encryption
Most service providers encrypt the files in the transfer process and store the data in-house servers. Sometimes it is the seller who can decrypt the files themselves. Really, the user must encrypt sensitive data already available locally, to prevent unauthorized access. This will ensure that an unauthorized access on the part of the provider or by a third party during transmission is impossible.
Tip 7 – Secure Your Own Computer
By default, Linux and UNIX (including OS X) are more secure than Microsoft windows. This is default behavior of the OSes. Its impractical to run a Windows computer without Antivirus and surf the Internet. Its quite normal for the others. The user must also observe the usual safety, for example, to keep programs updated. You must use an anti-virus software if you are using Windows and install updates for the operating system and all applications The secure cloud is meaningless if the risk is already present on the user’s computer.
Tip 8 – Cancel Account Properly
Who ever tried to use the free cloud services, the phenomenon known – many user accounts with different providers. Therefore, it is necessary to use different passwords and delete the accounts which you will no longer use. This overview helps lower the risk that a hacker is able to access the database of the service provider and gain access to your account.