Click here to get this post in PDF
In today’s world, a lot of things need to be done on the fly. Shifting your data from local storage to cloud storage can provide better security for and accessibility to data with virtually zero limitations on connectivity. This is why cloud services are becoming increasingly popular. According to a survey by LogicMonitor, by 2020, 83% of enterprise workloads will have shifted to the cloud. It seems to be the way of the future. That said, moving all your personal, sensitive information to this virtual world of the cloud can be unnerving. In the following article, we will go into detail about how your data is protected in the cloud, what are the different types of cloud storage and which are some of the big companies out there providing us with this service.
HOW SECURE IS YOUR DATA STORED ON THE CLOUD?
Let’s face it: anything that hosts sensitive data is prone to security breaches. Cloud Service Providers (CSPs) have to keep an intensive security regime running round the clock to protect the data of their trusting users. Following are some of the major security measures they take:
Automated Monitoring Systems:
The software infrastructures of the best cloud vendors often have monitoring algorithms integrated into them that detect suspicious activity. Dropbox, for example, has Securitybot. These detection systems are the first line of defense against any threat and upon registering one, they alert the security team, which can then take prompt corrective action.
Encryption:
Encryption is a process whereby data is scrambled into gibberish and can only be reverted back to its original form using a key. Cloud companies make use of strong encryption algorithms to protect your data. This means that when your data is at rest or is in use, it is sitting there completely unintelligible to whomever tries to access it without the key. If sensitive information is contained in there, it cannot be deciphered. Your data is also protected in transit i.e. when it is being transferred to the cloud. Cloud companies use Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols that allow users and the vendor to authenticate each other before communication and maintain confidentiality whilst communicating. Through this measure, if an intruder tries to sniff the data over the internet, they cannot get their hands on it.
Encryption protocols are taken very seriously by cloud vendors as without proper implementation of them, they cannot obtain the necessary regulatory compliances to stay In business. While encryption is not a 100% infallible, without the key, it takes a huge load of computing power to decrypt the data: a resource that is not readily available to data thieves. This is why encryption is able to grant strong security. We’ll talk a little bit about who keeps the encryption keys in the privacy section below.
Hashed Passwords:
While the data may be encrypted against forced access, if someone gets their hands on a cloud account’s password, essentially all they have to do is log in to steal your files. At the cloud company’s end, hashing functions are used to protect passwords. A strong hashing function for example bcrypt, almost irreversibly changes the password you enter into a different output called a hash digest. You can only go back to the original password from the digest through brute-force attacks which require a large amount of processing power. All the passwords are stored in files at the vendor’s end in the form of hash digests instead of plain text. If anyone gains access to these files, they will not get their hands on the passwords but instead to the hash digests, which cannot be used to access associated accounts or to get to original passwords. To strengthen passwords even more, salts are also added to hashed passwords.
Double Authentication:
Leading vendors provide the feature of two-step authentication, that requires users to submit a code sent to their personal phone number or email in addition to the password in order to log in to their account.
Data Logs:
Cloud vendors also have features like data logs, that keep a track of your file activity. In case a file goes suspiciously missing, you can check against this log as to when it was last there.
Could You Lose Your Data?
One of the greatest features that cloud storage offers is reliable back up. Services store up to three copies of your data on different servers often in different locations. This is called redundancy and it makes sure that your data has a high probability of surviving anything from a case of malware to a natural disaster. Of course, the former is more common than the latter. Malware can easily masquerade as harmless files. Cloud services aren’t invincible to such deception however, this is where effective back up can save the day. Good CSPs usually allow users to restore files to a date back in time. You can reset everything to the date prior to the malware infiltration. This means you don’t have to suffer data losses because of a virus.
Privacy: Who Can View Your Stuff?
If you have not made it public yourself, your data cannot be viewed by anyone except you, whomever you allow and on case by case basis, the cloud vendor too. Some vendors, after encrypting your data, keep the keys with them. Through this, they can provide you features like being able to search among your cloud data. With other vendors, you can opt to keep the keys with you so even they cannot view your data but you have to forgo the search feature.
But is it Really Secure?
It is pretty much safe to say that the best cloud vendors are doing more to protect data than can be locally done. However, they cannot protect against lapses on your part. This is why the companies issue certain safety guidelines:
· Set a good strong password that combines different types of characters and is devoid of common words or personal information that can easily be found out.
· Do not use your cloud account password on other websites as a vendor cannot account for their security.
· Turn on additional verification steps if your vendor provides any. This would be an extra layer of protection against intrusion.
Of course, after all is said, there can still be some apprehension about trusting the cloud; it does mean handing over your data to a third party. But that does not mean you have to blindly do so:
· You can thoroughly research a vendor before choosing one. Invest in names that have well-established reputations.
· You can continuously monitor and verify your vendor’s practices.
· You can sign up with a vendor that would allow only you to keep the encryption keys.
· You can add an extra layer of your own encryption to your folders before shifting them to the cloud.
Combining your own safe practices with the robustness of a top cloud vendor’s security infrastructure is the next best thing to burying your data beneath the sea!
Let us now look at what kinds of cloud storage are available to us as well as which companies are currently best at providing them.
TYPES OF CLOUD STORAGE:
There are mainly three types of cloud storage: Public, private and hybrid.
Public Cloud Storage: This is the most common sort of cloud service offered. The vendors own and control all the software and the hardware that your data is stored on. You play no part in the infrastructure but simply pay to rent a place on theirs. You can buy as much space as needed so it is scalable storage. It is also rigorously secured and monitored.
Private Cloud Storage: This type of storage is typically structurally tailored to the needs of an enterprise or an individual. The vendor and the enterprise can work together to decide what the infrastructure should be, which could either be set up on a third-party premises or the enterprise’s own. It is a more focused service and therefore has elevated security too.
Hybrid Cloud Storage: This is a mixture of both private and public storage. Often. Businesses need to meet both needs. Some data needs to be connected to the public and some to be kept confidential. With hybrid storage, a business or an individual can choose to store data under either category.
CLOUD STORAGE PROVIDERS:
When signing up for cloud storage services, compromise is a no-no. You need to make sure you are getting great security and reliability. This video by Cloudwards talks about things to consider when deciding your cloud vendor. Following is a list of some of the giant names in the game:
OneDrive offers 5GB of free storage. Among its advantages is that it can easily sync to Microsoft applications, which makes it good for collaborations. It offers both at rest and in-transit encryption.
Google offers a whopping 15 GB of free storage. It has strong customer support. It is great for collaboration and in app syncing. It offers both at rest and in-transit encryption.
Dropbox and Dropbox Business:
Dropbox offers 2 GB of free storage. You can get upto 18 GB if you refer 32 friends. It lets you view photos as well as play music and videos. It also lets you sync to Office online. It offers both at rest and in-transit encryption. Dropbox Business is great for collaboration.
Amazon Drive:
Amazon Drive offers 5GB of free storage as well as unlimited photo storage. It has fast file syncing. The company has come out with good subscription plans.
Apple offer 5GB of free storage as well as reasonable prices on their plans. Icloud is good for integration with other Apple devices. It offers both at rest and in-transit encryption.
None of the aforementioned services is zero-knowledge, however. This means that the vendors hold on to the encryption keys. If you are not comfortable with that then pCloud and Mega are two leading cloud vendors that are zero-knowledge and offer competitive services and prices.
You may also like: Cloud Security: Myths vs Facts
Great read!
Thank you for the mention.
-Jordan and the Cloudwards.net team