It wasn’t long ago that carrying around a thumb drive or external hard drive was the easiest way to make your data mobile. Then came the Cloud, or better said, storage services that use the Cloud, since the network of computers forming it has been growing since the dawn of the Internet.
Now, using Google Drive, Amazon Cloud Drive, OneDrive or one of the many other Cloud storage providers makes your data stationary in a place it can be accessed from anywhere.
What Is Cloud Security
Below is a YouTube Playlist that explains concerns of cloud security in simple terms.
Cyber Stealing Remains a Major Concern
With Cloud storage comes the obvious concern most users have: Is the data safe?
In 2015 alone, major data breaches occurred in which information was stolen from health insurers Anthem and BlueCross BlueShield, universities including Harvard and Penn State, password company LastPass and the Army National Guard. The Ashley Madison data breach exposed and embarrassed millions.
Multinational cyber gang Carbanak took a total of more than $1billion from 100 banks across 30 countries from 2014 into 2015.
These are just a few recent breaches. The entire list of companies that had information stolen in 2015 is startlingly long, and it likely includes one or more that have some of your information.
What proven means are available to keep data in the Cloud out of the wrong hands?
Best Practices For Securing Data Stored in The Cloud
Whether you’re an individual or part of a corporation, these steps will help ensure that the information you send to the Cloud is as safe as it can currently be made.
1. Know your data storage provider’s security strategy
However, Dropbox security professionals awoke to the potential and hardened the site’s security posture. One measure was to create an optional additional extra step for logging in.
Read the security information, User Agreement and Terms of Service for sites you’re considering. Most, like Apple iCloud, post information on what’s done to secure your information.
You might also want to know who has access to the data and the company’s policy for communicating information about a breach to users.
2. Have information backed up on the ground
Data stored in the Cloud can be lost or corrupted. Regularly backing up the information on an external hard drive that is not Internet connected protects against loss.
3. Encrypt your own data before sending it to the Cloud
In its simplest form, an encrypted document requires using a password to access it. Top encryption software brands include Dekart Keeper, File Encryption XP, SecureIT and Folder Lock. These products give you the ability to apply passwords and generate secure key sequences for any file before transfer and storage in the Cloud.
4. Use a company that encrypts all sensitive information
Pretty much all companies, both large and small, employ 128-bit encryption keys which are the most widely used in the industry, to protect most client data. Some use next-level 256-bit encryption for the most sensitive practices such as transferring and storing passwords and credit card information. Costa Pincuk, one of the experts from Praktika had this to say:
“There are no unhackable systems, local or remote. If the cost of hacking is higher than the resulting value, the hacking is unlikely to take place. There are many measures our company takes to make hacking very difficult and costly: enterprise level firewalls, 128-bit key encryption of traffic, 24/7 monitoring to list a few. A local system is a lot less protected against attacks.”
5. Use Strong Passwords
Most passwords can be cracked quickly. The longer and more diverse the password is, the tougher it will be to decode. The best passwords use one or more words, numbers and special characters. You can still make these memorable.
For example, for your Cloud storage account, a password might contain:
- Words associated with the purpose
- A loved one’s date of birth
- One special character
- A strong password based on that formula would be “filestorage01241990%” or something similar.
- More tips to create a secure password.
Data breaches will occur in 2016 and beyond. While there is currently no way to ensure 100% security, these best practices will make it far less likely that your information will fall into the hands of data thieves.
6. Don’t Use Same Password on Two Accounts
When hackers decode one password, they immediately try it with all other accounts associated with that person or corporation. The convenience of having just one password simply isn’t worth the risk it exposes your accounts to. Create unique passwords that are very different from one another. If one account gets hacked, you’ll be thankful they all weren’t jeopardized.
7. Keep Your Passwords Securely Stored
A strong password does no good if it can be easily found out. These dos and don’ts will keep help keep your passwords safe.
- Do not save passwords on browser – browser saved passwords can be easily stolen.
- Don’t keep a file in your computer of your usernames and passwords
- Don’t store them on your phone
- Don’t write them on pieces of paper taped to the back of your devices
- Don’t keep them in your purse or wallet, because if one is stolen, it’s quite possible your phone will be stolen too
- Don’t share your passwords with anyone, because you don’t know whether they’ll keep them private and secure
- Do memorize them using the memory helps noted above – purpose, date of birth, special character
- Do keep a list, if you must, in an offline location
- Do use a password manager designed to safeguard them such as 1Password,
Popular Password Managers
8. Keep Personal Information to Yourself
The more information about you a hacker has, the higher his or her success rate will be. You don’t have to be paranoid to take an untrusting approach to your info. Keep private your date of birth, last four digits of your social security number, mother’s maiden name, first grade teacher’s name and all the answers to questions some sites use as an extra step of authentication.
9. Embrace 2FA Security
Two-factor authentication, aka two-step verification, involves one quick step that adds a security layer to your accounts. The step is to enter a code in addition to your username and password. Not all cloud storage providers have 2FA security, but Office365, Google Drive, Dropbox and Apple iCloud are among the many that make it available.
Here are popular site and tools that support two step verification
- Google 2-step Verification
- Apple Two step verification
- WordPress has plugins that support two factor auth.
10. Stay off public Wi-Fi
Getting work done at the coffee shop beats sitting in an office, but it might make your data easy pickings for hackers. Many hacker groups have set up Wi-Fi hot spots for the purpose of stealing private data.
- Make sure your device operating system’s latest security updates have been installed
- Keep your devices off Wi-Fi until you’ve verified the exact name of the network set up by the establishment
- Use your VPN (virtual private network) when accessing sensitive files, though even this method doesn’t guarantee your information is protected
If you manage employees, it should go without saying that they must be instructed to follow these tips to secure your cloud data, and they should be held accountable for their online practices involving company data.
Philip Piletic – Originally from Europe, currently situated in Brisbane, AUS where I live & work for Praktika. My primary focus is fusion of technology, small business and marketing. I love to share my experience with others by contributing to several blogs and helping others achieve success.