Today we have a guest editorial as Steve is away on sabbatical.
Cloud security has gotten a bad rep. The NSA scandal with the PRISM program has contributed to a general feeling for distrust towards the entire cloud storage industry. If you look at any cloud storage review you will see they pretty much all offer at least 128-bit encryption if not 286-bit. The former is the same levels used by major financial institutions such as your local bank, the latter is used by the military. If these encryptions are so secure then why is the cloud security industry experiencing such distrust?
The answer lies in transfer. Many users do not realize that their data is most exposed during file transfer, and pre-transfer encryption is essential to ensuring optimal security of their files. Indeed, many cloud storage providers are incorporating this into their security protocols.
Another step of security that is crucial to the security of your files is different passwords. There has been a new bug that has spread rapidly over the internet, referred to as ‘heartbleed’. This bug targets server data and is able to access all of your most sensitive information that you have entered into the internet including: usernames, passwords, personal information, and credit card numbers. The most recommended solution to this bug is to have different passwords on all your different accounts, so if one account is attacked by the bug, that information cannot be used to access any of your others.
Furthermore, you should check if you cloud storage provider has the top certifications on offer. An example is SOC 2 or SOC 3. These reports both evaluate the levels of control exhibited by the service organization as it pertains to the overall security, accessibility, and processing integrity the service itself, as well as the to the information stored on the service.
Cloud security is far more effective than its reputation suggests. However, the security of your files are dependent on if you do your part. Firstly, do your homework before you choose your cloud storage provider. Ensure that they not only use the top levels of encryption available for your files during storage, but also pre-transfer encryption. You also need to make sure you provider has all the necessary security certifications. And finally, keep all you passwords different from each other.