From personal use to corporate enterprise, cloud computing is used for resource management, accounting and digital storage. But there are some things both personal users and businesses should never store in the cloud. Here are some ways to keep yourself safe:
When it comes to laws, the Internet is still like the Wild West. Since the cloud isn’t in a specific country, it’s difficult for courts to determine what laws should be followed when illegal actions occur involving the cloud. Most of the popular cloud storage services are based in the United States, but much of the data stored there is from businesses and individuals overseas. Because of this there is confusion which laws regulate the privacy of foreign data. Should the laws of the country in which the data is stored be followed, or should the laws from the country which the data originated take precedence?
Another confusing aspect of cloud storage is the act of defining who has the legal authority to access data stored in the cloud. Most users believe their data is confidential because they created it and it’s password protected, but it isn’t that simple. While your data is oftentimes more secure from thieves and hackers on the cloud, government authorities can use the lack of laws to access your data, should they feel it necessary. Murky cloud storage laws mean you must be choosy about what you store there. Here’s some do’s and don’ts.
Never Store These
While large companies like Apple, Google and Microsoft all provide cloud storage services, even these companies aren’t immune to data breaches.
Personal information: Anything with a date of birth, Social Security number or passport information should be kept off the cloud. While cloud providers do have robust security — likely far better than any small business or home computer — it isn’t impervious, and in the event the state department comes knocking, you may be forced to yield that information.
Medical files, litigation strategies or tax information: Files such as these shouldn’t be on the cloud unless they are encrypted first, and even so, it isn’t a good idea. The best way to think about what to store on the cloud is to consider what you would share with a friend. If it is simple writings and project concepts, it’s probably safe. If you wouldn’t share it with your friends, it’s safer to keep it on an external hard drive that isn’t connected to the Internet.
When it comes to storing sensitive material on the cloud, there is a way in which to do so safely. Encryption is the best way to protect your data. There are a variety of programs that can encrypt files with a password before you upload them to the cloud. However, passwords can also be broken. Thieves can make educated guesses — based on security questions or simplicity — to gain access. Use a password generator to encrypt your files to ensure maximum protection.
While cloud storage providers have robust security against hackers, you can encrypt files to make it more difficult for anyone who breaches to gain access. Other steps you and your business can take to ensure sensitive material stays safe include:
Many identity theft prevention companies offer credit card, Social Security number and bank account monitoring. While you already know it’s not advised to store this kind of information on the cloud, if a hacker has gained access to your storage service, he could have also gained access to other accounts in your, or your business’s, name. A third-party identity theft prevention service not only monitors this information, but can actively help you recover from a data breach. By contacting the credit agencies — Equifax, Experian and Transunion — and notifying them of the security breach, these services can save you a lot of time and hassle.
Tripwire also has robust security monitoring options. With Tripwire’s constant cyber threat monitoring system, it can identify weak points in your digital infrastructure, and improve your security configuration. 360IP can communicate with your security in order to identify threats and target the most serious first. This product promotes accountability, measures progress and can improve the efficiency of your network. The policy management leverages up to 25 sources that can monitor a variety of platform combinations. With just a view clicks of your mouse, get a full overview of your internal network and the security protecting it. With SecureScan you can assess all the limitations of your network security and take steps in order to secure them. While SecureScan does identify the weak points in your cyber security, it titles them with a Tripwire ID instead of standardized CVE vulnerability and security designations. While SecureScan is helpful, it is also a free service and any shortcomings it has can be filled by the 360IP option Tripwire offers.
While there are many services and steps you can take in order to protect your identity and the identity of your clients when using cloud storage, there isn’t a way to completely guard against identity theft and data breaches by hackers. The only way to protect the most private and sensitive information is to not store it on the cloud. Many companies keep local data storage on site. This essentially cuts out the ambiguity concerning the laws of who can access that data. However, if the local server your company stores this sensitive information on is connected to the Internet via computer, it can still be the target of hackers and thieves.
There are many antivirus programs that offer packages for small and large businesses. Bitdefender, for example, has subscription options for over 50 seats, and as few as 5. With integration between both Mac and PC, Bitdefender provides the protection you need at the price you want. If your business does decide to use localized data storage, be prepared with a tough antivirus and firewall.