The cloud remains for many something of an unknown quantity as far as security is concerned, the truth is that data security is never black and white but rather fifty shades of grey.
Attaining a 100% secure data storage solution is akin to grabbing your shadow; you can get very close but will never actually do it. So you have to determine what is 'close enough' as far as cloud services are concerned. This determination may be decided for you if you are a business which is regulated and has to meet compliance requirements, and that may mean that not all your data can be stored in the cloud.
For consumers and most small business users though, the cloud is actually pretty secure these days. Data encryption is, if you'll excuse the pun, key here. Just about every cloud store will encrypt data in transit, that is as it's transferred into and out of the cloud, and some (usually if you buy the business version of the service) will encrypt it at rest, or while it is being stored, as well.
While data not being encrypted at rest, or if it is then the cloud provider managing the keys, does mean that the data can be indexed, de-duplicated, compressed and easily restored in a worse case scenario it also means that your data isn't as secure as it might otherwise be.
If you really want to ensure that your data cannot be peeked at, then encrypt it yourself BEFORE you send it to your cloud storage provider. If you have control of the keys, then 'the men in black' cannot borrow them for a quick peek without you knowing about it.
Taking control of your own data security by using an on the fly encryption service such as BoxCryptor for example, is a good step towards mitigating risk in the cloud. Another is to be aware that the weakest security link is not the cloud provider, but rather you yourself. Follow security best practise in terms of password construction and use (don't re-use passwords across services) as well as employing two-factor authentication where available and your risk mitigation level gets even better...
No comments:
Post a Comment