Cloud Security

IN Resources | 18/09/2012
Cloud storage is a modern technology marvel that gives users an option to store their data on a network storage that can be accessed online. The users can easily access their data anywhere and anytime; provided they are connected to the network on which the data is stored. The advantages of cloud storage are quite evident: there is no need for hard drives or even pen drives to carry your data. Plus there are many cloud storage services available that provide varied amounts of free space and also additional space for a paid amount.
Windows Live SkyDrive is one of the most used cloud storage service from Microsoft. It provided an attractive 25GB of free space previously, but now has decreased the limit upto 7GB. Other cloud services like DropBox, Google Drive, IDrive, Binfire are also quite popular. Among these, DropBox—despite providing only 2GB of free space—is the most popular due to its easy usage. You can increase your free space limit to 8GB by getting 250MB for each invite that you send to your friend.
There are several options in each service in terms of how you want the data to be accessible on cloud storage. You can make the data personal, share it with a friend or even keep it public. All cloud services claim to provide data recovery in case of any data loss, and protection of privacy. Additionally, they ensure that data stored on their physical machines is secure with documented access. With documented access, users are able to track number of logins and time of each login so that unauthorized access into their accounts can be tracked. Although the assurances that such services provide are commendable, all disasters of course, cannot be prevented.
According to EPIC.org, “When users place their data and applications on centralized servers, they lose the ability to maintain complete control of that information. With the rise of cloud computing, critical and sometimes sensitive information that was once safely stored on personal computers now resides on the servers of online companies. Examples of such information include users email, banking information, and full backups of individuals' hard drives. This phenomenon creates a multitude of risks for the users.”
The data that you have on your personal drives that you physically access is fully controlled and edited by you. No one else has any control on it without your authorization or unless you lose them. But the instances of risks do increase when stored on space that you “actually do not own.” By storing data on cloud devices, your data becomes more easily accessible to cloud computing providers, law enforcement agencies and even hackers. In June last year, DropBox, while undergoing “programming changes which introduces a bug” actually left 25 million of its user accounts unlocked for 4 hours. Also three months earlier, DropBox was actually alleged to have lied to its users about Data Security.
Here is the text from DropBox’s help section. Please note after the opening sentence claiming that your files are safer on DropBox than even your own computer, it goes on to say in the third paragraph that “Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata (e.g., file names and locations). Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that’s the rare exception, not the rule.”
Therefore such possible breaches and data loss risks would be quite foolish. There are, fortunately, ways by which you can secure your data on the cloud.
Before getting to know how to do that, we must also cover a few more things:
  • That some cloud storage service providers do claim to encrypt your data but there is no better belief than self-belief. How strong is their encryption? There are barely any tests or third party tests available to prove that apart from tests by the companies themselves that provide cloud storage.
  • On several occasions, cloud storage providers depend on third party companies for storage services and many times for additional storage, which further add more parties to this chain—thereby increasing risks.
  • Data deletion is another thing that most users just think as another “normal element” in cloud storage. Well, it is not. The storage providers are under no obligation to tell you that your data has been deleted “securely.”And you must know that deleting data doesn’t mean the data has actually been erased or destroyed. It can still be there. And now it can be readily available with two more possible parties in addition to you, for security breaches and hacker attacks.
So how can you keep your data on the cloud and ensure that it is secure at the same time?
The answer to such a problem is encrypting your cloud based drive. One such easy to use and efficient program is BoxCryptor. This article provides you with the step by step process that you need to know while installing it and using it.

In case you are doing the storage encryption locally on your computer first, do not put the key generated from the encryption in the same folder on the cloud. This key holds the control on your data and only you must hold it. Therefore store it either on your computer or any device that you physically hold with yourself.

TAGS
Cloud Security
Subscribe To The Newsletter
Media Watch Briefs
Amazon resisting voluntary censorship
The new term for self censorship is voluntary censorship, as proposed by companies like Netflix and Hotstar. ET reports that streaming video service Amazon Prime is opposing a move by its peers to adopt a voluntary censorship code in anticipation of the Indian government coming up with its own rules. Amazon is resisting because it fears that it may alienate paying subscribers.                   
Let the games begin

Clearly, the run to the 2019 elections is on. A journalist received a call from someone saying they were from Aajtak channel and were conducting a survey, asking whom she was going to vote for in 2019. On being told that her vote was secret, the caller assumed she wasn't going to vote for 'Modiji'. The caller, a woman, also didn't identify herself. A month or two earlier the same journalist received a call, this time from a man, asking if she was going to vote for the BSP.                 

View More