“Is it safe to trust the cloud? I’ve heard over and over again about how the benefits of “the cloud.” I’m worried though that if I store all my data on someone else’s servers, it won’t be secure. Or even worse, the government will have access to it. Can I trust the cloud?”
Great question, Marcus! Cloud computing isn’t a new concept — it’s been around since the 1950s — but over the last decade, the term has really taken off in a big way.
SEE ALSO: The Beginner’s Guide to the Cloud
In the past, one of the primary concerns about the cloud was reliability — could you count on it to be available when you need it? Today, most major cloud offerings are at least as reliable as any other solution. Instead, we’ve seen concerns shift to the “security” of data stored on the cloud. (Thanks a lot, NSA.)
Whether or not you can “trust” the cloud often depends completely on what you are doing and what type of service you are using.
When we talk about the cloud, we’re usually talking about a few different things. First and most commonly, we have consumer or business facing cloud-based applications and services. The most popular example here is something like Dropbox or Google Docs. Rather than running an application off of your computer, you run an instance — usually in a web app (but you can do it using mobile too) directly from the Internet.
The other part of “the cloud” is the broader idea of cloud computing. This is what companies such as Rackspace and Amazon Web Services and Heroku, where you can power applications, databases or tools that you specify, using clustered groups of computers. Instead of having to maintain your own rack of servers to create an application, you can rent time and computing power from companies that will only charge you for what you use.
For the sake of simplicity, we’re going to ignore cloud providers for now, and just focus on the trustworthiness of consumer and business-focused cloud services.
Find Out If You Can Use the Cloud
Not all data can be stored on a “public” cloud — meaning a cloud server that is maintained by someone such as Google, Amazon or Rackspace.
As we discussed earlier this month:
Individual states and countries have different laws governing how data is stored, according to the report. This is especially important for data sets containing sensitive information or otherwise raise privacy concerns. Make sure you know where your data centers are located and what those states’ or countries’ regulations are regarding data storage. (As an example, the report revealed that storing your data in a cloud with data centers in the United States may make it possible for the U.S. government to look at your information through the Patriot Act).
If you are working with data that has certain types of security requirements, no, you probably can’t “trust” the cloud. In fact, that’s why Adobe has a version of its new Creative Cloud software that is decoupled from the public cloud — specifically because some government organizations or businesses have policies that preclude using software that can interact with a public cloud.
Look at the Security Features For Your Cloud Service
Most major cloud services — including Google and Dropbox — offer a level of security and encryption for data. Still, some data is safer than others.
Google recently added AES-128 bit encryption to its Google Cloud Service.
Something to consider when sending data to the cloud is whether or not you can send it in an encrypted state. For example, I use the password management app 1Password. 1Password stores my password database on Dropbox, so that it can sync across my devices.
However, 1Password doesn’t just rely on Dropbox’s security. It also encrypts the data beforesending it to the cloud.
Any time you have the opportunity to encrypt data beforesending it to the cloud, take it.
Any time you have the opportunity to encrypt data beforesending it to the cloud, take it. That way, even if the cloud is accessed, your data still has another layer of protection.
How Safe Are Alternatives?
Government regulations and policies aside, it’s important to consider how trustworthy alternative solutions are.
For instance, even though Windows and OS X are very secure operating systems, users are still the victim of phishing attacks that can allow nefarious persons to remotely login and access their files. You should consider, “Is the cloud any more secure than my own computer on an open Wi-Fi network.”
Moreover, in most cases, a major cloud storage company is going to have better security for its setups than a locally managed server you maintain yourself.
Make Sure You Can Trust Yourself
When cloud solutions are compromised, the people that suffer the most are those that do a poor job protecting their passwords and access to their accounts.
Remember how we talked about the importance of two-factor authentication? Regardless of the trustworthiness of the cloud — it makes sense to do your part of keeping your passwords secure and different.
Full disclosure: I trust the cloud with all kinds of sensitive and important information. I just make sure that the most important data is encrypted first, encrypted on the cloud server and that I use good passwords.
Do you trust the cloud? Let us know in the comments.