“The cloud” is a physical place where access to digital information is stored.
While data kept on a cloud system is typically safer than information that is stored on a user’s own hard drive, some people are concerned about losing control over data they do not have physical control of on their own devices, especially after a 2014 mass breach exposed several high-profile celebrities’ nude photos stored on their iCloud accounts.
“While it may seem a bit disconcerting to push personal data outside of our homes and businesses to a public cloud, it’s actually more secure there than on our laptops, phones or even our traditional business computing systems,” Deloitte Consulting LLP Chief Cloud Strategy Officer David Linthicum told FOX Business.
There are a few different steps cloud users can take to ensure their information stays safe in storage, but first, let’s get a better idea of what the cloud actually is.
Microsoft, Apple, Google, Amazon and others have their own versions of physical cloud storage systems where files are transferred via wire to physical computer servers. Sometimes, cloud storage is the size of a small box, but for tech giants like Apple and Google, it can be the size of a building.
Here’s a picture of a Google Cloud data center in Taiwan:
Many of us, at some point in our lives, have received the same smartphone notification that reads, “Can’t take photo. Manage photo and video storage,” or something along those lines. That notification will then direct you to a cloud storage system, where you can upload old photos to make room for new ones.
It’s like a storage unit building for technology. Both are becoming more popular as humans continue to accumulate more stuff (help us, Marie Kondo), and both usually cost money.
Michael Coates, co-founder and CEO of cloud data security company Altitude Networks, similarly said that storing data on a cloud can be more secure than keeping that data on our own devices, but all data is vulnerable to potential attacks from savvy cybercriminals.
Coates said there are “three primary actions a consumer should take to protect personal information stored in cloud applications.”
1. Create a strong password and two-factor authentication
First, users should create strong passwords for their cloud accounts and two-factor authentication, or a two-step login process that often requires entering more than just one password to enter an account. Users may be required to also answer security questions or enter a verification code sent to a mobile phone number with two-factor authentication.
“This dramatically enhances your [account’s ability] to avoid being compromised by hackers who attempt a myriad of attacks including using programs to automatically guess your password or pulling your password information from other breaches and seeing if you’ve reused that password at other websites,” Coates said.
2. Be aware of how and with whom data is shared
Second, users should be aware of whom they share data with and always make sure to log out of cloud accounts when using shared or public computers. They should also “periodically review sharing settings for sensitive information,” Coates explained.
“Many cloud applications like GSuite, Box and Dropbox allow consumers to share documents and files with other individuals so they can access the information in the cloud as well. I recommend people periodically review who they share information with — especially in cases of breakups, divorces or similar, so sensitive information is not accessible to the wrong people,” he said.
3. Watch out for “sharing files by link”
Third, users should “watch out for ‘sharing files by link,'” Coates said, adding that they should instead “share directly to a specific email address instead.”
“It’s easy for consumers to be overwhelmed by the security options and choices in cloud applications,” he said. “A common mistake is to share a document ‘by link’ instead of directly entering an email address. In these scenarios that link could be forwarded on to other people, all of whom would have access to the file.”
Linthicum said the future of cloud computing security looks even brighter because “more investment has been made in cloud-based security technology in the last several years, and thus the more advanced security systems are currently in the public clouds.”
“Of course, smart people need to leverage the technology in the right ways,” he added.