Cloud Security

IN Resources | 18/09/2012
Cloud storage is a modern technology marvel that gives users an option to store their data on a network storage that can be accessed online. The users can easily access their data anywhere and anytime; provided they are connected to the network on which the data is stored. The advantages of cloud storage are quite evident: there is no need for hard drives or even pen drives to carry your data. Plus there are many cloud storage services available that provide varied amounts of free space and also additional space for a paid amount.
Windows Live SkyDrive is one of the most used cloud storage service from Microsoft. It provided an attractive 25GB of free space previously, but now has decreased the limit upto 7GB. Other cloud services like DropBox, Google Drive, IDrive, Binfire are also quite popular. Among these, DropBox—despite providing only 2GB of free space—is the most popular due to its easy usage. You can increase your free space limit to 8GB by getting 250MB for each invite that you send to your friend.
There are several options in each service in terms of how you want the data to be accessible on cloud storage. You can make the data personal, share it with a friend or even keep it public. All cloud services claim to provide data recovery in case of any data loss, and protection of privacy. Additionally, they ensure that data stored on their physical machines is secure with documented access. With documented access, users are able to track number of logins and time of each login so that unauthorized access into their accounts can be tracked. Although the assurances that such services provide are commendable, all disasters of course, cannot be prevented.
According to EPIC.org, “When users place their data and applications on centralized servers, they lose the ability to maintain complete control of that information. With the rise of cloud computing, critical and sometimes sensitive information that was once safely stored on personal computers now resides on the servers of online companies. Examples of such information include users email, banking information, and full backups of individuals' hard drives. This phenomenon creates a multitude of risks for the users.”
The data that you have on your personal drives that you physically access is fully controlled and edited by you. No one else has any control on it without your authorization or unless you lose them. But the instances of risks do increase when stored on space that you “actually do not own.” By storing data on cloud devices, your data becomes more easily accessible to cloud computing providers, law enforcement agencies and even hackers. In June last year, DropBox, while undergoing “programming changes which introduces a bug” actually left 25 million of its user accounts unlocked for 4 hours. Also three months earlier, DropBox was actually alleged to have lied to its users about Data Security.
Here is the text from DropBox’s help section. Please note after the opening sentence claiming that your files are safer on DropBox than even your own computer, it goes on to say in the third paragraph that “Dropbox employees are prohibited from viewing the content of files you store in your Dropbox account, and are only permitted to view file metadata (e.g., file names and locations). Like most online services, we have a small number of employees who must be able to access user data for the reasons stated in our privacy policy (e.g., when legally required to do so). But that’s the rare exception, not the rule.”
Therefore such possible breaches and data loss risks would be quite foolish. There are, fortunately, ways by which you can secure your data on the cloud.
Before getting to know how to do that, we must also cover a few more things:
  • That some cloud storage service providers do claim to encrypt your data but there is no better belief than self-belief. How strong is their encryption? There are barely any tests or third party tests available to prove that apart from tests by the companies themselves that provide cloud storage.
  • On several occasions, cloud storage providers depend on third party companies for storage services and many times for additional storage, which further add more parties to this chain—thereby increasing risks.
  • Data deletion is another thing that most users just think as another “normal element” in cloud storage. Well, it is not. The storage providers are under no obligation to tell you that your data has been deleted “securely.”And you must know that deleting data doesn’t mean the data has actually been erased or destroyed. It can still be there. And now it can be readily available with two more possible parties in addition to you, for security breaches and hacker attacks.
So how can you keep your data on the cloud and ensure that it is secure at the same time?
The answer to such a problem is encrypting your cloud based drive. One such easy to use and efficient program is BoxCryptor. This article provides you with the step by step process that you need to know while installing it and using it.

In case you are doing the storage encryption locally on your computer first, do not put the key generated from the encryption in the same folder on the cloud. This key holds the control on your data and only you must hold it. Therefore store it either on your computer or any device that you physically hold with yourself.

Subscribe To The Newsletter

Journalists following up on a story on a secret diary that indicated the bribing and corruption of members of the Tamil Nadu cabinet by industrialist and mining baron Sekhar Reddy found that another diary was quickly doing the rounds, this time with the names of  journalists and alleged payouts to them in what is seen as a clumsy attempt to discredit their work. The News Minute editor-in-chief Dhanya Rajendran who quickly put out a screenshot of the offending page with the watermark 'Made by idiots' tweeted that journalists can make a lot of money if they want to but are here to do a job, with integrity!                    

Ravi Belagere, editor of Kannada tabloid Hi Bangalore, was arrested on Dec 8 on allegations  of hiring a contract killer to murder a fellow journalist, his former employee  Sunil Heggaravanahalli. Police found guns and ammunition in his home.  In June this year he was one of two editors to attract a jail sentence ordered by the Speaker of the Karnataka Assembly for breach of privilege following  allegedly defamatory articles against legislators. ( The News Minute)                              

View More