Millions of people use popular cloud solutions like Google Drive or Dropbox to store their data online and provide them with easy access. However, is our trust in the cloud misplaced?
The convenience of storing data on a cloud and being able to access it across multiple devices comes with a security tradeoff. Apple had a major hacking scare related to leaked iCloud credentials. In 2016, Dropbox reset many of its users passwords due to a data breach that took place back in 2012. Even celebrities like Jennifer Lawrence and Hayden Panettiere, became victims of malicious hackers who seized several intimate pictures from their personal cloud storage accounts. How can you be sure the information you store on the cloud is safe?
The simple answer is “you can’t.” It’s impossible to ensure complete security for files that are physically out of your hands. Nevertheless, there are a few steps you can take to make your data as secure as possible — and still convenient to access. Here are five ways to be proactive in the face of cloud security risks.
Let’s start with the basics. Create a secure password. Don’t use your real name, last name, or company name for your passwords. The names of your children, spouse or pets aren’t suitable either. To avoid the struggle with entirely random characters, you can use easy-to-remember but hard-to-crack passwords based on phrases that mean something to you. However, if you still find juggling multiple passphrases difficult, a password manager is your best choice.
You should also be extra careful with the security questions designed to verify your identity. Guessing or researching the correct answers to these questions is one of the most effective social engineering methods. You don’t want someone getting into your storage the way intruders got into those celebrity iCloud accounts.
Many online account services, such as Apple’s iCloud and Google Drive, provide users with an optional two-step authentication system. To access an account protected with 2FA, you need two different elements: something you know (like a password) and something you have (like a mobile phone). This makes it much harder for hackers to break into your cloud data account.
Make sure you read the provider’s terms and conditions and scrutinize their data protection policies before using their services. Yes, it’s boring, but it’s worth it. For instance, most people don’t read Apple’s iCloud terms and conditions and just click “Accept”. Upon closer examination, however, it turns out that Apple reserves the right to “pre-screen, move, refuse, modify and/or remove Content at any time, without prior notice and in its sole discretion” if Apple deems your content to be in any way “objectionable”.
No matter how reliable the cloud might seem, it’s always a good idea to back up your data somewhere else. There are numerous cloud storage services on the market today, which allows you to set up some secondary cloud accounts for backup purposes. Having a copy of your data on an external hard drive is also recommended.
Although the biggest names in cloud storage, like Dropbox and iCloud, may offer the most convenience, they are far from being the most secure. That title belongs to services that offer local encryption for your data. The key for this encryption process, also known as zero-knowledge proof, never leaves your device. Therefore, even the service providers themselves have no way to access your data or credentials.
Want more great online security and privacy tips? Sign up for our monthly blog newsletter below!