Tips for Protecting Your Personal Data in the Cloud Services
How can you be sure the information you store on the cloud is safe? The short answer is you can't. However, you can take some protective measures. Here are some Tips for Protecting Your Personal Data in the Cloud Services.
Back Up Data Locally
When it comes to managing data is to always have a backup for your data. Generally speaking, it is good practice to create electronic copies for any of your data so that you will still be able to access them even when the original is lost or has been corrupted. There are many cloud storage services available in the market today, which means you can set up some cloud accounts for backup purposes.
If you have data in the cloud, you should also manually backup your data in an external physical storage drive or device, like a hard disk or a thumb drive. This also allows you to access the information when you have poor or no Internet connection.
Avoid storing sensitive information in the cloud.
Many recommendations across the 'Net sound like this: "Don't keep your information on the cloud." Fair enough, but it's the same as if you asked, "How not to get my house burned down?" and the answer would be, "Do not have a house." The logic is solid, but a better way to translate such advice is, "avoid storing sensitive information on the cloud." So if you have a choice you should opt for keeping your crucial information away from virtual world or use appropriate solutions.
Use an encrypted cloud service.
There are some cloud services that provide local encryption and decryption of your files in addition to storage and backup. It means that the service takes care of both encrypting your files on your own computer and storing them safely on the cloud. Therefore, there is a bigger chance that this time no one -- including service providers or server administrators -- will have access to your files (the so called "zero-knowledge" privacy). Among such services are Spideroak and Wuala.
Spideroak provides 2GB space for full featured backup, sync, share, access and storage for free. However, you'll have to upgrade to Plus Plan for $10/monthly if you need more space. Wuala offers 5GB for free and paid accounts with the price depending on the amount of space you need.
When choosing the best way of protecting your information keep in mind how valuable that information is to you and to what extent it is reasonable to protect it. Therefore, the first thing you should do is to define the level of privacy you need and thus a level of protection for it. If you do not actively use the Internet to work, even a two-step verification involving SMS with a code sent to your mobile phone may seem cumbersome, though most people who use email for sending business data appreciate this option.
Not everyone is ready to pay for data to be stored, but if you use cloud storage for keeping corporate data, you'll find paying for safe and secure data storage reasonable. So try to strike that delicate balance between the required level of protection and the time/effort/money spent on it.
Encrypt the Data Before Putting it on The Cloud
If you choose not to use a cloud service that will help you encrypt the data, you can use a third-party tool to perform the encryption. All you got to do isdownload a cloud-protection app which will allow you to apply passwordsand generate secret key sequences to your files before you actually upload them to the cloud.
Encryption is, so far, the best way you can protect your data. Generally encryption works as follows: You have a file you want to move to a cloud, you use certain software with which you create a password for that file, you move that password-protected file to the cloud and no one is ever able to see the content of the file not knowing the password.
The most easy and handy way is to zip files and encrypt them with a password. To that end you can use B1 Free Archiver -- a free multiplatform compression tool. When creating the archive check the "Protect with a password" option, type in the password (keeping in mind the no. 3 rule) and only after that you can move it to the cloud. If you want to share it with someone just give the password to that person. Note that B1 Free Archiver zips files only in B1 format which makes the overall protection of your info more reliable.
The only software that opens B1 files is B1 Free Archiver, therefore you won't be able to open any B1 archive, even one that isn't password-protected, without this utility. B1 encrypted archives appear to be more safe and secure than the usual zip files.
In case you have more time and energy or want to provide an even higher level of protection for your files you can use TrueCrypt encryption software. It's an open source encryption program with which you can create an encrypted file (the so called "virtual disk") and keep all of your private files protected with a password.
TrueCrypt is a bit harder to use than B1 Free Archiver, but it gives you the choice of encryption algorithms (in addition to AES it also offers Serpent, Twofish, etc) some of which deliver a higher level of reliability. But at the same time it also has its drawback as compared to encrypted zip files.
In TrueCrypt you preset a precise volume of your encrypted file from the very beginning so a lot of space may be wasted before you fill it with data. The size of an encrypted zip file depends only on the data volume contained in it.
Read the Small Print of the Cloud Service Provider
Besides storing your data, some cloud services allow you to share your photos and files with others. This definitely sounds appealing, but sometimes these services come with a catch. There might be some fine print that they don’t advertise but will stuff in their Terms of Service (TOS) to make it legitimate.
For instance, back in 2011, Twitpic wrote in their TOS that sharing your pictures on their service gives them the right to ‘use or distribute‘ the pictures. They later apologised but further clarified that they can distribute the securing-cloud-data on Twitpic and affiliated partners, although the final copyright still belongs to the owner of the photographs.
While not exactly a dedicated cloud storage service, Twitpic puts forward a good case for why you should be cognisant of what to expect from your cloud provider, especially with regard to their security and privacy policies. Try to research online to find out if there are any bad reviews or caveats that you should be wary about. This will put you in a more informed position before you go ahead with their services.
Be serious about passwords.
You must have heard this warning a hundred times already, but yet most people do not follow it. Did you know that 90 percent of all passwords can be cracked within seconds? Indeed, a great part of all the sad stories about someone's account getting broken is caused by an easy-to-create-and-remember password. Moreover, doubling your email password for other services you use (your Facebook account, your cloud storage account) is a real trap as all your login information and forgotten passwords always arrive to your email.
Here is an efficient method of creating a secure password:
- Choose a random word (preferably a long one) -- for example, "communication."
- Now let's say you are signing up for Gmail. What you should do is add a "Gmail" word to the word you have chosen. Thus your password for Gmail will be "communicationGmail." If you sign up for Skype, your password will be "communicationSkype", for example.
Therefore, you need to remember only your "core" word and the structure of your password. To strengthen it even more you can add a certain number before the name of the service, for example your birth date. In that case your password will look like "communication12111975Skype", etc.
You can invent any other way of memorizing your passwords, the one that appeals to you. But the main point doesn't change - such a method is really simple and effective.
Be Wary of Your Online Behaviour
Sometimes, the security of your cloud data depends on what you do online, especially on public computers or connections. When using a public computer, do you opt to not save your password, and ensure that you logged out of your account after you are done? Saving your password and leaving it logged in exposes you to the risk of strangers accessing your data.
Do you tend to connect open and unsecured Wi-Fi hotspots in public places to log in to your cloud account? Such connections are typically unencrypted, which means that whatever you do while connected can be ‘sniffed‘ by a hacker on the same network. This can even include your login credentials for your cloud account! Just check out this useful article from NoWiresSecurity depicting what these hackers can actually see from unencrypted wireless networks.
Protect Your System with Anti-Virus & Anti-Spy
You may be using a secure cloud service provider which you absolutely trust, but sometimes the weakest link happens to be the computer system you’re logging in from. Without proper protection for your system, you expose yourself to bugs and viruses that provide penetration points for hackers to access your account.
Take for instance the presence of a Keylogger Trojan which attempts to track all your keystrokes. By embedding this malicious software to seemingly legitimate files, hackers will be able to get hold of your user ID and password if your system isn’t well protected enough to detect it, and if the login isn’t secured and encrypted.