Is Your Data Really Safe In The Cloud?

Is your cloud security up to scratch?

Do you use iCloud, Onedrive, Dropbox, an app that stores your passwords in the cloud, etc? Is yours data really safe up in the air where hackers can take strike?

These questions are definitely legitimate. No matter what a company might be telling you, there’s no sure way to know your data is secure.

If you’re asking our opinion, if a server has an internet connection it’s never 100% secure. Although, depending on the company, you can be fairly sure that nothing will ever go wrong. So who can we trust?

A news article was recently released titled “Chinese spies reportedly inserted microchips into servers used by Apple, Amazon, and others” (Link at the bottom) It’s typical of large companies to be infiltrated or attacked in a small way. Amazon alone reportedly has over 2 million servers worldwide. Surely, people can appreciate the difficulty in keeping every single piece of server hardware safe from malicious attempts to sabotage them.

Key Points

When it comes to the security of your data in the cloud there are 6 major points we recommend you take into consideration:

• Encryption – When using an application on your computer or transferring files/information to your device, it’s important that the data is encrypted. AES 256 encryption is the standard and you should see whether your cloud company is using this.
• Server location – It would definitely be optimal that your cloud server storage is at least located in the same country as you! A server located in Northern Africa would probably be less secure than a server located in Sydney Australia haha.
• Authentication – Two Factor Authentication (2FA) with a strong password is recommended when accessing your data. If someone were able to simply type in your dogs name and access your data, then there’s not a single cloud company that can protect you from that! Use a secure password with alphanumerical characters and symbols as well as 2FA which will reset the password.
• Local application security – Make sure your device is secure. No one should be able to just walk in and start downloading your data or copying your passwords. Your computer and phone should have a password.
• ISO/IEC 27001 – This is a security standard that is recommended but not required. This is a problem because, not all cloud companies will be adhering to these standard. Find out if your cloud company is certified secure.
• You! – This is pretty self explanatory. Don’t give out your passwords, don’ t click on dodgy email links, don’t download any programs from a third party website and always lock your computer/phone when you’ve stopped using it!

Keep all of these key points in mind when deciding whether you trust your data in the sky. Contact us if you’re unsure or still have questions.

Link

ISO/IEC 27001:2022 – Information security, cybersecurity and privacy protection — Information security management systems — Requirements