How secure is cloud data storage?
First of all, data stored by cloud computing technology is almost always stored in encrypted form. Accordingly, if you want to access such information, the unauthorized person must first "crack". However, these "keys" to cloud data security are not the same among service providers. In addition, there are simple ways users can apply to enhance the security of their data.
Who holds the "key" security?
All commercial cloud computing systems encrypt individual user data with a private encryption key. Without that "key," the files are just meaningless data.
Most cloud storage providers themselves manage their security keys, allowing their systems to see and process user data, such as indexing user data to serve the search later.
These services can also access the security key when users log in with their password and unlock the data so that the user can use it. This is much more convenient than the users keep their "key" themselves.
However, this method is less secure because, like the regular keys, when someone owns them, they can be stolen or misused while the data owner does not know.
Let the user take control
Few less popular cloud storage services, including Mega and SpiderOak, require users to upload / download data files through specific client applications that include encryption functions.
On a hand, this extra step allows users to manage their own encryption keys. However, in exchange for that extra security step, users will also not enjoy a number of useful features, including the ability to search for information among their cloud data files.
On the other hand, even if these services are not perfect, it is possible that the application itself may be manipulated or attacked by the network, allowing hackers to read the user's data files or before they are encrypted for uploading or after they have are downloaded and decoded. Also, if the user loses their password, the data can’t be retrieved.
In order to optimize the security of cloud storage data, it is best to combine the features of above different approaches.
Before uploading the data to the cloud, first use your own encryption software to encrypt the data. Then download the encrypted file to the cloud. Then, to access the data you need, log in to the account of the hosting service, download the file, and decrypt the data yourself.
In this way, of course, users can not take advantage of the benefits that many cloud services offer such as editing directly on the network or sharing documents or searching for files in the cloud data storage.
Meanwhile, the cloud service provider can still edit the data, change your encrypted file before you download it.
The best way is to use the method of data encryption with authentication. This method does not only save an encrypted file, but also helps the user to know what his or her file has been edited or not since it is created.
Finally, for those who do not want to spend their time coding their own data encryption engine, there are two basic options:
First, find a cloud service provider who has reliable open source for downloading software that is certified by an independent security professional.
Second, use the reliable open-source encryption software to encrypt the data before uploading to the cloud. This type of software is available and generally free or at a very low cost.
By: Scarlet Johnson