You may have worked in the cloud if you’ve ever created and shared a homework document in Google Docs, been on a project team in Basecamp, or used customer relationship management software like Salesforce. Or maybe you regularly dump your photos into Flickr, Shutterfly, or SmugMug to free up space on your devices. The cloud is a great way to improve productivity, expand digital storage capacity, and save money both personally and in business, but there are some things you should never store in the cloud.
How Cloud Services Are Vulnerable
Celebrity nude photo hacks and the Sony Pictures hack are only the latest in a long list of security breaches involving the cloud. Hackers can access files in the cloud in many ways, including phishing scams and cloud backup software apps.
Mashable’s Christina Warren found that it is relatively easy to break into an iCloud account, even for those without a strong tech background. She did it in the office where she works, using a cheap software program meant for law enforcement and IT professionals to recover data and perform forensic investigations. Warren says Apple should encrypt iCloud backups, stop storing iCloud authentication tokens in plain text, and use two-factor authentication for all cloud access. Until then, there are a lot of vulnerabilities.
Don’t Store These in the Cloud
Homework assignments, team projects without sensitive information, and your vacation photos from the past 10 years are all easier to store in the cloud than on your computer or numerous external hard drives. But what you shouldn’t send to the cloud includes anything you would have kept locked up in a fireproof safe or safety deposit box 10 years ago, or that your company safeguards for customers or employees.
Avoid cloud storage for the following items:
• Personal Identification and Financial Information – Anything with personal identification and financial information, especially social security numbers, credit card numbers, and driver’s license numbers, should not go in the cloud. This includes tax information.
• Medical Information – Medical information can be used for identity theft, and is subject to HIPPA, SOX, and other regulatory compliance handling.
• Business Information – Don’t use cloud storage for trade secrets, product development, and research and development data that impact business operations.
How to Stay Safe in the Cloud
When you use the cloud and want to ensure your data is protected, take some precautions. Learn about cloud safety and identity theft to help you make the best decisions about cloud usage.
The best way to keep sensitive information safe is to avoid storing it in the cloud. Ask yourself what would happen if the file you’re uploading to cloud storage was hacked into and stolen before you sent it. If it has your social security number in it, don’t send it. If it contains your credit and financial data, don’t send it. Make this a rule of thumb for using cloud storage.
When you use cloud storage, take some time to read the user agreement. You’ll learn the details of the service being provided and you may learn of extra security options. Strong passwords add extra security by making it more difficult to gain access to your cloud account. If you must send sensitive information to cloud storage, encrypt it first so that even if your account is accessed, the files inside won’t be accessible.
