Let’s be clear: you need to store all that data somewhere. Hard drives were your only resort a few decades ago. Today, cloud is the new frontier on the data storage land, brimming with features.
So you’ve got data stored somewhere on cloud servers – your photos on Facebook, conversations in Skype, and projects in Asana – but what happens if one of these services take a knock and your data gets wiped?
Here’s the kicker: the cloud has many benefits (affordable prices, access to massive storage, remote accessibility), but it’s not 100% foolproof. Even if you trust the most reliable cloud services with your data, things can go awry at any point and a crash/failure may permanently destroy some data.
Why is data not safe in the cloud?
Cloud data storage has worked well for long, so it’s natural to assume that everything is safe, particularly because the transfer and backup process is transparent and automatic. However, cloud data is vulnerable to the same threats as the internet as a whole. Here’s a run-down of some of those threats:
Cyber-attacks: At any time you store information in the cloud, you are at a risk for a data breach. This storage format is of particular interest to cyber criminals as large volumes of data is stored by companies and consumers on cloud servers. An attack like distributed-denial-of-service can disrupt the composition of all this data. Codespaces had to close down its business due to data loss, which was a result of the DDoS attack on its cloud storage server.
Password hacks: Mat Honan, a tech writer, lost one single password to a hack, but because his accounts were kept under the same cloud storage service (referred to as daisy-chained), the hacker was able to get into his email account using remote access and wipe all the data on his MacBook, iPhone and iPad. Everything from important documents to family photos was gone forever. The takeaway? Besides software and hardware failure, even user error with the cloud can contribute to data loss.
Server crash/failure/outage: Amazon’s EC2 cloud services crash destroyed some data on a permanent basis. While the data loss was small compared to the total data stored, it was catastrophic for some companies. Chartbeat, one of Amazon’s customers, had to inform its clients that 11 hours of historical data was deleted permanently.
Can you do something to prevent cloud data loss?
While most of the threats to cloud computing are unpredictable (and some are unpreventable), users can take steps to mitigate the loss. Here are some measures you can take when signing up for a cloud storage service:
1. Create unique passwords for accounts
Check the passwords you use for your accounts. Are you using the same password for different services? If you answered yes, you may be setting yourself up for data loss. Instead, use a password manager and set up different passwords for different accounts. Password management services like LastPass and RoboForm can help you generate hard-to-guess passwords and save them on devices you frequently use to access cloud storage services. However, you will need to protect your devices as physical theft may lead to password compromise.
2. Activate two-factor authentication
Two-factor authentication may not be foolproof, but it’s an important step in securing the data stored in your accounts from threats like cyber attacks. So make sure you’ll be notified if a cyber criminal tries to manipulate your password, and if there were security questions involved in setting up a password, make sure to select obscure questions. Services like Twitter, Facebook, Google, Rackspace, WordPress (plugin required) and Amazon offer two-factor authentication to their customers.
3. Review connected accounts
Review connected accounts with access to your cloud data. In Box and Microsoft services, for example, you can review your connected accounts under the settings menu. If there are connected accounts that you discontinued, remove them. You don’t want an account that you no longer use become the gateway for hackers to access your active account. Keep lists clean on cloud storage services and social media networks.
4. Use an encrypted service provider
In case of highly sensitive information, it’s important to encrypt the data with a program like Boxcryptor before storing it in the cloud. Another thing you can do is select a cloud service provider that offers local decryption and encryption of your data in addition to backup and storage. It removes the need of using a data encryption program and reduces the possibility that server administrators or service providers will have access to your data (also referred to as zero-knowledge privacy).
5. Backup to other sources
Don’t store everything in the cloud if you want to give yourself a good chance to restore data when failures and outages occur. Back up your mission critical information to a local server; while this may sound cumbersome to do, there are many applications with data export settings to make the process seamless. You can also create a few copies on external hard drives to avoid permanent data loss.
6. Review the terms of service agreements
While terms of service agreements may appear as a burden to go through, they often include important considerations pertaining to privacy and security policies. If anything gives you a pause, ask the service provider or the customer support department what a given clause implies, or use a search engine to read opinions of others. If your cloud provider is known to update its terms and policies frequently, ask the company to notify you of the change.
These steps will minimise the chances of cloud data loss. Additionally, if there’s anything you’d hate to part with, or anything you’re worried an overzealous service provider may snoop your account over, take it off the cloud and store it on your local server.
For consumers and businesses using or considering migrating data to cloud storage, all you can do is be prepared at your best. Apart from following the tips mentioned above, get to know service providers as much as you can.
Interested in hearing industry leaders discuss subjects like this and sharing their Cyber Security & Cloud use-cases? Attend the Cyber Security & Cloud Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.