Just how secure is the data you store in the cloud?
In 2019, the story of a man named Monty Munford grabbed headlines.
Like everybody, his noble desire for financial security and an equally strong fear of poverty led him to try his chances at cryptocurrency.
This was back in 2017.
It was not long before he had built an impressive cryptocurrency portfolio. At the time, he had amassed £25,000 worth of Ethereum and was well on his path to retirement.
That was when disaster struck.
For his convenience, he had decided to store a copy of his digital access key on the cloud (on a Gmail draft to be precise).
From his understanding, it would allow him to conveniently copy and paste his complex key whenever he needed access to his funds.
This was a decision he would regret for the rest of his life and one that leads us right where we started:
Just how safe is the data you store on the cloud?
The Ethereum Mr. Munford lost would have a value of anywhere between $150,000 and $1,000,000 today, depending on when he bought or sold it.
You may not have realized it yet, but our lives have become so interwoven with cloud platforms to the point that we’re entirely dependent on their stability.
If they go down (or get compromised), they’re taking us down with them.
Your family photos, passwords, health information, business ideas, intellectual property and secrets are all at risk—and so is your reputation, online identity and future job prospects by extension.
Nonetheless, all is not lost. This blog will give you tips on securing your personal data as you navigate cloud storage and cloud file transfer.
The sensitive information you store on the cloud is always at risk. This necessitates an effective contingency strategy to restore your data on the occasion you lose it, or it gets compromised.
You may not believe it, but nothing is too big to fail. Even Google (like the Titanic) can collapse tomorrow, rendering your non-backed data obsolete.
That established, embracing backups is cloud data security 101. Lucky enough, you’re spoilt for choice as far as backups are concerned. You can consider:
How you conduct yourself on the internet will determine the security of your cloud data at rest and in transit.
Unfortunately, in this day and age, every second you spend browsing the internet puts you in the crosshairs of a malicious user or bot somewhere.
You don’t have to spend too much time online before you’re being bombarded with pop-ups asking for your personal data or requesting system permissions.
Some of the actions you can take to secure your data when online include:
People are not supposed to share their passwords. Well, they do, and you’d be shocked at the number of people who are overly generous with their passwords.
That’s not all. People are also not supposed to reuse their passwords. Well, that’s the only thing humans seem to have perfected as far as reusing, reducing, and recycling is concerned.
With this, you end up with a scenario where your Google Docs and Binance password is the same as your Netflix password, an account that you coincidentally share with your friends.
That’s a disaster waiting to happen.
However, all hope is not lost. With good key and password management, you can significantly reduce the inherent risk of passwords. Just ensure that you:
That established, manually managing your passwords can be a hassle. That’s why you should consider single sign-on as a solution to these problems.
A single sign-on (SSO) system manages your passwords, remembering them on your behalf and signing you out of accounts you’re no longer using.
As you’ve seen, passwords are an ineffective means of protecting your data security. They may have worked once, but that was a long time ago.
Nowadays, passwords are the logical equivalent of holding an umbrella against a ravaging storm.
That said, there’s a saving grace, and it’s called multi-factor authentication or two-factor authentication (2FA).
Multi-factor authentication isn’t as complex as people make it out to be. In layman terms, it reinforces your passwords requiring more than one authentication factor to give access. MFA uses a three-pronged approach which includes:
For example, with 2FA, a malicious user will need to prove that they’re in possession of your device before gaining access to your account.
In most instances, they’ll have to re-enter a code sent to your smartphone or email address, regardless of whether or not they have your passwords.
The best way to win a war is never to start one in the first place. The same applies to your data security over the cloud.
If you want to guarantee the complete safety of your sensitive information over free cloud storage, don’t store it on the cloud in the first place.
This sensitive information you should be wary of storing on free and insecure cloud storage platforms include:
You’re probably wondering where you should store your sensitive information then. Managed File Transfer (MFT) is a safe, reliable, and effective cloud storage and transfer solution.
Besides automation and visibility, MFT will bring the following benefits to your cloud file transfer and storage:
The data you share on the cloud does not exist in isolation. You will often have to share it with third-party storage and sharing platforms.
This creates a problem for your cloud security because it leaves your fate in the hands of third-party providers you can’t control.
Mr. Munford lost his private keys not because he was careless but because of the inherent data security weaknesses of Gmail as a platform.
That would have never happened if he had embraced the services of Managed File Transfer (MFT).
An effective MFT solution would have leveraged end-to-end encryption, MFA, and access control to put his keys beyond the reach of anyone but him.
Some of the practices you can keep in place include:
In the 70s, the Mob, Mafia or dictatorial governments would eliminate their competition by sending them parcels laced with toxic poison.
These days you don’t have to worry about cyanide-laced parcels. What you have to worry about, however, is receiving an email embedded with a malicious program.
All you have to do is click on a link, and there goes your privacy, business idea, family photos, or £25000 worth of Ethereum.
What makes it worse is that these phishing emails are cleverly built and crafted by masters of human psychology. Often a phishing email will claim:
The following tips will help you identify and stop phishing hackers in their tracks:
To identify a suspicious link, you can:
In other areas of the tech world, free services are welcome. However, when it comes to your cloud transfer and storage, any solution that is offered for free should arouse your skepticism.
These services include:
Cheap is expensive, but don’t take our word for it; you can ask Mr. Munford instead.
You should consider avoiding services such as DropBox, Google Drive, and Gmail for sensitive data transfer over the cloud—it just isn’t worth it.
The data security offered by such services ranges from mild to non-existent. Fortunately, you have the added advantage of learning from other people’s mistakes.
Encryption enables you to protect your cloud data from compromises while at rest and in transit.
If all else fails and malicious users get access to your data, encryption will make it impossible for them to make any sense out of it.
That said, encrypting data on your own is a long and complex process. Even if you succeed, you burden yourself with the responsibility of storing a complex encryption key and the possibility of losing it altogether.
A better alternative is getting a cloud provider with state-of-the-art encryption and letting them worry about storing keys and whatnot.
Managed File Transfer (MFT) comes to mind. An effective MFT provider will encrypt your data with the latest AES 2 end-to-end encryption technology and protocols, assuring you of privacy and data security.
More often than not, good is the enemy of the great.
A DIY cloud data protection strategy can only go so far. It won’t be long before the fatigue catches up and you lower your guard enough to compromise your privacy and data security.
What you need is an automated solution that will scale with you as you climb the corporate (or political) ladder protecting you from the consequences of past or present personal data failures.
For this, look no further than MOVEit Managed File Transfer (MFT).
Managed File Transfer (MFT) is a consolidated cloud security solution that brings together strict access control, backups, multi-factor authentication and end-to-end encryption within your reach in one platform.
Don’t know where to begin your journey to a safer, more reliable existence over the cloud? Join MOVEit today and make your cloud data security worries a thing of the past.
View all posts from Victor Kananda on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
Let our experts teach you how to use Sitefinity's best-in-class features to deliver compelling digital experiences.
Learn MoreSubscribe to get all the news, info and tutorials you need to build better business apps and sites