Are Cloud Storage Sites Safe

Passwords can be hacked.

This doesn’t mean that passwords aren’t safe, just that they’re vulnerable to dictionary and brute force attacks. If you’re cloud storage solution relies on a password to access your data, choose a password that’s difficult to hack, using numbers, lower case letters, uppercase letters and special characters, and change your password often to reduce the chances of success from brute force attacks.

Data can be captured while being uploaded or downloaded.

Most storage services will encrypt the data while it’s traveling up or down, making it impossible to read even if someone captures the files. If your cloud storage works through a Web app, look for “https” instead of “http” in front of the URL in your browser’s address bar. The “https” indicates the form is using secure http. If you have a standalone cloud storage app installed on your computer, check to be sure that app uses some type of encryption for its Internet exchanges. Keep in mind many services such as dropbox require a third party app to encrypt the data.

People can cause their own problems when it comes to hacking.

Don’t give out your password to anyone, even someone claiming to be from technical support. Hackers will often make calls claiming to be support in one form or another in order to create a trust between the hacker and the end user that causes the end user to happily hand over personal information. Note that when you speak with the real technical support specialists, they’ll require only minimal identifying information from you, and most likely not your password.

Your data isn’t immune to seizure by local government.

In the U.S., for example, any cloud storage company could be served a subpoena requiring them to open their clients’ data for government examination. It does not matter what country the data originated from. Some cloud services such as Amazon are up front about one of your security risks. In its user agreement, Amazon Cloud Drive declares its right to access your files and disclose account information to offer support and to ensure compliance, largely to enforce copyright law.

Posted in Information.