For many businesses, cloud storage has become the new norm for storing and sharing files across departments. It’s highly convenient and gives employees access to data across multiple devices wherever they are. As more and more options become available, more and more of our personal and confidential business data gets stored on the cloud. But just how secure is that information?
After the iCloud celebrity photo breach, the use and faith in cloud storage declined, which also meant that the demand for security on cloud storage went up. It is important to note that computers, cloud storage and hybrid cloud storage are always susceptible and there is no perfect system, but that doesn’t mean you shouldn’t use one of the best and convenient pieces of technology out there. Instead, be smart about how you and your employees use it and follow these guidelines to ensure that your data is as secure as it can get on the cloud.
First and foremost, ditch the easy passwords. Nearly every website or account you use needs a username and password, and keeping track of those can be extremely frustrating and daunting which is why many resort to duplicating passwords or relying on easy info like birthdays to create passwords. But 90 percent of passwords can be cracked within seconds and it’s mere child’s play for a hacker to find out your employee’s mother’s maiden name, where they went to school, and even what hospital they were born in. Whether it’s for a shopping account, the office computer, cloud storage or Facebook, it’s time to stop relying on memory or clever tricks to keep track of passwords. Invest in a password manager and even require your employees to do so. Unlike some cloud storage sites, password managers such as LastPass or KeePass are completely dedicated to security.
Along with this, be sure to enable two-factor authentication for all of your accounts. Most bank and credit card sites already do this by asking you to provide answers to security questions for password resets. If not, you can check the settings and enable this feature or switch to a different provider that does. When using the two-factor authentication, lie or be creative with your answers. Say you were born in Phoenix rather than Raleigh where you were actually born. Also be sure that any connected devices or apps are up to date. For instance, Dropbox will remember your connected devices for years but if you sold an old laptop or upgraded your phone, you may have forgotten to turn off that connection, making it easy for hackers to sneak in. (You can check which devices are connected to your Dropbox by going into your account then select “Settings,” then the “Security” tab.)
As a third guideline, you should use an encrypted cloud service. If your company uses cloud storage to store confidential information and documents, it is important to define the level of privacy and protection you will need for your cloud storage. Services like Spideroak and Wuala provide local encryption and decryption of files in addition to backing up and storage. With encryption, service providers and server administrators won’t even have access to your files. Many providers will be hazy about what access they give themselves to your data doling out terms like “bank level security.” Review the security storage providers claim to offer and check their policies before storing your business’ information. If you do use the cloud for storing sensitive data, invest in a third-party tool to encrypt the data before storing it on the cloud. Keka and 7-Zip are both great encryption tools to use to encrypt files with passwords before they go onto the cloud. Although this may seem like an extra hassle, it’s a huge security boost for your company’s confidential information, which just can’t be justified not to do.
Additionally, don’t ever assume that cloud storage--or sync--is your backup. If information gets removed for your cloud storage, it’s removed from your local machine too. It is highly important, especially for your business, to keep more than one backup including one that is offsite. Hybrid cloud storage providers give you the benefit of cloud storage and cloud backup (like Crashplan) along with an offsite backup to ensure your data won’t get erased, and if it does, there are backups to restore lost data from. If you’d rather not use another cloud provider, be sure that all employees are backing up files on the cloud to your local backup servers and possibly even have a backup server that is offsite from the office in case of natural disasters. There are also many cloud storage options available today so it might be wise to use a variety of options and have duplicates on a couple storage sites in case one crashes.