The cloud is here and offers many services to back up your data. However although your connection to send the files should be secure, is your data secure once uploaded?
The answer to this varies by service and is something you need to consider before signing up and sending files. Sure you may need an account to access your files, however what about all those data breeches that keep cropping up in the news? If your provider is hacked, what is the chance of them getting your files? What about the data IN those files? So what separates the ability for the hacker to have the files but not the data in them?
Encryption at rest
Encryption at rest is something that all cloud users should become familiar with. Basically this means that once your file is stored on the companies servers, it is stored using encryption so that it looks like a garbled mess. When you need this data, they use an encryption key to take the garbled data and make it visible and available to you to access again. Without the encryption key the data becomes very hard to obtain(assuming a proper implementation on your providers level). This key essentially “unlocks” the data when accessed to make it easily readable for when you need it.
So, how is your data stored online? As I mentioned earlier it varies by provider with my understanding is many if not most provide encryption at rest by default. Some provide encryption at rest and some only provide a secure tunnel to get your data to their data center. You should consult your online provider’s terms of service or customer service to find out the details of how they store the data when you may be sending important files to them. Usually businesses will need this feature and although not available for consumers may be available with a business plan for some cloud storage providers if it’s not offered as part of their basic services.
Why is this important?
Well, if you are uploading files that don’t contain personal information or that wouldn’t matter to you if they were suddenly available to the public you probably don’t have to worry much. However if you have private photos, sensitive documents including those that contain passwords, tax information or other items that could have monetary value in the real world(details on inheritance, wills, bank details), you will want to ensure these are kept local only, offline or if you really trust your provider enough and must have it backed up online, on their servers that use encryption at rest(even including additional encryption before upload for maximum security).
If your back up service does not use this method, the data is just as easy for a hacker or rouge employee to read as you can if your provider is breached or position is abused. Hackers and other internet bad guys are after any data that can potentially lead to money, so really the end goal is to prevent them from getting data that can harm you(from identity theft to other accounts being compromised such as banks or other online services).
Encryption isn’t bullet proof and depending on how the service implements it and what else may be included in a breach it may even provided no extra security. If the keys are stolen with the lock boxes, their contents can be opened. However in theory, services offering encryption at rest provide a great layer of security to the files they are storing and generally should be. So it is something to strongly consider when uploading files.
What You Can Do
So if you haven’t heard about this before, now is the time to look into this. Consult what files are synced to the cloud and how they are stored. If there are any important files that are stored without proper protections, you should remove them from the service or find a better way to secure them such as including individual folder/file encryption before sending them off into your providers hands. Also upgrading to a plan that includes encryption at rest would be advisable if you are storing any sensitive data. If you are really concerned and find that files with passwords or other readily changeable details have been uploaded, feel free to change these details and ensure they are not re-uploaded or at least without proper safeguards(initial encryption).
Also, as always when using these online services be sure to use a secure password. The odds of having your account breached via weak password are much higher than the cloud service being compromised. So always remember to use a strong password that is unique from all other passwords to ensure your files and your account stay as yours.