A Guide to Cloud File Storage

Everything is about the cloud these days, but as we increasingly store our personal and professional data on remote servers it is essential to know that nothing is 100 percent secure.

clouds_title

For one, attackers can break into seemingly secure servers of major companies to steal all sorts of user data, including account login and password information. Just ask Evernote, Yahoo or DropBox. But the greatest threat can come from less intricate attacks that take advantage of readily available information like a user’s email or physical address to reset passwords to one account; once that is done it’s a short leap to crack into any number of other accounts and have your personal, professional and financial information exploited, your reputation tarnished and your data and online accounts deleted and destroyed. Just ask Wired’s Mat Honan — and if it can happen to a technology journalist, it can happen to you.

The greatest threat can come from less intricate attacks that take advantage of readily available information like a user’s email or physical address to reset passwords to one account.

Of course, we want to move everything to the cloud so we don’t have to store all of that data — our emails, music, photos, etc. — on our own hard drives and so we can access all that data on all of our devices. But the pitfalls of cloud security, as Kaspersky Labs’ research expert Costin Raiu notes, are severe.

“The risk here is that your data can be lost forever… or it can be stolen,” he says. “The people who steal it can use it for all sorts of bad things.”

So with so much riding on the cloud, how can you protect everything you put in it?

  1. Use two-factor authentication whenever possible. Google, Facebook and Twitter offer it, and an increasing number of other sites do too. It’s not the fastest way to get to your data, but it makes everything you value a whole lot safer.
  2. Use different passwords for different accounts. This may be hard to keep track of, but you can use a password manager to help you keep track of all of them.
  3. Use different logins. Don’t use similar logins — such as first letter/last name followed by @gmail.com or @yahoo.com — for different accounts.
  4. Create single-function emails for financial and recovery information. Make an email account for any account that has a credit card or banking information to it. Make a separate account for password and account data recovery information.
  5. Physically backup your data. The cloud will fail somewhere along the way, so anything you can’t live without should be backed up regularly onto multiple drives and in multiple places. Store this data on a PC as well as an external hard drive, and keep one of those physical backups in a safe location outside of your home — your office or your parents’ home, for instance — so that data isn’t lost in the event of fire or burglary or some other unplanned disaster.
  6. Take Extra Precautions with Specific Data. There are three levels at which you can protect particular data.
    • The lowest level is to password-protect specific Word and Excel documents — do this by clicking ‘Tools,’ then selecting ‘Protect Document’ and then entering a password.
    • The next step up security-wise is to encrypt and compress files in RAR or Zip formats and to protect those folders.
    • An even higher level of protection is to use, for the truly sensitive stuff, an encryption programs like those included in full system security suites like PURE 3.0 are designed to lock your data up in Fort Knox-style safety.
  7. Passwords, passwords, passwords. The simplest way to protect any and all information is one of the simplest — creating and using extremely strong passwords (and not duplicating them across accounts… see step 2). Do not use any word that would be found in a dictionary. Don’t use dates or names, either. Make them long — 18-plus characters with numbers, letters and non-alphanumeric symbols. Remembering them might be hard at first, but password managers can help with that (see step 2 again.
  8. Protect all your devices – Be sure all devices you use are equally secure by using the latest protections available. Use Kaspersky Mobile Security on Androids and Find My iPhone for Apple devices. It is also important to add extra security measures like a password or PIN lock for your mobile devices.
  • Share
  • Pin It

Comments

  1. Rob Monson says:

    I disagree with number seven. While there are good password manager products available, expecting most end users to use them is simply not realistic. The simple fact with passwords is that if the person cannot remember it, without “writing it down”, digitally or on paper then they’re not very useful. Certainly, it is important to separate password types and to use unique passwords for high security things, like banking, taxes, investments, etc…, but they should be something with a good length and memorable. Passwords are all about bits of entropy and having a 24 character password, is better than an 18 character password, regardless of whether or not it has upper case, numbers or special characters in it. People should pick several (meaning 3-5) words that they will remember and use them together to form a password that will be memorable to them. Then they should change that password on a regular basis, or if you have any thought that your password(s) are compromised. Simply doing this would resolve the majority of hacks that target most users.

    Of course that’s just my opinion.