Remember the big celebrity photo hack in the summer of 2014? You may think it has nothing to do with you because you’re not a celebrity (or you don’t take racy photos of yourself) – but you might want to think again.
The incident happened when black-hat hackers targeted celebrities who used Apple’s iCloud service. Although stolen photographs may be the most memorable part of this incident, this attack also exposed text messages, call logs, address books – all vital, private information, of the kind that you might back up to a cloud service from your own phone.
We will show you some steps to take that will help you secure your cloud-hosted information
What IS the Cloud?
The first thing to know is, as Jason Segel exclaims in the movie Sex Tape:
“No one understands the Cloud!”
You may also hear the term “cloud computing”, which, according to WikiPedia, means a method “of deploying groups of remote servers and software networked that allow centralized data storage and online access to computer services or resources.” The phrase “cloud storage” is just using cloud computing to maintain or backup data.
Apart from the obvious cloud storage providers like GoogleDrive, DropBox and Amazon CloudDrive, by the definition above, a lot of the sites you or your business use are already in the cloud, including social media (Facebook, Twitter), webmail (Gmail) and productivity (Evernote). However, under the skin of the new cloud technologies, we’re just talking about how the basic internet has always functioned, and the same rules apply to ensure your data stays safe.
But how worried should you be about the cloud?
Business Use of the Cloud
The latest Netskope Cloud Report (released last week) notes that “15 percent of corporate users have had their credentials compromised.” Additionally, they found that “a quarter of all files in cloud storage apps are shared with one or more people outside of the organization.” As you might imagine, this is scary news for businesses of any size.
Also, poorly constructed business apps can lead to massive security issues for your users and liability issues for your business, as the recent Moonpig issue showed (we’ll be reporting more on that soon).
Personal Use of the Cloud
Corporations and celebrities aren’t the only victims of theft from the cloud. Everyday citizens are also vulnerable, and you should always take steps to ensure that your digital information is stored securely. Our New Year’s Resolutions of 2015 are a good place to start, but we have some suggestions for cloud security below, too.
How to Stay Safe and Still Love the Cloud
Whether you’re using the cloud for business, in your personal life, or both, you want to take security seriously. With that in mind, here are some ideas on how to keep your files safe when storing them in the cloud. This hecklist will help you make sure you’re taking the right steps to keep yourself and your data safe on the cloud.
- Strong Password – One of the simplest and best things you can do to keep your data safe in the cloud is to use a VERY strong password. This means not using common words as well as adding in numbers, letters in uppercase and lowercase, and a few punctuation symbols as well. The more unique and strong your password, the better chance you’re going to have of protecting your private data stored in the cloud.
- Separate Passwords – While this can be a pain depending on how many cloud applications you use, it’s a very good idea to use different passwords for each and every cloud service that you’re using. This way, if one is compromised for whatever reason, the bad guys don’t automatically have access to ALL of your accounts.
- Two-Way Authentication – Whenever possible, you want to use two-way authentication. This is when you have a temporary password sent to your smartphone. Once you have the code, you use that to access your files in the cloud. This code changes every time you sign-in, so you don’t have to worry about someone guessing the password to your accounts.
- Beware Social Engineering – Another big problem that some people aren’t even aware about is called social engineering. Basically, this means smooth talking your way into getting valuable information – like a username and password. If you get a strange phone call or email asking for your cloud login credentials, be aware that it’s probably an attempt to trick you into giving out the information you use to log in to one or several accounts.
- Check That App – Last but not least, before you install any apps onto your smartphone, tablet or any other device, do some research first. While it may look like the coolest free app ever, you want to ensure that it’s not going to secretly do things that you don’t approve of once it’s installed on your mobile device. Although most apps downloaded from reliable providers are tested and safe, doing your due diligence can go a long way towards making sure your data is not compromised by a poorly crafted or malicious app.
Do you have other tips for keeping information safe while using the cloud? If so, leave us a comment below and let us know what you think. When it comes to internet security, the more people that are talking about it and using better safety practices, the better off the internet (and the cloud) are going to be moving forward. Have thoughts? Leave a comment!