Online data storage via the cloud is increasing exponentially. And for good reason. Businesses, schools and most organisations are discovering easy, low-cost online data storage offered by Google Drive, Dropbox, Box, Amazon Drive, Microsoft OneDrive and many more. The big question is; how secure is your data and how can you improve its security?
Online Data Storage End-to-End Encryption
We hear a lot about the virtues of end-to-end encryption, but what does it mean? Simply put, end-to-end means your data is effectively scrambled the instant it leaves your computer and remains that way while stored on cloud servers. This jumbled data can only be unjumbled by having the right ‘key’ to a unique code. As such, cracking that code would be no mean feat for a hacker trying to intercept the data. However, depending on where this key is stored, some systems can become vulnerable.
One Key to Rule Them All?
Commercial cloud services encrypt data with a specific key. Without this key to ‘unlock’ the data, it’s impossible to make sense of it. The key can be stored by the service or the client, but it’s normal for the cloud service to keep it. This way, users that need to access the data just need a password to do so. Also, this allows the service to perform tasks such as indexing to make user searches quicker and more convenient. However, this may also be the least secure option. Ultimately, if the keys fall into the wrong hands then it can leave your data open to theft, corruption, and even ransomware.
There are many tactics to create ultimate protection for your online data storage. For instance, try a double-encryption strategy. Double-encryption entails encrypting the data with your own software even before it’s uploaded to the cloud. Of course, this means it’ll require additional authentication to access it but it will also reduce some of the goodies available via cloud services such as live collaboration. Unfortunately, the fact is, it’s ex-employees that are a bigger threat than hackers when it comes to stolen data. To help protect against this, ensure you change passwords regularly and deploy a robust security policy.