Public cloud security flaws: who’s viewing your files?
Secure cloud storage is a challenge facing many professionals today, especially small and mid-sized businesses. It’s clear that the cloud is going to stick around for a long time, and so everyone is looking for a way to get on board with it while still protecting their professional data.
But, the unfortunate truth about public cloud storage is that you can’t control who handles your data or how it is protected. If you choose the wrong service, your company files are exposed to the dangers of hackers, data leaks, seizure, and nosy cloud employees. It’s difficult to know who is looking at your data, but if you know the risks and costs that come with different services and cloud functions, you can better protect your privacy.
Do You Trust Cloud Employees?
If you are using a public cloud, that means you are placing your files in the hands of any personnel hired by that company to process data and shift it to the appropriate spaces. You can encrypt your files, but do you know that they stay encrypted once they get where you send them? Most public cloud companies claim to offer a "no-knowledge" environment for your data which means they can’t see anything you send, but that has been proven false in several cases.
The most notable of these cases is when you share your data through the cloud service -- cloud employees act as third party verification to be sure that all of the credentials are valid before sending the file to your intended recipient. If they choose, they can view the unencrypted data before it is re-encrypted and sent to the intended viewer. There have not been any proven cases of this, but the risk is enough to make professionals think twice about these services.
Where Can Hackers Get In?
The frustrating truth is that hackers find new ways around great security measures all the time, and defense against hackers will always be a step behind. Even if the public cloud company you work with has some of the best available security around, your data is still in danger when it is being moved around. Encryption is good protection against this unless your credentials have been stolen, but when your files are in between locations being uploaded or downloaded they can be attacked by a man in the middle approach. Many companies prefer to simply store their files on company servers on site so that they never travel outside of the firewalls they have in place. There is much less chance of a hacker gaining access to your files if you control who can access them and how, as well as where they are located.
Will Your Files be Seized?
Many public cloud companies have the best intentions when storing and moving your files, but they can’t control what other powerful parties may do. In the Microsoft case, the storage company was unwilling to turn over customer data to the government, but they were legally compelled to do so even though the servers were in Ireland. They may want to guarantee that your files will be completely protected, but it simply isn’t possible
Keep Others Out of Your Files with a Private Cloud
The best way to avoid nosy file peeking, high risk of hacker attacks, and uncontrolled seizure of your data is to maintain your own private cloud on your company’s premises. Then you are in charge of who sees your files and when, and they need never leave the protection of your own IT department and firewalls unless you deem it appropriate.
Image Credit: kurhan/Shutterstock
With nearly 20 years of open source experience behind him, Markus Rex founded ownCloud, Inc. with community leader Frank Karlitschek and long-time SUSE colleague Holger Dyroff, determined to bring secure file sync and share to business. Rex is responsible for all day-to-day management, yet never misses a chance to go under the ownCloud hood and tinker with fixes and QA.