Cloud computing has been around for two decades now. Almost everyone — students, professionals, entrepreneurs, non-profit organizations, Governments and Courts — have been using cloud computing due to its competitive advantages and accessibility benefits.
If your business is highly dependent on the cloud, you might have concerns about cloud security and rightly so. These days we keep hearing about data leaks, cyber hacking and Man-in-the-Middle Attacks. If you’re concerned about the security of your data stored on the cloud, this article is for you. Let’s buckle up and brace yourself as we discuss different ways to improve the security of your cloud data, and various encryption options available.
Why is Cloud Security Important?
Data Theft
One of the most important concerns is data theft. For example, when your data is in transit, hackers could intercept it in an unauthorized manner (known as Man-in-the-Middle (MITM) attack). They can view or access the data, steal your login credentials or even compromise your account.
Coordinated Cyber Attacks Against Businesses
These days we keep hearing about ransomware — a type of computer virus that blocks access to a victim’s private data unless a ransom (typically, a large sum of money) is paid.
While ransomware is more common with locally stored data on computers, if your business doesn’t have the required security measures in place, cybercriminals can compromise your cloud account and block access to your data for ransom.
Ways to Improve Security in the Cloud
Use a VPN
If you’re using Public Internet such as free Wi-Fi at an airport or a railway station to access data from the cloud, a hacker could intercept your data during transmission and steal confidential information. VPN protects your data by encrypting the information such as your login credentials, data in transit, etc. You can choose between free or paid VPNs, depending on your requirements.
This shouldn’t be a concern for popular cloud storage platforms such as Google Drive, OneDrive that automatically encrypt your data. However, if you’re using a less common or cheaper cloud platform, it may pose a security risk.
Password-protect & Encrypt your Files
Instead of uploading your files in the original format, it’s wise to compress them first. In addition to the security measures provided by your cloud service provider, you may password-protect the Zip file for an additional layer of security. Your file compression program may provide options to encrypt the contents of your files and file names. There are many freeware available such as 7-Zip File Manager, PeaZip Free Archiver.
Tip: You can save the time required to compress a large amount of data by deleting duplicate files. Download Clone Files Checker for free and run a duplicate scan. This will help you save time, bandwidth and create faster cloud backups.
Protect your Cloud Account with 2-Step Authentication
2-Step Authentication is a must if you’re serious about cloud security and privacy. Every time someone attempts to access data in your cloud account, they will need to verify their identity.
There are two ways to verify identity — enter the One-Time Password (OTP) sent to the registered mobile number or email id; or enter the code displayed in the linked 2FA app (such as Google Authenticator).
Open Source vs Closed Source
Google Drive
Open-source
Microsoft OneDrive
Open-source
Dropbox
Closed source (Often criticized by security experts for not revealing source code)
In Transit
Google Drive
Google protects your data using the TLS technology while your data is in transit. When you upload files to Google Drive, it establishes a secure HTTPS connection with modern TLS security encryption standards. Google’s TLS encryptions are rated A+ according to research conducted by Qualys SSL Labs.
Microsoft OneDrive
Your data is encrypted using 2048-bit keys.
Dropbox
Dropbox establishes a secure TLS connection and encrypts your data with the AES-128 encryption standard. An independent auditor Qualys SSL Labs rated Dropbox’s in-transit data security as A+.
In Transit Among Company’s Internal Networks
Google Drive
Google doesn’t just protect your data during the transit, it also encrypts it while transmitting within its internal network of powerful computer servers. When your data is transmitted from one internal server to another or synced across different servers for backup purposes, it is fully encrypted.
Microsoft OneDrive
Your data is encrypted during transit among Microsoft’s internal network of servers as an added security measure. The data is encrypted using the “best-in-class encryption” according to Microsoft.
Dropbox
No information is available regarding data in transit among Dropbox’s internal servers.
Storage
Google Drive
The data stored on Google’s servers is encrypted with the AES 128-bit cryptographic algorithm. AES-128 bit encryption is mostly considered less strong than AES 256-bit encryption, however there are no known reports of break-ins into this algorithm and it is being widely used worldwide.
In order to provide an additional layer of security, Google uses a rotating set of Master Keys to encrypt your data using the AES-128 bit encryption. Since the master keys are generated by Google itself, in theory, they can access your data in adherence to the Privacy Policy.
Microsoft OneDrive
Files stored in your Microsoft OneDrive account are encrypted with the AES 256-bit encryption algorithm and the master keys are stored in the Azure Key Vault.
Dropbox
Your data is securely stored with the AES-256 encryption standard. Dropbox holds your encryption keys so they can encrypt or decrypt the data in adherence to their Privacy Policy.