How safe is the cloud?

By , 15 August 2016 at 17:30
How safe is the cloud?
Digital

How safe is the cloud?

By , 15 August 2016 at 17:30

Let me first start by saying, never put naked photos of yourself in the cloud if you don’t want people to see them.

Strike that, don’t take naked photos of yourself if you don’t want folks to see them! Every other week it seems we have some sort of celebrity cloud breach. And then there are folks like my dad who refuses to join Fitbit competitions because he wants to keep his data “in his home,” not understanding that this exercise and health data is already traveling with him wherever he goes, both via Bluetooth on his wrist and via the iPhone app that has everything in the cloud.

The biggest problem with the cloud is that nobody understands what the cloud is. Maybe part of our lack of trust in the cloud is its wispy, airy, intangible name. Let’s face it, the only financial transactions we take seriously in the cloud are when Super Mario is cashing in on Coin Heaven. But, when it comes down to it, even the FBI can’t crack into an iPhone, so I think it’s clear that we can assume that the cloud is getting progressively safer and more secure, no matter what reputation it has.

Cloud computing expert David Linthicum has even pointed out how the cloud is more secure than on-premise and other older legacy systems simply because of the fact that the cloud is newer, which means that those that work with the cloud and build in the cloud are building with extreme security in mind, getting creative and testing for any type of sophisticated or dumb security threat alike. In addition, these older systems are built like pieces of history, a mish-mash of different systems that were originally built for only one site, in-house. Now these systems built for internal use are being exposed to a global world that’s in the cloud.

Whether the cloud is the safest option or not, it’s here and you have to be prepared to work in it.

cloudbreach

The cloud is only as secure as the password to access it

What makes the cloud less secure is what makes the Internet less secure—human user errors, particularly crappy passwords. Just like we learn our ABCs and 123s, we should be learning password etiquette in school.

Another misconception my dear old dad has is that if he logs into such apps like Fitbit with his Facebook ID, it will automatically post his heart rate and step counts onto his Wall. This is another instance where the safer option of logging into a website is disregarded because of unclear marketing. We’ve already talked about how OAuth authorization—logging in through super platforms, mostly Google and Facebook and then Yahoo, Microsoft, LinkedIn and Twitter—are a more secure way to manage logins rather than juggling dozens of passwords or, even less secure, using the same password for everything. But let’s be serious, logging on with Facebook seems on the surface unprofessional and you certainly wouldn’t want hiring managers seeing the games you play showing up on your LinkedIn profile. This is a mistake because, well, the average person is just misinformed of what OAuth is and how it’s much safer.

Logging in with your Facebook or Google is actually one of the safest ways to access the cloud, as long as you have a secure and unique password for these logins. It’s recommended that you use one or two OAuth logins for all your dozens if not hundreds of apps, backed by a password that is at least 12 characters and that you can remember—longer the better, meaning song lyrics are hard to crack and easier to remember. Don’t do passwords that are easily found by checking out your public profiles, like kids’ and dogs’ names, birthdays and don’t do your favorite song you quote everywhere.

Another option to more securely access the cloud includes biometrics, so only the physical you and maybe those you’ve authorized can access your data. And, particularly when dealing with payments and banking, using two-factor authentication is recommended. This can be as simple as using a bank or credit card that’s connected to a pin only you know—which is why it’s great U.S. banks are finally getting the chips that enable it all. This can also mean that when you access the cloud from somewhere besides your home WiFi, you get an SMS notifying you and giving you a special code to type in. Of course blending these different types of secure authorization helps keep the cloud even more secure.

Basically, just because cloud computing has an insecure ring to it, doesn’t mean it is. As with all technology, if you follow common sense and do whatever you can to access it correctly, it can be a very secure way to store your information.

Do you agree or disagree? Tell us your #cloud #security experience at @TefDigital and @JKRiggins!

previous article

This is the first silicon-air battery that lasts more than 1000 hours

This is the first silicon-air battery that lasts more than 1000 hours
next article

Mindfulness: finding peace on the grid

Mindfulness: finding peace on the grid