Can Cloud Storage Security Heal the NSA Snooping Hurt?

Cloud Security If the recent data security scares had their equivalent in the banking sector, people would be raiding their bank accounts to stuff their money under the mattress. As things stand, more data may now be finding its way onto writable CDs and hard-drives, and less into the cloud. This is a shame, because the cloud can offer both affordable and reliable data storage, and a big improvement over the ramshackle data backup procedures that budget constraints forced many companies to adopt before. If only we could then be sure about data security, meaning privacy and confidentiality – is there a realistic solution?
The Things that Are Certain – Death, Taxes and Data Snooping?
If you’re going to store your personal or your business data on any medium that you do not own or control (or both), then you have to accept that someone else might access it. This might be through operator error, hacking, carelessness on your own part or government demands to the provider to turn over its records. Cloud storage is no exception. If you can’t guarantee that no-one else will ever see it, then the alternative is to at least store it in a form that is meaningless to any other observer; but that you can recover in its original form whenever you want.
Encryption as an Answer
Transforming your precious data into gobbledygook is what encryption does. Encryption is as old as the hills, uses complex mathematics, and is provided by a certain number of cloud storage providers. Google for example now auto-encrypts data for its paid cloud storage service. It uses the 128-bit Advanced Encryption Standard (AES-128). That may sound impressive, but what does it mean? It turns out that such encryption is ‘crackable’ – but only within 2 billion years using a ‘trillion machines each able to test a billion keys per second‘, to quote researchers from Microsoft, Belgium and France. Admittedly, you’d have to be very unlucky to have your encryption cracked at the first go, even if theoretically it’s possible.
Do It Yourself May Be Safer
The other more worrying factor about the cloud storage encryption described above is that the cloud provider does the encryption and can therefore decrypt as well. If you consider that your cloud storage provider can resist attempts by legal force to hand over your data, then you may feel the discussion ends here. If not, you may want to move to the next level of protection. One way to do this is to do your own encryption using products on the market such as Cryptonite and BoxCryptor. Another more recent development from cloud company Tresorit applies encryption to your files while they’re still in your computing device, before uploading them. However, this time the encryption key doesn’t go with your files: it stays with you and you are the only one to have it.
Common Sense is also Key
While encryption mechanisms get stronger and stronger, it’s worth taking a moment to think about the basics for cloud security as well. Hacking in general is still largely done by gaining people’s confidence and their passwords, and not just through brute technological force. Anyone who discovers a way into your PC and finds your encryption key, or who tricks you into giving up your password for access to your cloud data files, can get at your data, no matter how strong the encryption. So all the rules about making proper passwords and keeping them secret still apply. To paraphrase an old saying, cloud storage security starts at home.