Just how secure is the data you store in the cloud?
In 2019, the story of a man named Monty Munford grabbed headlines.
Like everybody, his noble desire for financial security and an equally strong fear of poverty led him to try his chances at cryptocurrency.
This was back in 2017.
It was not long before he had built an impressive cryptocurrency portfolio. At the time, he had amassed £25,000 worth of Ethereum and was well on his path to retirement.
That was when disaster struck.
For his convenience, he had decided to store a copy of his digital access key on the cloud (on a Gmail draft to be precise).
From his understanding, it would allow him to conveniently copy and paste his complex key whenever he needed access to his funds.
This was a decision he would regret for the rest of his life and one that leads us right where we started:
Just how safe is the data you store on the cloud?
What’s at Stake With Unsafe Cloud Data Storage
The Ethereum Mr. Munford lost would have a value of anywhere between $150,000 and $1,000,000 today, depending on when he bought or sold it.
You may not have realized it yet, but our lives have become so interwoven with cloud platforms to the point that we’re entirely dependent on their stability.
If they go down (or get compromised), they’re taking us down with them.
Your family photos, passwords, health information, business ideas, intellectual property and secrets are all at risk—and so is your reputation, online identity and future job prospects by extension.
Nonetheless, all is not lost. This blog will give you tips on securing your personal data as you navigate cloud storage and cloud file transfer.
1. Always Have A Plan B, The Essence of Data Backups
The sensitive information you store on the cloud is always at risk. This necessitates an effective contingency strategy to restore your data on the occasion you lose it, or it gets compromised.
You may not believe it, but nothing is too big to fail. Even Google (like the Titanic) can collapse tomorrow, rendering your non-backed data obsolete.
That established, embracing backups is cloud data security 101. Lucky enough, you’re spoilt for choice as far as backups are concerned. You can consider:
- Manually storing your sensitive data in external devices such as hard disks and USB sticks.
- Backing up your sensitive data to a network-attached copy.
- Leveraging hard copy such as paper if push comes to shove.
2. Maintain Good Online Hygiene
How you conduct yourself on the internet will determine the security of your cloud data at rest and in transit.
Unfortunately, in this day and age, every second you spend browsing the internet puts you in the crosshairs of a malicious user or bot somewhere.
You don’t have to spend too much time online before you’re being bombarded with pop-ups asking for your personal data or requesting system permissions.
Some of the actions you can take to secure your data when online include:
- Log out of your accounts on computers you share with others.
- Always log off (or lock) your computer after use, when taking breaks, or going to the washroom at Starbucks.
- Don’t enter your cloud storage passwords in devices you don’t own.
- Be wary of opening your cloud accounts on public or free Wi-Fi.
- Don’t accept random pop-ups from websites online.
- Have a separate account for browsing.
- Don’t fall behind on browser updates.
3. Embrace Password Management
People are not supposed to share their passwords. Well, they do, and you’d be shocked at the number of people who are overly generous with their passwords.
That’s not all. People are also not supposed to reuse their passwords. Well, that’s the only thing humans seem to have perfected as far as reusing, reducing, and recycling is concerned.
With this, you end up with a scenario where your Google Docs and Binance password is the same as your Netflix password, an account that you coincidentally share with your friends.
That’s a disaster waiting to happen.
However, all hope is not lost. With good key and password management, you can significantly reduce the inherent risk of passwords. Just ensure that you:
- Don’t end up reusing your passwords.
- Avoid simple, easy-to-guess passwords (123, birthdays, initials, etc.).
- Don’t share your passwords.
- Change your passwords regularly.
- Embrace biological authentication.
That established, manually managing your passwords can be a hassle. That’s why you should consider single sign-on as a solution to these problems.
A single sign-on (SSO) system manages your passwords, remembering them on your behalf and signing you out of accounts you’re no longer using.
4. Enable Multi-Factor Authentication
As you’ve seen, passwords are an ineffective means of protecting your data security. They may have worked once, but that was a long time ago.
Nowadays, passwords are the logical equivalent of holding an umbrella against a ravaging storm.
That said, there’s a saving grace, and it’s called multi-factor authentication or two-factor authentication (2FA).
Multi-factor authentication isn’t as complex as people make it out to be. In layman terms, it reinforces your passwords requiring more than one authentication factor to give access. MFA uses a three-pronged approach which includes:
- Authentication through something you know (password or pattern).
- Authenticating through the device you’re using (confirmation text or email).
- Authenticating who you are (biometric).
For example, with 2FA, a malicious user will need to prove that they’re in possession of your device before gaining access to your account.
In most instances, they’ll have to re-enter a code sent to your smartphone or email address, regardless of whether or not they have your passwords.
5. Don’t Store Sensitive Data
The best way to win a war is never to start one in the first place. The same applies to your data security over the cloud.
If you want to guarantee the complete safety of your sensitive information over free cloud storage, don’t store it on the cloud in the first place.
This sensitive information you should be wary of storing on free and insecure cloud storage platforms include:
- Personally Identifiable Information (PII).
- Your Passwords.
- Credit card information.
- Personal Health Information (PHI).
- Business ideas and intellectual property.
- Crypto seed phrases and passwords.
You’re probably wondering where you should store your sensitive information then. Managed File Transfer (MFT) is a safe, reliable, and effective cloud storage and transfer solution.
Besides automation and visibility, MFT will bring the following benefits to your cloud file transfer and storage:
- End-to-end encryption.
- Strict access control.
- The latest file transfer protocols such as SFTP.
- State of the art firewall services.
6. Share It With Organizations You Trust
The data you share on the cloud does not exist in isolation. You will often have to share it with third-party storage and sharing platforms.
This creates a problem for your cloud security because it leaves your fate in the hands of third-party providers you can’t control.
Mr. Munford lost his private keys not because he was careless but because of the inherent data security weaknesses of Gmail as a platform.
That would have never happened if he had embraced the services of Managed File Transfer (MFT).
An effective MFT solution would have leveraged end-to-end encryption, MFA, and access control to put his keys beyond the reach of anyone but him.
Some of the practices you can keep in place include:
- Using cloud services that focus on cloud security and avoiding generic ones.
- Leveraging the services of Managed File Transfer (MFT).
- Reading terms and conditions of cloud platforms.
- Knowing file transfer methods that work and those that don’t.
- Approaching cloud services such as Gmail and Microsoft with a healthy dose of skepticism.
7. Beware Of Phishing Emails
In the 70s, the Mob, Mafia or dictatorial governments would eliminate their competition by sending them parcels laced with toxic poison.
These days you don’t have to worry about cyanide-laced parcels. What you have to worry about, however, is receiving an email embedded with a malicious program.
All you have to do is click on a link, and there goes your privacy, business idea, family photos, or £25000 worth of Ethereum.
What makes it worse is that these phishing emails are cleverly built and crafted by masters of human psychology. Often a phishing email will claim:
- That you verify a suspicious login on your device.
- Your account has been hacked and needs urgent action.
- There is a problem with your Netflix or Amazon payment.
The following tips will help you identify and stop phishing hackers in their tracks:
- Beware of emails that are too good to be true (No! you didn’t just magically win $250k).
- Emails with bad spelling and grammatical errors (non-English speaking hackers).
- Emails from companies with public domain names e.g Facebook@noreply.com.
- Funny or misspelled domains such as apple-com or faceboook.com.
- Emails that ask for your personal contacts (phone number, social security number).
- Emails with suspicious attachments.
To identify a suspicious link, you can:
- Only open a link if you’re sure of its origins.
- Be wary of clicking on a link that you’ve never opened before.
- For buttons, use your cursor to hover above them and inspect their address before clicking.
8. Avoid Free Cloud Sharing or Storage Devices
In other areas of the tech world, free services are welcome. However, when it comes to your cloud transfer and storage, any solution that is offered for free should arouse your skepticism.
These services include:
- Free Wi-Fi.
- Free cloud storage.
- Free cloud transfer.
- Free anything.
Cheap is expensive, but don’t take our word for it; you can ask Mr. Munford instead.
You should consider avoiding services such as DropBox, Google Drive, and Gmail for sensitive data transfer over the cloud—it just isn’t worth it.
The data security offered by such services ranges from mild to non-existent. Fortunately, you have the added advantage of learning from other people’s mistakes.
9. Leverage End-to-End Encryption
Encryption enables you to protect your cloud data from compromises while at rest and in transit.
If all else fails and malicious users get access to your data, encryption will make it impossible for them to make any sense out of it.
That said, encrypting data on your own is a long and complex process. Even if you succeed, you burden yourself with the responsibility of storing a complex encryption key and the possibility of losing it altogether.
A better alternative is getting a cloud provider with state-of-the-art encryption and letting them worry about storing keys and whatnot.
Managed File Transfer (MFT) comes to mind. An effective MFT provider will encrypt your data with the latest AES 2 end-to-end encryption technology and protocols, assuring you of privacy and data security.
That’s a Lot of Work, But it’s Nothing MOVEit MFT Can’t Handle
More often than not, good is the enemy of the great.
A DIY cloud data protection strategy can only go so far. It won’t be long before the fatigue catches up and you lower your guard enough to compromise your privacy and data security.
What you need is an automated solution that will scale with you as you climb the corporate (or political) ladder protecting you from the consequences of past or present personal data failures.
For this, look no further than MOVEit Managed File Transfer (MFT).
Managed File Transfer (MFT) is a consolidated cloud security solution that brings together strict access control, backups, multi-factor authentication and end-to-end encryption within your reach in one platform.
Don’t know where to begin your journey to a safer, more reliable existence over the cloud? Join MOVEit today and make your cloud data security worries a thing of the past.