Tips for protecting your personal information in the cloud
The days of carrying data in flash drives have come and gone. The cloud has become a place where everyone meets and exchanges information, and many people now resort to personal cloud accounts in order to backup, store, and access their data anywhere and anytime. Basically, the cloud has become a place where data is being kept permanently.
But can you be sure your information is safe and secure out there? The short answer is you can’t. You’ll hardly find any universal rules or laws that could be applicable to any user and any cloud service irrespective of geographical boundaries or residence. Today’s legislature in the area of information privacy consists of plenty of declarations, proposals and roadmaps most of which are not legally binding.
However, you can take some protective measures. Here are a couple of practical tips to keep your cloud data secure:
- Back up data locally
The no. 1 rule when it comes to managing data is to always have a backup for your data. Generally speaking, it is good practice to create electronic copies for any of your data so that you will still be able to access them even when the original is lost or has been corrupted.
- Read the user agreement of the cloud service provider
If you are not sure what cloud storage to choose or if you have any questions as how a cloud service works you can read the user agreement of the service you are planning to sign up for. The document which traditionally suffers from insufficient attention may contain essential information you are looking for. There might be some fine print that they don’t advertise but will stuff in their Terms of Service (TOS) to make it legitimate. Also, try to research online to find out if there are any bad reviews that would cause concern. This will put you in a more informed position before you go ahead with their services.
- Use cloud services that encrypt your data
One of the easiest way to safeguard your privacy when using cloud storage services is to look for one that offers local encryption for your data. This provides an additional layer of security since decryption will be required before you can be granted access to the data. Otherwise known as the “zero-knowledge proof” in cryptographic, this method will even protect your data against the service providers and administrators themselves. While keeping data encrypted in the cloud may be good enough, it would be even better if the cloud service also ensures encryption during the uploading and downloading phases.
- Encrypt the data before putting it on the cloud
If you choose not to use a cloud service that will help you encrypt the data, you can use a third-party tool to perform the encryption. All you have to do is download a cloud-protection app which will allow you to apply passwords and generate secret key sequences to your files before you actually upload them to the cloud.
- Pick a good password
All cloud services require a master password to get into your files, so make it a good one, something that is pretty long. When it comes to passwords, longer is better. True, it can be a hassle to remember a strong password but it’s an even bigger hassle to have your information stolen.
Here are some security tips from Microsoft:
- Make the length of your password at least eight characters. If you want to make it absolutely uncrackable use 15 characters or more.
- Skip using your real name, last name, or company name.
- Don’t build entire words with only letters.
- Use a combination of numbers, uppercase and lowercase letters, and symbols (@, #, $, and %), if applicable.
- Update passwords regularly and make them significantly different from previous ones.
By picking characters from the full set of allowed printable characters, you force hackers to guess from 645 trillion possible combinations.
- Don’t reuse your passwords
Yes, you need several passwords, and the password you choose to access the cloud should be unlike any other you use. If a hacker gets access to your Dropbox password which also happens to be your email password, they will not only have a clear view of where you hold financial accounts, but they will be able to reset all of your passwords without your knowledge.
Also, don’t share your passwords. Even with a trusted friend, sharing your password is never a good idea. The more people who know your password, the more likely it is to be spread around.
- Enable two-step verification
If someone is trying to illegally access your personal information from the cloud by using your password, you might not realize it, unless you have two-step verification enabled. With two-step verification, it’s necessary for you to input two different pieces of data in order to access your personal information. Typically, that’s your password and a different code sent as a text or generated by an app on your mobile device. The code will change each time you log in.
Two-step verification can be frustrating and time-consuming, which is why many consumers choose to ignore it. But it saves you from having to clean up the potential mess a hacker could make. Google, Dropbox, Apple, Box, Amazon Web Services and Microsoft are just some of the companies that offer two-step authentication.
- Beware of fake messages
If you use cloud based storage services, be on the lookout for phishing emails. These emails may look like real messages from the developers of the service, but they are not. Hackers are trying to trick you into providing your personal information.
Here are some red flags to watch out for. If you see any of these red flags, don’t click on any of the links, and delete the email immediately:
- The spelling of the sender’s email is funny looking. For example, instead of xxx@dropbox.com, it reads xxx@dropboxx.com or xxx@drop-box.com.
- The hyperlinked URLs have misleading domain names. For example, if you hover over a link, you notice that instead of going to the apple.com domain, it goes to apple-com.info.
- The message contains plenty of misspellings or typos.
- You are asked to submit your password or personal information, such as mailing address, phone number, or social security number, via email.
- The message includes a form in Word or PDF format for you to fill out.
- You’re asked for money to cover for expenses.
Any other good tips to protect your data in the cloud? Share them in the comments below.
Photo Credit: https://www.flickr.com/photos/78811166@N05/14063077068