36 billion records exposed. 155 million US citizens affected by leaks. Ransomware spiked by 700%. These are just a few statistics for 2020 alone - the year of the epidemic.
It's already been a while, but we're still here: remote work has become the status quo, and the digital world is a breeding ground for greedy hackers - fueling cybersecurity issues every day. And as for privacy: yes, Dropbox still comply with the Cloud Act, allowing officials to read your private data if necessary.
However, there’s good news: October is Cybersecurity Awareness Month, and we took the opportunity to chat with Dejan, a cloud storage privacy and security expert who owns and shares insightful content at Cloudstorageinfo.org - where he critically examines cloud storage and backup solutions.
Here are the 4 tips he shared with us:
“It’s not just about the Cloud Act… watch out for Five Eyes!”
A secret agreement on surveillance and intelligence sharing, Five Eyes is an alliance between the US, UK, Australia, New Zealand and Canada. There is no national legislation to protect our privacy in cloud storage. No data sovereignty - crossing the line of democracy for the sake of secrecy.
Related reading: Cloud storage privacy & security: 6 things to consider
GDPR laws have increased Europeans' awareness of the whole privacy issue. It has required companies to publicly share what exactly they do with their data. It also assigns accountability to who is responsible for that information.
"My peers and friends don't really care about privacy. They share photos and confidential information on social media. It's kind of the new way of life, if you don't share what you eat 24/7, you're not alive.
And the next day 1.5 billion Facebook users' information is up for sale.
I don't feel that way, I like my privacy, I like to share sometimes what I want to share but I don't think everyone should know what I do. I think it's okay that I can share what I want to share with my friends or close family."
"Privacy in the cloud is important, which is why I've moved away from all the traditional cloud storage providers. They don't have zero-knowledge encryption, but neither do they have client-side encryption.
Google's recent client-side encryption is a good sign - it means users are demanding it more and more! But they needed to shut down Google Photos.... Business models are changing."
Some great steps, but unfortunately with client-side encryption the provider can still read your password. This means that a hacker attack or the Cloud Act can force the reading of private information at the expense of your cloud storage privacy and security.
Related reading: Most secure cloud storage 2021 - reliable reviews
If they had the right policies running from the software infrastructure (i.e., client-side encryption), it couldn't happen."
Zero-knowledge encryption, on the other hand, means that not even the service provider itself could access your private data. In fact, only you and those you authorize can read it.
"Two-factor authentication is an added layer of security and if you can set it up, just do it!
Everyone has a smartphone today and by activating it you can just quickly copy it from your phone and you can log in."
Dejan strongly suggests applying 2fa, to protect all important photos and files that you don't want anyone to have access to. Simply as that. Even if the process bothers you.
Let’s consider an insightful case: physical banking 2fa. You have:
Your first name on top of the key would be an easy game over for you. A physical card makes it more difficult for a criminal to steal your money.
Related reading: How does two-factor authentication work & why to set it
If you keep your account logged into Cubbit, you don't need to require a second authentication every time. Instead, it prevents outside people from easily registering unauthorized platforms, preserving the privacy and security of our cloud storage.
If they have data leaks in their records, it's not a good sign. Easy peasy.
And while data breaches and reading unwanted private information can happen due to the level of encryption or country laws - you can also lose control over your data if the provider’s data center goes offline for any reason, as happened with OVH in March 2021.
"This is a great point for Cubbit. The fact that each file is split into multiple chunks and copies, and spread across its p2p network of user-powered Cubbit Cells - ensures that data is always accessible. Anywhere, anytime. No matter what happens to your Cubbit Cell."
As you may have noticed, we had a nice chat with Dejan Miladinović. And we hope you found his tips insightful...
But that’s not all.
Here’s a free gift for you to celebrate Cybersecurity Awareness Month together! Download this free guide and learn how to apply the 3-2-1 backup rule. Start avoiding data loss at no cost.
Subscribe not to miss new articles and updates about Cubbit.
Cinquanta aziende provenienti da tutto il territorio italiano e da svariati settori - servizi, ICT e tecnologia, industria, meccanica di precisione, consulenza, cooperative e consorzi, PA, agroalimentare e FMCG - hanno aderito al programma della startup bolognese membro di GaiaX. Prende così vita, a partire dall’Italia, la prima rete B2B di cloud storage distribuito in Europa.
Wouter is a patent attorney, formerly at Nokia. After the WeTransfer security flaw, he switched to Cubbit for a file backup with end to end encryption.
Intervistiamo Daniele Righi, Chief Innovation & Business Development Officer di Linkem - riguardo alla sperimentazione Linkem & Cubbit per un nuovo paradigma di cloud distribuito.
Learn how you can secure your files in the safest place on the internet - plus subscriber-only special news and offers.