Cloud storage solutions are accompanying the evolving shift towards digitization. Ease of use and accessibility are the watchwords of these tools, which offer us a digital workplace always at our fingertips.
It all seems so simple to the point that we become addicted without even thinking about it. However, it’s 2023 - a record year in terms of the frequency (and size!) of data leaks. Each minute $3M is lost to cybercrime, while the amount of connected devices will reach 75 billion in 2025 (source: Forbes).
Therefore, it's also very important to be aware while using the digital tools - On this page, you’ll find:
- 9 actionable tips on how to protect YOUR data in the cloud.
- A deep dive into best practices for creating a non-breachable password.
- How encrypted cloud storage can protect your information.
1. How to create a unique password
This is probably the most underrated piece of advice ever given. We live in the age of the stimulus: we need an immediate reward for our actions and we’re definitely not used to employing our "gray matter" to remember a complex password for every service we sign up for. What we're used to instead is using the same (simple!) password for everything, and most of the time we write it down on our mobile devices to remember it.
This habit is dangerous, and here's why.
You can use any secure, encrypted cloud storage you want to store your data, but if your account password is easily found through social engineering means (e.g. if you put the name of your favorite soccer team as your password) it will be very easy for an attacker to read your data. Also, the more you write it down, the easier it is to be a victim of a data breach - Have I Been Pwned allows you to check if your account information is currently sold on the darknet.
A mainstream practice on how to protect data in the cloud is to not link the creation of the key to our being and try to make it completely random. Here’s a tool that generates strong passwords for free and here’s another one to measure key strength.
While this advice may seem useful on the surface, the reality is that it will lead to insecure practices like writing your code on a post-it note stuck to your computer monitor.
Our suggestion here is to use a silly scheme to make passwords: hard for a hacker or computer to guess (due to the increased length & related entropy), but easy for you to remember.
As a practical example, we can consider creating a nonsense story - a guitarist horse that meets a singing cow at a concert. In a key structure: “Guitarist-Horse-Meets-Singing-Cow-Concert”. 41 characters and fun to remember!
“Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess” - that’s the ironic thought of webcomic xkcd in the artwork where he suggests this practice. This tip comes as an alternative to passwords that are cumbersome to memorize (and type!) like “J4m3s_23” which is instead very easy to guess for a brute force attack.
“Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess”
Hopefully, this section has given you some useful insights on how to protect data in the cloud. Before we move on to the next section, here’s the most common password list of 2021.
2. Setting up two-factor authentication (2-FA)
2-FA goes hand in hand with strong keys: 6th of May is World Password Day, and organizers are also pushing with setting up two-factor authentication.
In a nutshell, two-factor authentication allows you to add a second step to your account verification every time you log-in. It asks you to identify yourself through a different factor in addition to key entry, so your data is protected from externals knowing your password and brute force attacks.
Below are the most famous types of 2nd steps:
- something you are (i.e. biometric such as fingerprint, facial recognition…).
- Something you have/know (e.g. usb key, physical credit card, or an additional code sent to your email/phone at the log-in moment).
- Somewhere you are (i.e. location-based).
In the linked article you can learn more about how does two-factor authentication work & why to set it.
3. Read the User Agreements
Every time we sign up for a service, a long document to read with many microscopically written clauses is there, ready to be accepted - read or click? This is the question.
Of course we click, and that is exactly equivalent to signing into a contract.
Sometimes we’re lucky enough to subscribe to a secure service, but more often than not the opposite happens - this is the case with many cloud providers, who demand commercialization of our data before allowing us to use their "free service".
One of the world champions in this field is Google Drive, as you can notice from their policy document. The tip here is simple: before you trade your privacy with a click, take a moment and understand what you are giving away.
Let’s now move on with the next tip on how to protect data in the cloud.
4. Managing secure online file storage
There are a few helpful data protection tips when it comes to managing secure online file storage.
The first tip is to only store the data you need at the exact moment: if you avoid storing a customer’s phone number on the cloud, and a data breach happens the hacker won’t get the “bonus” information and you’ll prevent damage to your firm’s reputation.
The second tip is to be careful about storing and sharing sensitive data: for one thing, if you send your date of birth or social security number to someone, it will increase the chance of falling victim to social engineering (i.e. it will be easier for an attacker to win your password through recovery phrases and the like). The same goes for storing sensitive information on the cloud - it will be simpler to fall victim to a data breach.
The third tip will be to encrypt your data before uploading it. However, there are different types of encryption: some are really basic like at-rest & in-transit that don’t protect you from a data breach on the server. Others protect your files with state-of-the-art security - zero-knowledge encryption where not even the service provider can access your files.
To learn more about the different types of encryption you can check out this article: What is zero-knowledge encryption and why you need it from the services you use.
5. Protect yourself with anti-malwares
We’re used to getting everything free and instantly, because it has to be that way. We use the free version of anti-malware (or even a cracked version!), feverishly protecting our business (and personal) data stored on the computer as we surf online. But what’s the price then?
Using free versions of software means that the end-user becomes the final product. As a result, we pay with our private information to protect ourselves with a basic-level of service. Here’s a list of the best antivirus for 2021.
In addition, a premium anti-malware (or a secure browser like Brave!) can also offer additional features like reliable VPNs, which shield you from unsecured connections that are becoming increasingly used through coworking spaces and are very easy to hack (i.e. the hacker just needs a small device and to be near you to crack a “not-secure” public connection).
6. Constantly update applications
Protecting yourself (or your business) with high-quality softwares is very important. However, you also need to monitor for updates: both of the operating system and the softwares we use, secure cloud storage included.
We never have the patience to wait for our system to download and install the next update, but that’s what fixes the holes - the breaches through which cyber thieves enter. So, we can use any encrypted cloud storage we want, but if spyware-like joins in and intercepts us as we type in our passwords, it’s game over for our business.
7. Always monitor who has access to what
The advice here is to minimize the attackable surface area.
In the post-pandemic decentralized workplace, the employee’s computer becomes the weakest link in security for businesses. That’s because each worker has its own personal computer and account - in the case of non-granular access (i.e. anyone has access to everything) a social engineering trick can allow a hacker to easily access an account and read all of the company's files as a result.
That’s why permission levels and roles are critical in secure cloud storage for businesses. In addition, it’s also very important to use a few tricks like always signing out of devices we’re not currently using and disabling old devices that still have access (e.g. those owned by employees who have left).
8. Behave responsibly when online
It’s crucial to use up-to-date softwares to protect your data, but it’s also important to behave responsibly when online.
This means checking the websites we browse, being careful about what we download and from where, backing up data constantly (on encrypted cloud storage if possible!) and many other “mainstream” data protection tips, which are the ones that make a difference if we are aware of these as we act.
Related reading: What is the importance of backup data in 2023?
9. Encrypted cloud storage: how to protect data in the cloud
Here we are with the latest tip on how to protect data in the cloud, and what better advice than “use secure cloud storage”?
However, let’s first clarify what we mean by this: basically every online file storage on the market today is encrypted cloud storage. This means that it offers a level of encryption, either basic or very high (i.e. also Google Drive has “encryption” by default!).
Encryptions at-rest and in-transit complement each other, protecting the file while it is stored and transmitted, respectively. The problem here is that the server is still reading the data (including the private key), so a centralized attack can result in a data breach.
This is where zero-knowledge encrypted cloud storage comes into play - a cutting-edge technology which ensures that nobody, not even the service provider, can access the data.
Cubbit is the world’s first distributed cloud, leveraging its unique p2p network to craft a solution that is among the most secure options on the market. It is also a super-easy-to-use cloud storage: share with Cubbit Private Links & collaborate on zero-knowledge encrypted data - all with a click of your mouse.
What are you waiting for? You can try Cubbit for free for 30 days, with no credit card required.