More and more people are storing their private information in the cloud every day. Most of the time, though, the choice of a cloud storage service goes towards 'free' and popular services without even considering other options.
As a result, the data you just moved to your Dropbox folder is now stored in a polluting and unsecure server farm, located in some distant place around the world.
And while everyone is talking and consuming digitally, there comes a price to pay: every 2 seconds there is a new victim of identity theft worldwide. Moving from 1.72 million reports in 2019, to a total of $3.3 billion in losses over the pandemic period.
That's why we should stay aware of our privacy now more than ever. And here comes this article to your help. On this page, you will learn:
- 7 aspects you need to consider today when it comes to cloud storage privacy and security.
- The false privacy promises some services make versus what they REALLY do.
- A free go-to guide for start securing yourself today at no cost.
#1. Cloud Act is bad!
Let's start with the basics of cloud storage privacy: US-based solutions are subject to very privacy-unfriendly legislation. Basically, the government can demand to read your data if required by law.
Google, Dropbox, Microsoft, and all other companies with data centers in the U.S. are obligated to comply. And they've actually stated it: in the first half of 2020 alone, Google received 340,000 government requests for information and provided private data 76% of the time - check out their transparency report.
Since these companies are only “lightly” encrypted, you must be prepared to have your confidential information scrutinized and mined in perpetuity. Here are two things to look for:
- An EU-based service that meets all GDPR regulations, preferably enforcing privacy by design.
- Zero-knowledge encrypted cloud storage, i.e. a service where not even the service provider can access the data. This way, the service provider can’t comply with the Cloud and Patriot Act, even if they wanted to! We will dive deeper into this topic in section 3.
Related reading: 3 reasons why you should switch to zero-knowledge cloud storage
#2. Content scanning is just around the corner.
Unfortunately, your privacy is at risk not just due to legal issues.
Companies like Google are violating your cloud storage privacy everyday - scanning private content, as reported by The Crow, to feed their business model and serve you tailored ads.
Even worse, companies hide behind false claims about end-to-end encryption, instead selling customer data against their will. As an example, Zoom recently admitted that they lied about their service being end-to-end encrypted - a crime for which they have been charged as little as $85 million.
There's not much to add. When it comes to cloud storage privacy, keep your eyes open to the "seemingly free" services that mold you into their end product and look elsewhere.
Related reading: How to protect your privacy online: 5(+1) actionable tips
#3. Own your data with zero-knowledge encryption
So far we've talked about trust. Now let's talk about math.
There are cloud storage services that describe themselves as privacy champions when in fact they don’t offer it or even reserve it only for premium users. Then your data is only encrypted in-transit and at-rest and this means that an attack on the server will most likely result in a data breach. And some of them do not even comply with the GDPR!
What should you look for then? You must search for systems built on end-to-end and zero-knowledge technology. Where not even the service provider can access your private information, letting you own your data.
This for sure will not make your data 100% secure, but it will take longer than the age of the universe for a hacker to decrypt your data.
Related reading: What is zero-knowledge encryption and why you need it from the services you use
A reminder: you can use the strongest level of encryption ever made, but if you don't take care of your password, good luck my friend!
#4. Always backup your files
Unfortunately, even zero-knowledge encryption isn't enough when it comes to complete cloud storage privacy and security. That's why you should go beyond the e-world and look at what's happening right now.
Data centers can catch fire as happened with OVH in March - the largest in Europe, and sometimes entire countries can fall (see what happened with the Australian Bushfires).
One solution may be the 321 backup rule - mechanically duplicating your content across multiple media (how? download the free guide and start securing your data today). Other people prefer to rely on personal clouds. However, they are time-consuming to set up and can sometimes lead to your data moving very slowly and insecurely between NAS servers - read David's story.
Related reading: 6 backup strategy solutions for ransomware data recovery in 2023
Luckily for you, distributed cloud storage architecture comes to your aid. Cubbit is the first cloud storage solution in Europe to adopt this kind of architecture.
How does it work? Instead of relying on a centralized data center, data is encrypted, split into chunks, and finally spread across a network of nodes. If the number of nodes going offline goes below a certain threshold, all the others immediately trigger the recovery process, making your data always available no matter what.
In addition to this, distributed cloud storage also means saving 70% more than traditional cloud solutions in terms of carbon footprint.
Related reading: Data centers are the new plastic.
#5. The importance of secure file transfer.
The previous 4 elements seem like the perfect formula for having unbreakable data that is always yours - anywhere, anytime.
But we live in the age of remote work, where information sharing has moved online and, consequently, the number of cybercrimes has increased dramatically. Just considering ransomware alone there has been a 700% spike in 2020.
That's why we need to strike a balance, prioritizing services that guarantee our security and privacy, that at the same time offer added value when it comes to secure file transfer.
Private links are a feature you should look for. Basically, for every file/folder you want to share, there's a link associated with it that is protected by a zero-knowledge encrypted key. So, you can replace unsecured email attachments with this while sharing your password through a different channel (e.g. end-to-end encrypted Signal). Thanks to this feature you can transfer your files securely.
Related reading: How to get rid of ransomware (Instead of paying for it)
#6. 2FA
Above we delved into the 5 key points to cover when it comes to cloud storage privacy and security, but that's not all. Now it's time to consider some additional features.
The first is 2-factor authentication. Most people look at this feature more as a nuisance than anything else, while as a matter of fact, it's of paramount importance for security. So much so that even Google and other traditional cloud storage solutions offer it. In a world where 90% of data breaches are caused by human error, this is important: think of social engineering.
An interesting case is that of physically withdrawing money at the bank:
- 1st factor: you have to prompt the PIN code.
- 2nd factor: you need to own the physical card.
This is also why PINs are very short - only 4 numbers. Your name plus the key would be easy to guess. Adding the card to the game makes everything more complex for the thief, who now needs physical access to the card. It’s also a risk because anyone who steals your card gains access to your money - this is where things like mobile confirmation come in to help protect you further.
Related reading: How does two-factor authentication work & why to set it
In conclusion, I'd like to highlight another element that is most often taken for granted: the usability of the tool.
In fact, the concept of security has always been associated with complexity. When we talk and think about security, it's easy for an image like the one below to pop into our minds.
We need to reimagine this concept.
People are allergic to the digital safe to the point where they would rather put their data and money at risk than live with peace of mind. That’s why UX design is so important. Just look around: in this digital age, many tools provide privacy and usability at the same time.
#7. Bonus: apply the 3-2-1 backup rule and avoid data loss at no cost!
The 6 steps above should give you a clear understanding of what to look for when it comes to cloud storage privacy and security.
Putting these actionable tips into practice today will make all the difference in finally achieving your peace of mind. But there’s more that you can do: download this free guide and learn how to apply the 3-2-1 backup rule. Start avoiding data loss at no cost.