Are my files really safe if I store them in the cloud?

Are my files really safe if I store them in the cloud?

Storing your data on cloud servers is easier than ever -- many services offer drag-and-drop interfaces and seamless automatic backup.

Now when you have saved all your important and confidential information and data in clouds thus comes a question- where these servers are? and if they keep Your Information Secure

The days of keeping all your documents, photos and music on your computer's hard drive are gradually coming to a close. Today, cloud storage is helping to solve the ever-present need for more storage space to hold all of your digital property. But is all your personal data safe out there on the 

Internet?

To answer this question, we need to examine two things. First, we need to decide what constitutes data security. Is password access to the storage sufficient, or should files be fully encrypted on the storage device? Some of that will be up to you, but everyone should note these important security points:

Passwords can be hacked. This doesn't mean that passwords aren't safe, just that they're vulnerable to dictionary. If you choose a cloud storage solution that relies on a password to access your data, choose a password that's difficult to hack with dictionary attacks, and change your password often to reduce the chances of success from brute force attacks.

Most storage services will encrypt the data while it's traveling back and forth, making it impossible to read even if someone captures the files. If your cloud storage works through a Web app, look for "https" instead of "http" in front of the URL in your browser's address bar. That extra "s" indicates the form is using secure HTTP. If you have a standalone cloud storage app installed on your computer, check to be sure that app uses some type of encryption for its Internet exchanges.

People are more dangerous than computers when it comes to hacking. Don't give out your password to anyone, even someone claiming to be from technical support. One of the biggest dangers for security is social engineering: creating a trust between the hacker and the end user that causes the end user to happily hand over personal information. Note that when you speak with the real technical support specialists, they'll require only minimal identifying information from you, and most likely not your password.

Hackers usually want the most information for the least effort. This means they will likely attack the heart of a cloud storage service rather than its individual users. Thus, you probably want to find a service provider with a good history of keeping its clients' accounts and data secure.

Your data isn't always immune to search by local government entities. In the U.S., for example, any cloud storage company could be served a subpoena requiring them to open their clients' data for government examination.

We also need to look at cloud storage providers to see which ones are doing the most to keep your information safe. Next, let's look at how the major cloud storage providers protect data and go over some tips for choosing a safe cloud storage service.

Safe Cloud Storage Options

When you're shopping for a cloud storage service for your files, you'll probably start by considering what you plan to store and how you need to access it. Along with that, determine how important it is to keep that information secure. For example, if you're storing important documents about your medical history or home finances, you may be more concerned about keeping your data safe than you would, say, music files from CDs you've ripped. Here are some safety features to look for when you're choosing or opting for a cloud storage service:

A company with a reputation for excellent physical and network security

Multiple-level redundancy, meaning there are multiple copies of your data to prevent loss in the case of a single disk or server failure

Redundancy across multiple geographic locations, so when a natural disaster destroys your data at one location, that same data is still available elsewhere

How long it takes to delete a file across the redundant servers in the cloud, or if it's ever truly deleted from the cloud storage banks

Cloud security hasn't been as rigid for end-user storage services as it has for enterprise-level clouds. As a result, even the top cloud storage options available to you have some vulnerabilities. While these vulnerabilities are probably not a big concern for most users, they are worth noting if you decide to store sensitive personal information. The following are just a couple of examples:

Dropbox -- Dropbox is simple and sufficient for most users, encrypting your data while it's in transit over the Internet. In its simplicity, though, it did leave a couple of security holes. First, it left local authentication protection up to its users. All you need to sign in from another computer is a copy of your Dropbox configuration file, so you're responsible for limiting access to your local computer. 

Dropbox also leaves the names of your files in plain text. It's up to you whether you want a third-party security application to encrypt and decrypt the data in the folder you're synchronizing locally to protect filenames and prevent anyone from reading that data without your additional decryption keys [sources: G.F., Newton].

Amazon Cloud Drive -- Amazon stands toe-to-toe with Dropbox when it comes to simplicity and availability across platforms. Amazon is also up front about one of your security risks. In its user agreement, Amazon Cloud Drive declares its right to access your files and disclose account information to offer support and to ensure compliance with that agreement. Since the Cloud Drive offers streaming of MP3, this is largely to enforce copyright law regarding music. If you want to protect those files, you'll have to give up the streaming option for media files and use a third-party encryption app for all the data you synchronize to the Cloud Drive [sources: Vaughan-Nichols, Raphael].

Know the limitations of your cloud storage service before you start uploading.

  

How a Cloud Antivirus Works

Whether you have years of computing behind you, or you've just bought your first laptop or desktop, you're probably familiar with the need to protect computers from viruses. A virus is a software program that installs itself on your computer and makes undesirable changes to the data on your computer. Though there are rare viruses designed to target offline computers, we're talking about malicious software (malware) you can pick up from the Internet.

To prevent malware from attacking your data, you can use antivirus software. One antivirus option is a technology called cloud antivirus. Cloud antivirus software does most of its processing elsewhere on the Internet rather than on your computer's hard drive. Internet technology like cloud computing has made such innovations both possible and affordable.

Cloud antivirus software consists of client and Web service components working together. The client is a small program running on your local computer, which scans the system for malware. Full locally installed antivirus applications are notorious resource hogs, but cloud antivirus clients require only a small amount processing power.

The Web service behind cloud antivirus is software running on one or more servers somewhere on the Internet. The Web service handles most of the data processing so your computer doesn't have to process and store massive amounts of virus information. At regular intervals, the client will scan your computer for any malware listed in the Web service's database.

Here's a summary of the advantages cloud antivirus has over traditional, locally installed antivirus software:

You have access to the latest data about malware within minutes of the cloud antivirus Web service learning about it. There's no need to continually update your antivirus software to ensure you're protected from the latest threats.

The cloud antivirus client is small, and it requires little processing power as you go on with your day-to-day activities online.

It's free! You can get an impressive level of virus protection from the free versions of cloud antivirus software. You can also purchase upgrades for additional utilities and support, for prices that are competitive with popular local-only antivirus applications.

Now that you know what cloud antivirus is, let's look at the features of cloud antivirus software and how you can use them to keep your system clean.

Cloud Antivirus Features

If you have any experience using antivirus software, the user interface (UI) of cloud antivirus software should look familiar. After all, its primary job is the same as any other antivirus application: Scanning your computer to identify and clean up any malware. Therefore, you'll find these common functions in a cloud antivirus UI:

Scan the entire computer or certain folders on the computer.

Adjust when to make automatic scans and what files to include in them.

View detailed reports to see what malware was detected during a scan.

Take actions to remove or restore any quarantined files, or files that were neutralized in some way until you decide to restore or delete them.

The unique features in cloud antivirus are those you won't see in the UI. We've already seen that cloud antivirus splits its tasks between your computer (a client application) and Web servers elsewhere on the Internet. Because of this split personality, cloud antivirus can leverage resources from across the Internet to better defend your computer against malware. For each cloud antivirus product, these resources come together to form a central database of malware data.

This malware data is collected in different ways depending on the product. For example, Panda Cloud Antivirus gets data for what it calls its Collective Intelligence from IT and software industry resources, honeypots (computers used to trap malware) staged worldwide and feedback from customers [source: Ilascu]. Immunet Free Antivirus depends on its entire community of users (the 

Immunet Cloud) to learn about potential threats, adding the data to its Collective Immunity technology [source: Immunet]. Cloud antivirus servers run algorithms on the data to classify malware by different qualities, including level of threat.

What makes these malware databases special, though, isn't just their collection techniques. Their real advantage is how quickly they can make that data available to you. Rather than waiting to download some big patch for your antivirus software every few weeks, your computer can scan for the latest threats while you're online, catching them within minutes of their addition to the database.

For offline access, a cloud antivirus product might keep a cache of malware data on your local computer. The cloud antivirus software can keep this cache up-to-date as long as you're online. This cache won't include the entire database of malware threats, but it will include malware that presents the most common threats to your computer.

So far, we've looked at the general features of cloud antivirus software. For a better idea of what this looks like, let's examine the user interface for one of these cloud antivirus products.