29 June 2012

Cloud week - part 3: Security on the cloud

Is the cloud safe?

For individual applications on the Cloud, the biggest risk is with the level of access you are giving the apps you use.  The best example here are the Facebook apps you’ve probably been invited to use by friends.  If you’ve ever read the details of what access you are giving these apps, you might think twice before installing some of them.  You’re giving the app permission to access your name, profile pictures, username, user ID (account number), networks, your friend list, gender, age range, and locale, and any other information you’ve made public on Facebook. 

Another example is with Google.  While your Google Account is very secure, using the Google Apps Marketplace for add-ons created by third-party vendors, could give access to log-on information, or allow the app access to the data in your Google account such as your email, calendar, and Google Docs. 

If you really want to use an app and want to get a better idea of how safe your information will be you can search the app vendor’s website to determine who they are and what security measures are in place - look for logos showing security certification for the app. 
Cloud storage providers take the security of your information very seriously and have top security measures in place to protect your data.  They use file encryption, which means your data is scrambled up and not easy to read; and your data is usually stored in multiple data centres, which means that if something happens to one location, your data is still safe on at least one other server in a separate location.  However, the most important thing protecting your data is having a very strong password – and that’s up to you.  

Even with these security measures, you need to be aware that they can never be 100% safe.  There have been cases where big cloud storage companies like Microsoft, Amazon and Dropbox have experienced outages and security problems, although they have been quickly detected and fixed. Even though your files are protected by encryption and passwords, there is the small chance that hackers could break the codes and access your data.

What can you do to maximise the security of your data in the cloud?

Your password 

Choose a password that’s difficult to hack, and change your password regularly. 

·    Use at least eight characters, the more characters the better really, but most people will find anything more than about 15 characters difficult to remember.
·    Use a random mixture of characters, upper and lower case, numbers, punctuation, spaces and symbols.
·    Don't use a word found in a dictionary, English or foreign.
·    Never use the same password twice.

Things to avoid


·    Don't just add a single digit or symbol before or after a word. e.g. "apple1"
·    Don't double up a single word. e.g. "appleapple"
·    Don't simply reverse a word. e.g. "elppa"
·    Don't just remove the vowels. e.g. "ppl"
·    Key sequences that can easily be repeated. e.g. "qwerty","asdf" etc.
·    Don't just garble letters, e.g. converting e to 3, L or i to 1, o to 0. as in "z3r0-10v3"

Bad Passwords


·    Don't use passwords based on personal information such as: your name, nickname, birthdate, spouse’s name, pet's name, friends name, suburb, phone number, car registration number, address etc. This includes using just part of your name, or part of your birthdate.
·    Don't use passwords based on things located near you.  Passwords such as "computer", "monitor", "keyboard", "telephone", "printer", etc. are useless.
·    Don't ever be tempted to use one of those common passwords that are easy to remember but offer no security at all. e.g. "password", "letmein".
·    Never use a password based on your username, account name, computer name or email address.

     Good password tips

·    Use the first letter of each word from a line of a song or poem.
·    Alternate between one consonant and one or two vowels to produce nonsense words. eg. "taupouti".
·    Choose two short words and concatenate them together with a punctuation or symbol character between the words. eg. "seat%tree"


Secure Site

If your cloud storage works through a web app, ie. you go to its website and log-on to access your files, look for "https" instead of "http" in front of the URL in your browser's address bar. That extra "s" indicates the form is using secure HTTP.

If you are thinking about using the cloud for storing your business files, there’s a lot to consider before you make that decision, and then there’s the decision of who is the best cloud provider for your company.  

However, if it’s for personal storage and backing up of your own photos, music and files; or if you’ve ever needed to access what’s on your computer when you’re not near your computer; the Cloud is definitely the way to go - an easy way to store your data, free up your computer’s memory, share your files with those you want them shared with, and the ability to access it anywhere, at any time, on any device.

No comments:

Post a Comment