In recent years, cloud computing has become a fairly common way of storing your data. Most of us use cloud computing and cloud storage, such as the Photos program on the Apple platform, Google Photos, Google Docs, Dropbox and other similar products. Even still, the one question a lot of people have is whether or not it is safe.
This is a good question, as there have been a few incidents over the last few years arising from sensitive data being released from cloud storage centres. The high-profile instances where data has been leaked—Apple’s iCloud, Dropbox’s breach—have been determined to be issues with password security and the way passwords could be retrieved, so no actual data breaches were made through the site’s security.
This leads us to focusing equally on the data centre itself, how providers allow you to retrieve passwords and overall password strength.
Data encryption – This is definitely something you want to have when storing data on the cloud. Without adequate encryption, you may as well store your files on a public forum, because it will most likely have about the same amount of security. These days, you want to find something that has 256-bit Advanced Encryption Standard (AES). This is essentially just another way of saying “secure.” Another thing to take note of if you really want that extra layer of security is to encrypt the files before uploading. This way you have some “encryption for your encryption.”
Password strength – This is the area that a lot of people get in trouble with. The stats for passwords are staggering. According to a 2015 report, 21% of people use passwords that are more than 10 years old and 47% that are at least 5 years old! To make matters worse, the five most popular passwords in 2014 were 123456, password, 12345, 12345678 and qwerty. Sound familiar? Maybe it’s time you update your password strength.
The best length to use for your password is around 10 characters. The number of possible passwords using 10 characters is 984,000,000,000,000,000 and would take about 3.9 years to crack using 1000 cloud servers. Compare this to passwords using 8 characters, which would create 248,000,000,000,000 combinations and with the same 1000 cloud servers would take about 8.6 hours. Notice the difference? Add a type of password encryption called password hashing and the same 10 character password would take close to 15 years to crack.
Password retrieval – Password retrieval is where a lot of companies can drop the ball as well. This is how Apple managed to lose a lot of celebrities’ delicate files a few years ago. Essentially, a flaw was identified where unlimited attempts were allowed to guess the password with no time limit between attempts. Combine this with poor password security and this is a recipe for disaster. And it was. The best way companies can fix this is to plug that leak and introduce two factor authentication (2FA), which sends something to your phone or another device verifying you are who you claim to be.
So let’s get down to the nuts and bolts. Is cloud storage safe? Well, as stated previously, as long as the company has good security and you have good encryption combined with good password strength, there should be no reason to doubt the integrity of your cloud storage security. In fact, it’s been stated that cloud storage security is actually stronger than most on-site protection.
As we move further towards total cloud integration, it’s good to know companies with this level of security for your own peace of mind. You just need to know where to look. Contact us at Arrow today to get started.