Cloud Storage 101
With today's
need for more data storage cloud services are used more and more and the data
and the need to secure this data is real concern for users and cloud
administrators alike. First, what is 'the cloud'? Simply put it is
the practice of using a network of remote
servers hosted on the Internet to store, manage, and process data, rather than
a local server or a personal computer.
This means a user can store data, pictures, videos, music etc. remotely
to save valuable hard drive space on their local machine. With the amount of cloud storage available
this is where a user wants to make sure their data is secure, private and will
not lose data integrity. As a home user
storing personal pictures may not seem too important to keep secure but think
of the businesses that rely on cloud storage to keep PII, financial records,
business plans and such, they need to know the data is secure. The threats to cloud storage are well known
and include DDos attacks, permanent data loss, malicious insiders, account
hijacking, and exploited system vulnerabilities to name a few.
How is this task achieved?
One way is data encryption but this is not always full proof and there
can be systems hiccups that cause a decryption problem which would cause the
data to be corrupt and unusable. A cloud customer should ask the provider of
cloud service what measures are in effect for data security, for instances,
biometrics, PIN secure location where the data is stored. Clouds
API’s and software-as-a-service are still evolving which means updates can be
frequent but some clouds do not inform their customers that these changes have
been made. Making changes to the API means changing the cloud configuration
which affects all instances within the cloud. The changes could affect the
security of the system as one change could fix one bug but create another. The
customers of the cloud provider should enquire if any updates are made and
should ask about what security implementations have been put into place to
secure their data and what exactly has changed with the system.
A type of cloud storage is Hybrid Storage. Hybrid Clouds use both public and private
clouds within the same network. It allows the organizations to benefit from
both deployment models. For example, an organization could hold sensitive
information on their private cloud and use the public cloud for handling large
traffic and demanding situations. With
the separating the types of data, sensitive on private and large traffic and
demanding situations this is considered a safer practice for companies to use.
Many companies offer free cloud storage for their
users. Apple, Google and Drop box to
name a few. The user can purchase more
storage if the amount that comes free isn’t enough. One of the good things of cloud storage is
the availability from any source with internet connection. This saves valuable hard drive space and
makes accessibility a breeze.
When cloud storage is used its always best practice to make
sure the user has a backup of all important data even though the data is on the
cloud. I would go a step further and say
do not put PII or any personal data in the cloud. Be certain when we do use cloud storage the
user knows the security risks involved and knows the safe practices of the
provider.