The safety of storage in the cloud

The cloud has become an extremely useful and influential tool in modern computing.  Storage is becoming a service that is most prominently used by users of the cloud.  Storing data in the cloud is a new concept that puts the responsibility of managing and keeping the data safe in the hands of a third party.  I decided to look into how breaches in security that allow the wrong people to access your data might happen.  One article, cited below, states that accidents have happened in the past where cloud storage companies have allowed easy access to all users’ data, as Dropbox did it in 2011[1].  There are also instances of sites allowing people to alter the URL or web page to give them access to other pages.  When data is stored with a third party, the employees of the company would have access to the data.  It is important that the companies act ethically with the data to keep it as protected as possible.  Encryption is an important step in making it more difficult for the wrong people to get the data.  The article lists 3 ways that encryption; letting the cloud provider know and manage the encryption key for a user’s data, letting the cloud provider only manage the encryption key, or letting only the user manage the encryption key, giving them full control of their data.

Another issue of storing data in the cloud is that the “authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers” [2].  No warrant is needed to get the data, since it is not considered communication like email is.  For these reasons, storing in the cloud is not like simply keeping the data in local storage.  There exist problems that could be fixed if users were given full control of allowing access to their data through the use of a user-managed encryption key.  The cloud storage services are not insecure, but do have fallbacks that local data storage does not have.

[1]http://tidbits.com/article/12920

[2] http://arstechnica.com/tech-policy/2012/12/no-warrant-no-problem-how-the-government-can-still-get-your-digital-data/

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s