The cloud has transformed the way we access and use data.
Cloud computing powers many of the services we take for granted nowadays. Spotify, Facebook, Netflix, Office 365 …the list goes on.
Not only are we increasingly downloading and accessing software and services from the cloud, we’re even uploading our own information to it.
Platforms like Dropbox and OneDrive are ubiquitous on desktop computers around the world, while smartphone cloud storage services include iCloud and Samsung Cloud.
Being able to access data and documents from anywhere is more suitable for today’s always-on multi-device lives than saving it in one fixed location.
As a result, we store confidential information in these folders that would otherwise be kept on password-encrypted computers in the safety of our homes.
But how can we be sure cloud computing safety is being given the same level of rigour and scrutiny?
Safety in numbers?
Despite high-profile hacking scandals involving the likes of Facebook and Yahoo!, there’s still a widely-held belief among consumers that big firms know how to keep our data safe.
And there’s no doubt the tech giants are trying to maximise cloud computing safety. Microsoft alone spends over $1 billion a year on cybersecurity initiatives.
Service providers face massive fines if regulatory procedures such as GDPR aren’t followed, while the entire industry’s reputation hinges on people trusting it.
These are some of the techniques used to preserve and protect data stored in the cloud, whether it’s our own information or third-party services:
Redundancy. Cloud services tend to store files in triplicate in separate locations, known as redundancy. A faulty server or a malware attack shouldn’t affect service.
Each server is meticulously looked after in an anonymous data centre, where military-grade security and safety protocols are maintained around the clock.
Safe sharing. Tech firms protect client data with sophisticated encryption techniques, and files can generally only be shared with a user’s explicit permission.
Google Docs is a classic example. Unless you grant access to a Google Drive document, nobody else is aware of its existence, let alone able to access or modify its contents.
Encryption. Cloud data storage isn’t a security risk in itself. It’s the management of access that poses risks, which is why data is encrypted.
As a result of service providers developing complex encryption algorithms, it would take phenomenal processing power for a hacker to break in. Nobody has succeeded so far.
Data is accessed over secure HTTPS connections, by people with correct login credentials. It may even be tricky to access your own data from a device the provider doesn’t recognise.
A personal choice
It’s rare to meet someone with knowledge of the cloud computing industry who doesn’t store their own data online.
Despite the odd misstep (like Apple splicing a U2 album into half a billion iTunes cloud accounts in 2014), there have been no significant reasons to question cloud computing safety.
Market-leading service providers like Amazon are constantly refining the blend of deterrent, preventative, detective and corrective controls used to keep consumer and corporate data safe.
And cloud storage is often safer than trusting your computer’s C drive, which is more likely to be wiped/hacked/corrupted than triplicated online data hosted by Google or Microsoft.
However, public confidence has been shaken by recent data theft and hacking scandals involving tech firms – even if none of them were cloud-specific.
And cloud computing safety could be compromised by basic mistakes like using “password” as a password, or forgetting to log out after using a shared computer.
The necessary lack of visibility involved in cloud storage makes it hard for some people to trust it. Is it overseas? How complex is its encryption? Does deletion remove every backup?
There are also uncertainties around what happens if a security agency demands to view data. Government agencies make tens of thousands of such requests every year – some of which are granted.
Cloud computing is undoubtedly safe. But some consumers may still prefer to save sensitive information on data keys, and install software directly onto their devices, rather than use it.