Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

The Two Types of Cloud Data Threats and How You Protect Yourself

You can use it safely

Secure cloud storage
(Image: canva.com)
All cloud data threats boil down to one of two things. I'll review them and lay out what you need to do to keep your data is safe in the cloud.

Cloud and cloud, what is cloud??!!”1

Seems we can’t say or do much in technology these days without that silly buzzword — “the cloud” — rearing its head.

To be fair, it’s a pretty powerful concept. Nearly unlimited storage for all your information, accessible to you from anywhere the internet might reach — which is pretty much everywhere these days!

Is your data safe? Yes, but: there are two significant type of cloud data threats to prepare for.

Become a Patron of Ask Leo! and go ad-free!

There are two types of cloud data threats: data exposure and data loss. Protect against exposure by encrypting sensitive data. Protect against loss by making backing up your data elsewhere. Encryption plus backups ensures your data stays safe in the cloud.

Data exposure

“Data exposure” means someone who shouldn’t have access to your information somehow does.

The most common scenario is someone hacking your account with the cloud storage provider. Once in, anything stored in your account is visible to the hacker. They can view, copy, download, duplicate, or share any or all of the data you have stored online.

A common worry (but a significantly less frequent occurrence) is that someone at the cloud storage service will look at or copy your data, or be compelled by law enforcement to provide access.

For most people, these are both what I’d consider low level concerns.

We should ensure all our accounts are secure, which includes the usual litany of using long and strong passwords unique to every account, not sharing them with anyone, and enabling two-factor authentication when available. A secure account is your best protection against hacking.

Most folks don’t need to worry about rogue employees or police officers with a warrant.

Most folks don’t need to worry about data exposure, as long as they’re keeping their accounts secure.

Protecting yourself from the threat of data exposure

What if you are worried? What if the data you want to store in the cloud is more sensitive than random family and pet photos? What if you want to make sure no one without authorization can see it, no matter what?

Encryption is the answer. There are several approaches, from password-protecting individual documents to manually encrypting files with a zip or other compression program.

I use BoxCryptor.

BoxCryptor and similar tools ensure the data you place online is always encrypted and safe from prying eyes. You access the files normally, and BoxCryptor handles the rest.

Hackers — even law enforcement, if they gain access — would only ever see encrypted blobs of random data. Your data stays safe in the cloud.

Data loss

By “data loss”, I mean that when you go to access your data stored online, it’s inaccessible or just not there. Include the threat of ransomware, loss might be a larger cloud data threat than exposure.

The most common scenario is the same as above: someone hacks your account with the cloud storage provider. The hacker might then change your password, denying you access, or just delete all your files. The result is the same: you can’t get at your files any longer.

The cloud service providers are almost certainly backing up their equipment, but those backups are for their protection, not yours. If a hacker deletes all your files, it’s extremely unlikely the provider will restore them for you.2

If your account is unrecoverable or your data deleted, you just may be completely and severely out of luck.

Protecting yourself from the threat of data loss

We already know how to protect ourselves from data loss. You don’t need an online service to be at risk — one failed hard drive can get you the same result.

Backing up is the answer.

Specifically:

  • Data existing in only one place is not backed up.
  • Online services are only one place.

For example, if you have files in OneDrive, then OneDrive is only one place. Even if you have the files in OneDrive folders on multiple machines, you must still treat it all as one place. (Remember, deleting a file from within OneDrive will quickly delete it from all of the other OneDrive installations.)

Make sure you’ve backed up those files somewhere else. “Somewhere else” could be  different online service, your PC’s external hard disk, or somewhere else entirely.

Assume the online service you’re using might go away suddenly and completely. Assume all your files in the online service are deleted at the same time — both what’s literally stored online, and anything that might have been replicated to your computers.

Could you still recover the files from somewhere else? If the answer is no, you’re not backed up.

Provider problems

One frequent conversation revolves around whether or not the service providers — Microsoft for OneDrive, Google for Google Drive, Dropbox, and others — are cloud data threats themselves.

I believe strongly that those three (and many others) are quite trustworthy and have no problem placing my data in their hands. I don’t even feel the need to necessarily protect my data from them. In my opinion, the data-exposure and data-loss scenarios present greater risks. I’m more likely to encounter a problem due to a hacker than I am due to a problem at the service.

Nonetheless, it’s a valid concern: it’s important that you be able to trust the provider of your service. If you feel you can’t, it’s time to choose a different service.

If that’s not an option — or you do trust them, but for safety’s sake you’d like to behave as if you can’t — then the solutions remain the same: encryption and backups. Encryption to keep your data private, and backups to prevent data loss.

Those two solutions combined can help you safely and securely use cloud storage for whatever you’d like.

I know I do.

Subscribe to Confident Computing! Tech problem solving & safety tips & a weekly confidence boost in your inbox every week.

I'll see you there!

10 Reasons Your Computer is Slow

Slow Computer?

Speed up with my special report: 10 Reasons Your Computer is Slow, now updated for Windows 10.

NOW: name your own price! You decide how much to pay -- and yes, that means you can get this report completely free if you so choose. Get your copy now!

Podcast audio

Play

Footnotes & References

1: A Star Trek reference, for those that didn’t catch it.

2: Some services, like OneDrive and Dropbox, do have a Recycle Bin and may even detect mass deletions or changes. This can give you an option to recover your files from a specific date. It’s a nice safety net, but it’s only a convenience, and not something I’d want to rely on.

10 comments on “The Two Types of Cloud Data Threats and How You Protect Yourself”

  1. Not sure if you do recommendations on specific programs, but I just started using a cloud service called Sync that claims to have end-to-end encryption and no employee access to files. Any thoughts? I’m seriously considering storing sensitive files on it.

    Reply
  2. Leo, you wrote:

    “Cloud and cloud, what is cloud??!!”

    The very instant I read that, I burst out laughing. I didn’t even need to see your footnote; and I respond: “You are not morg, you are not eyemorg!” (Whatever the “H” that means.)

    LOL!!! 🙂

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.