Posted by on March 21, 2018

What is cloud computing?

Cloud computing is the general term referring to a network of computers that store and transfer data.

The typical cloud storage system is arranged like this:

  1. A company offers cloud computing as a service.
  2. That company controls the master control server.
  3. The master control server connects to the client computers (meaning you) and also to an entire network of database storage servers.

Cloud providers can be either public or private. Most providers store multiple copies of your data. That way, if one storage center is incapacitated or destroyed (ie. fire or earthquake), your data is still safe. (BBC)

cloud access on light blue waves

Can the cloud be accessed from anywhere?

Cloud storage offers instant access to your data – anywhere, anytime.

Cloud storage also allows multiple people to access the same data at the same time and from different locations. As long as you have Internet access, you have cloud access.

Unlike individual servers, cloud storage has no limitation on the amount of data stored.

Another handy benefit is the ability to backup your data. If an individual device crashes, your data isn’t lost along with your unlucky hardware.

How is my cloud-based data encrypted?

Encryption uses algorithms called ciphers to scramble your data (plaintext) into gibberish. The result is called ciphertext. The only way to translate ciphertext back into plaintext is using the key.

There are two forms of encryption: transit and resting.

When data is in transit, or traveling, from your computer to the cloud, it’s usually encrypted with at least 128-bit secure sockets layer (SSL) technology.

But when your data is at rest, sitting in storage, it’s much less likely to be encrypted. Some cloud storage providers offer resting encryption while some don’t.

The most widely used encryption algorithms fall into two categories: symmetric and asymmetric.

Decryption is simply reversing encryption.

Symmetric key ciphers, also referred to as shared secret or secret keys, use a single key.The encrypting system must share the key with the decrypting system. Symmetric key encryption is faster than asymmetric encryption, but both the data and the key must be exchanged. Most processes use a symmetric key encryption for your data but an asymmetric encryption to exchange the secret key.

Advanced Encryption Standard (AES) is the most widely used secret key and was developed to protect classified government information.

Asymmetric encryption is also known as public key cryptography. This system uses two different but linked keys. One is public, and one is private. The opposite key from the one used to encrypt a message is the key used to decrypt it. This is also the system used for digital signatures.

How secure is the cloud?

Infrastructure as a Service (IaaS) is increasingly being used by security teams to minimize risk.

IaaS is a platform through which businesses can outsource to an IT consulting firm who will handle not just the cloud-based storage but all servers, databases, and hardware,

If you’re worried about cloud security, there are steps you can take to increase your own data security.

Cloud storage is almost always stored in an encrypted format.

The weak link in the cloud security is where the encryption keys are stored, and that varies between providers. Some services store the key themselves while others require the individual user to store the key.

While it is more convenient for the service to keep the key for you, accessing it each time you log in and out, it also decreases your data’s security. Just like your house keys, having someone else hold onto them for you is less secure than keeping them in your own pocket. There’s more opportunity for the keys to fall into the wrong hands or be used for questionable purposes.

A few services require users to upload and download their files through a specific application that requires encryption. This means the user is keeping the encryption key. While your own files and applications can still be hacked, at least users know how their key is being used. But the biggest downside? If you lose your password, your data is irretrievable.

Automating workloads removes human error from workflows and increases not only accuracy but cloud security. Most successful security attacks result from human errors that create vulnerabilities that intruders leverage for entry.

Is my data physically stored somewhere?

Yes. It sure is.

Your data is stored on physical servers in data centers, or server farms. Chances are good that multiple copies of your data are stored on multiple servers in different locations, possible even around the world. This is called redundancy.

Unless you really go looking, you may never know exactly where your data is physically stored. After all, the beauty of cloud storage is that you can access your data from anywhere and at any time. Many cloud storage providers outsource their server farms to satellite locations to decrease costs and the parent companions are not required to release that information.

cybersecurity blue on wavesCan wiper viruses and malware get into the cloud?

When infected downloads and applications are stored on your computer, they can install themselves on your hard-drive. This puts the data on your computer’s hard drive and all the data on the company network at risk.

Your cloud storage provider or IaaS should also have safeguards to prevent the malware and viruses from spreading. But as users become more proficient at utilizing cloud storage, hackers also become more proficient at creating malware that looks for new ways to infect files and documents.

Yes, you can definitely pick up a virus or nasty piece of malware from the cloud. You can also upload malware to the cloud for another user. Automatically syncing your data to the cloud is sometimes enough to transfer malicious code. (Norton)

cloud strategy yellow on waved background

What can I do to make my data safer?

Plenty of encryption tools will allow you to encrypt your own data before transit. You can also choose a cloud storage provider that allows you to keep your own encryption key.

Other easy tips include creating a strong password and avoiding phishing.

Consider hiring an IaaS to automate as much of your workflow as possible. 

For more information about streamlining your document management systems, contact One Voice Data for a free consultation. 100% HIPAA compliant & secure.

 

Posted in: Tech

Comments

Be the first to comment.

Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*


%d bloggers like this: