Top 10 best practices to protect your data on cloud

Reading Time: 3 minutes

 

blog_cartoons_cloud2_16

In today’s world, collaboration is imperative and storing data locally in a single location is impossible. Cloud applications are indispensable. We are also well aware of how vulnerable our data is in the cloud. It is crucial for us to understand how to protect our data.

Below are 10 tips on how to protect your data on cloud:

  1. As a very very basic security measure, use antivirus, anti-malware and anti-spyware. Here is a review of top 10 free antivirus softwares.
  2. Ground level security – Very strong passwords. Generally, even the simplest script written to break passwords will take only a few seconds to decrypt passwords made of words/DOB/names/dates. Here is an interesting article about 20 most commonly used passwords which includes most obvious passwords such as ‘password’ ‘123456’ etc. Also, needless to say, do not use one password for all sites. The trick here is to generate a random long password with capital and small letters, special symbols and numbers, usually 8 to 12 characters. Let’s not sweat it. There are simple password manager tools that generate and store passwords for you. Here is a review of five best password managers according to life hacker.
  3. Recycle passwords – Passwords ought to be changed every 90 days.
  4. Enable multiple levels of authentication and authorization. It is generation of a code or a password on the fly by the service provider which is then sent it to one of your accounts that is independent of the account currently in use. For instance, bank websites require authorization before making a transaction by sending a code to your cellphone or mail. Here is a detailed article on how to enable multi factor authentication for 20 popular cloud services.
  5. It is also a good idea to frequently review activity logs regarding log-in details, permission changes and your shared files accessed by other users and their timestamps. Example, websites such as Google, Facebook and others have a functionality that send a mail for every log in from your account.
  6. Eliminate the practice of naming files with keywords describing file content. In case of an attack, it becomes far too easy for the hacker to spot files with sensitive information using file names.
  7. Be extremely cautious of the type of information shared online and who you are sharing it with and how (remember to check if it is SSL/TLS encrypted – ‘https’ with a green padlock symbol). As a rule of thumb, do not share any personal identifiable confidential information such as SSN, PIN etc. Use discretion.
  8. Read terms and conditions to verify if your data is encrypted while in the cloud. It is very likely that it isn’t encrypted in which case you need to be cautious about what you will be storing and sharing.
  9. Always do a thorough background check of the security policies of the cloud application you would like to use. Although conservative, it is a good idea to stick to the popular and reputed ones. However, you might be surprised at how vulnerable some of the most popular websites are, as well.
  10. Do not tie up all your different accounts to each other, although convenient. Always remember a chain is only as strong as its weakest link. If one of your accounts gets compromised, it won’t be long before all the information in your other accounts do too.

 

 

References:

http://www.bu.edu/infosec/howtos/how-to-safely-store-your-data-in-the-cloud/

http://www.eweek.com/security/slideshows/securing-sensitive-personal-data-in-cloud-services-10-best-practices.html

http://www.evolven.com/blog/10-more-cartoons-cloud.html

 

 

Tagged , ,

4 thoughts on “Top 10 best practices to protect your data on cloud

  1. boris.marushchak says:

    Nowadays, antivirus software is not enough to protect anything 😀 That’s true era of technology and if hackers want to hack you than this software could be even easiest way to cloud (online) and offline files.
    When it comes to the password it way better to change it ones or twice a week. It depends who you are as business unit or physical person.

  2. Catherine Świątek says:

    Thanks for so many tips! However, some of them would be very hard to implement, e.g. eliminate the practice of naming files with keywords describing file content, it will be hard to spot files not only for the hacker but for the user as well  And when you work at a company, the majority of files have sensitive information.

  3. bergman.wendy says:

    I agree with Catherine, it’s a great list of tips and some of them can really make a difference. However some I would find difficult to adapt to. For example changing passwords every 90 days is such good practice, but im already happy when I can remember the one I use :P.

  4. Hanna Hotsyk says:

    A useful list of tips. But it’s true that many people are too lazy to use them. I am just trying to avoid using a cloud.

Leave a Reply

WordPress › Error

There has been a critical error on this website.

Learn more about debugging in WordPress.