Best Practices for Cloud Security: Keeping Your Personal Information Safe
Cloud security is something that many of us struggle with every day. We need more space outside of our homes to store personal and professional files and data, but we wonder how safe and secure sending our information to the cloud truly is. Recently, I had a chance to catch up with Alen Peacock, co-founder of Space Monkey, a consumer cloud storage system owned by Vivint, to chat about the best practices for keeping your information and personal data safe on the cloud.
Following best practices for password protection
Creating strong passwords is a challenge for many of us. Sites sometimes have strict requirements when creating a new password, including numbers, capital letters and a specific number of characters. Alen had a few suggestions for creating stronger passwords.
“You get much more strength when you have a longer password,” said Peacock. “My favorite strategy is to use longer, multi-word passwords. Picking four words that are random and stringing them together creates much more protection and it’s easy to remember.”
He also suggested having different passwords for every site, but acknowledged this method isn’t practical for all users. If you have multiple accounts, it’s nearly impossible to remember the passwords without assistance from a password managing system. However, Peacock warned against using them, since they too are open to vulnerabilities. If your password manager is hacked, then all of your passwords are compromised.
According to Peacock, the worst possible strategy for password safety is to use the same password everywhere. The problem becomes if one site is broken into, then all your accounts are at risk of intrusions.
Using a tiered approach for creating safe passwords is a better method, but also comes with its own set of issues. When using a tiered approach, a single password is created for accounts in different tiers. For example, all social media accounts would have the same password, all financial accounts would share a password and so on. Unfortunately, with this system the same issue persists; if one password is compromised then all passwords in that tier are compromised.
Peacock reiterated that the best advice is using a different password for every site. The main problem is “remembering all the passwords, using a password manager and potentially ending up with compromised accounts. Unfortunately, we don’t have anything better yet,” he said.
Finding the best method for backing up data
The choices for cloud storage can be overwhelming. Peacock explained that Space Monkey is “where the world is heading.” Space Monkey is a primary storage system with built-in backup. Peacock said, “The world is moving towards systems that automatically backup once you hit the save button.” He suggested that even if you’re not using Space Monkey, it’s a good idea to have some sort of third-party backup system in place.
Using two-step verification
According to Peacock, “Most cloud storage services do offer two-step verification, which means you have a user name and password and also a second form of verification. This system is good, but most people hate it since an extra step is required to access your information. It becomes awkward and clunky to utilize. It can protect against certain types of attack, […] but because of the awkwardness of it, it’s not as effective as we would like it to be.”
Limiting access to staff members and third-party cloud vendors to only the data they need to perform their jobs is important to protect the safety of cloud storage data. According to Peacock, it’s important to have “rings of access control in every system where you have a need to access privilege escalation in order to have access to things.” He doesn’t feel as though this is presently the norm in the cloud storage, but hopes this will change over time.
When determining if you should send sensitive material to the cloud, Peacock noted it ultimately comes down to a matter of trust. Is the company that’s providing cloud storage for you doing what they said they would do? Once you hand over your files, you have to be willing to give up control.
“Anyone who’s really paranoid about sensitive material should probably encrypt that first by themselves and then send that encrypted content into the system,” Peacock explained.
Trusting in encryption
According to Peacock, if you can create a system where each user of the service has their own set of encryption keys then it solves many of the problems that other vendors face when they use a global shared encryption key for all data. That’s a problem because any employee with access to that encryption scheme can access all data, leaving it vulnerable.
“It’s important not to just encrypt the data but that each user in the system has their own set of encryption keys,” Peacock said. “We take it a step further at Space Monkey where each object has its own encryption keys so every file is uniquely encrypted.”
With the right amount of password protection and a reliable cloud storage system like Space Monkey, you can rest assured knowing your personal data is safe from prying eyes.
Learn more about Vivint’s cloud security solution, Space Monkey, here.