Secure your cloud-stored data

Trash canEven though cloud services save your data on multiple machines, that does not really mean your information is backed-up. A number of high profile cases have shown that cloud-stored personal and business data (including emails), are at risk of being lost either by malicious means (hacking) or human error (accidental deletion). And wherever your data goes, your reputation will follow.

What’s the problem?

I read Hacked! by James Fallows in Atlantic Magazine last year which describes the aftermath of the hacking of his wife Deb’s Gmail account. It’s a long read, but the gist of it is that a hacker took over the account, changed the password and deleted 6 years’ worth of correspondence:

All the notes, interviews, recollections … All the correspondence with and about her father in the last years of his life. The planning for our sons’ weddings; the exchanges she’d had with subjects, editors, and readers of her recent book; the accounting information for her projects; the travel arrangements and appointments she had for tomorrow and next week and next month; much of the incidental-expense data for the income-tax return I was about to file—all of this had been erased. It had not just been put in the ‘Trash’ folder but permanently deleted.”

That’s a lot to lose and many of us are just as vulnerable. Deb Fallows was lucky because she eventually managed to get her data back, but this was very difficult to achieve and it is not guaranteed to happen for everyone. So what can be done to prevent such a catastrophic loss?

Prevention

Reading Hacked! shocked me into changing passwords into longish, random, meaningless string of characters – different for each account. I kind of thought that was it, but the recent destruction of tech journalist Mat Honan’s digital life (his Gmail, Macbook, iPhone and iPad were erased in less than an hour and his Twitter account was taken over, with devastating consequences) proved that this assumption was still a bit naïve.

Google authenticationMat said that, in hindsight, he should have set up two-step account authentication on his accounts. This requires both ‘something you know’ (like a password) and ‘something you have’ (like your phone). Not all sites offer it, and it is not a default setting for those that do. Enabling it adds an extra hassle to logging in, but a little extra work seems worth while for extra peace of mind. The services (including Google, Twitter, Facebook and Dropbox) that support two-factor authentication are helpfully listed in this Lifehacker article, along with instructions on how to enable it.

Insurance

To actually insure against catastrophic data loss in the cloud either accidentally or through some attack you ideally need your own back-ups of your data. I use the fantastically simple Email Backup Pro (for Mac) which backs up my email accounts locally. And you can back up Gmail, Facebook and Twitter accounts via the online service Backupify. A recent Slate article explains why this is worth considering.

In summary, you need:

  1. Different strong passwords for key accounts;
  2. Two-step account authentication enabled where possible; and
  3. A backup you can access in emergencies.

If I haven’t made you feel too paranoid and you have found this advice useful, why not share it via the buttons below?

If you think your data hoarding is getting out of hand, read Help for Cloud-Storage Hoarders.

Do you have any other tips to share?

Articles and resources referenced in this post:

Hacked! James Fallows, The Atlantic

How Apple and Amazon security flaws led to my epic hacking Matt Honan, Wired

You Should Back Up Your Gmail, Facebook, and Twitter Accounts Farhad Manjoo, Slate

Here’s everywhere you should enable two-factor authentication right now Whitson Gordon, Lifehacker

Email Backup Pro for Mac provides automated email backup of the most common email applications.

Backupify lets you backup Gmail, Facebook and Twitter accounts online.

Help for Cloud-Storage Hoarders considers Distributed Data Disorder (DDD) and what to do about it.

Mentions

This page was positively mentioned in the smallbiztrends.com article: MasterCard Sells Customer Data for the Holidays. Thank you!

Comments

  1. That’s a good point Heather. Data loss can quickly lead to business disaster, quickly followed by reputation disaster. By actively taking sensible (and relatively simple) precautions such as using strong passwords, two-step account authentication, encryption and secure backup you will help protect your business and reputation.

  2. The main concern in cloud computing remains data security and with good reason. Data must be protecting no matter where it is stored, if your business is to keep operating effectively. To do less invites disaster. There is, of course, the danger of many kinds of important data being obtained including bank account sign-ins and other information depending on the online tools you use. Whether it’s more dangerous than storing all this stuff on your home hard drive is debatable, but the main focus should always be on taking precautions no matter how your data is stored.

%d bloggers like this: