Welcome!

Security Authors: Elizabeth White, Raja Patel, Liz McMillan, Yeshim Deniz, John Barco

Related Topics: Cloud Expo, SOA & WOA, Virtualization, Web 2.0, Security, Big Data Journal

Cloud Expo: Article

Cloud Storage: The Truth About Your Security

Cloud storage is your safest bet now more than ever

In light of the recent NSA snooping scandal via their PRISM program regarding private cloud computing security, many people are left wondering if their sensitive data is actually secure. In fact, the statistics points to this startling fact: businesses and individuals alike have been scrambling to remove their data from the cloud and away from any potential threats. Industry analysts have recently stated that the cloud arena is slated to lose roughly $35 BILLION (with a ‘B') because of this debacle alone.

People have already come to accept what they perceive to be future reality - a communistic approach on governance concealed in the form of capitalism. The fight will continue to go on however the question that begs to be asked is: how did this happen? Large data storage companies state explicitly in their Terms of Service that unless you have been deemed a threat to Uncle Sam, they legally cannot hand over any information to the government. Furthermore, there was no evidence to suggest that these cloud storage companies were aiding the government in their meddling affairs. So the question still stands: how did the U.S. government pull off a Houdini-like act?

A rarely spoken about theory is one that has to do with the actual security detail and structure of these storage companies. For example, in this MyPC Backup review, it states that they employ a 256-bit AES & SSL level of encryption which is one step above a 128-bit encryption that is generally used by large financial organizations such as banks. There is virtually no chance at a hacker, or group of hackers, breaking that encryption. Heck, the U.S. government could have spent billions of dollars trying to crack it and they most likely would not have succeeded. But is that all there is to encryption? No...and this is what most people (and storage companies) fail to realize.

While your data is secure once it reaches the company's data center(s), it is extremely vulnerable during the data transfer process. The chances of an individual hacker, or even a group like ‘Anonymous', accessing your files while you are transferring them to your storage provider is essentially nonexistent. However, a group of hackers are no match for the U.S. government, which spends hundreds of billions of dollars on monitoring random American citizens nationwide. They, in all likelihood, analyze routines and evaluate patterns on everything a person does, including how, where and when a person transfers their data. This would "coincidentally" explain the level of ease displayed by the NSA when gaining access to files. Consequently, this theory (or fact?) of the NSA accessing files during the transfer process is possibly the catalyst for the birth of a new piece of technology. IBM has recently developed a technique for protecting data during the pre-transfer process.

With so many questions surrounding cloud storage security recently, many people appear to be transitioning to home storage solutions such as WHS. However, cloud storage is your safest bet now more than ever. The NSA is under an immense amount of pressure from the U.S. Senate because of PRISM and that won't change. Additionally, cloud companies have taken measures to counter security threats such as the new IBM technique mentioned above. While home storage solutions offer better control over your data, you can be assured that your data is more secure in the cloud.

That leaves us at optimal control (home storage) vs. optimal security (cloud storage). Therefore, it is recommended to operate some sort of hybrid storage plan - cloud and home based. As the saying goes: don't place your clouds in one sky.

More Stories By Natalie Lerner

Natalie Lerner is a senior contributor for CloudWedge. In her spare time, Natalie enjoys exploring all things cloud and is a music enthusiast. Follow Natalie’s daily posts on Twitter: @Cloudwedge, or on Facebook.