It seems like a week doesn't go by without some sort of information breach optical phenomenon. As I embark through the 30 Days With the Cloud journey, it occurs to me that I am placing an awful lot of faith in third parties to keep my data protected. So, the inevitable question becomes, "can I trust my data in the mottle?"
If I am going to keep gigabytes upon gigabytes of sensitive data stored online, I need some assurances that IT is safe. The data needs to be secured, rather encrypted, so that information technology is protected even in the effect that the storage that contains it is compromised. Only, yet encrypting data can be tricky when it comes to third company cloud storage providers.
For instance, cloud storage provider Dropbox was at the heart of some controversy last year related to its file encryption. Dropbox claimed that all files are encrypted and protected from unofficial access, but Dropbox maintained check of the actual encryption keys.
That means that — although past random people may not be able to access my data — Dropbox employees can. They Crataegus oxycantha share my data if compelled by law enforcement, operating theater employees power access and view the files themselves. It is purely prohibited as a matter of policy, but anyone WHO would surreptitiously view my information probably also lacks the good compass to give care about the policy.
Data stored online needs to be encrypted to protect it from unauthorized access.
In defense of Dropbox, there is a reason it maintains control of the encryption keys — simpleness. While IT is more unattackable to countenance customers to ascertain their own data encryption keys, information technology can also make over serious issues when the customer loses those keys and finds out that nobody other — not even Dropbox — can access the information. And, customers can tranquillize encrypt their data through other means with their own keys if they prefer.
That very seems to be the only viable answer. If I encrypt the information myself, I bed that I hold the keys and theoretically only those people I authorize will be able to access code my files. But that complicates things, and adds some administrative and processing overhead.
For businesses considering a move to the cloud, in that location are also compliance mandates to count. Putting data online comes with some risks, and businesses need to take spear carrier precautions to induce in for that data is not unclothed or compromised.
For tomorrow's 30 Days With the Cloud military post, I am going to examine the rif-side to this coin, and take a closer look at about ways that my data might actually be in better workforce in the cloud.
Study the Last "30 Years" series: 30 Years With Windows Phone 7
Day 19: IT Section Enclosed
Day 21: My Data Might Beryllium Safer in the Mottle
0 Response to "The Cloud, Day 20: What About Security? - stokesfrighters"
Post a Comment