Protecting Yourself From the Dangers of the Cloud

The cloud can be a dangerous place. Malware can infest your computer, stealing your passwords and more. Hackers can brute-force crack your passwords or use social engineering to get into your accounts. And web app operators can accidentally delete your files, removing years of memories in a click.

We usually assume that the companies that we use services from online can be trusted. But what if your legitimate accounts were closed for no reason. What if Google or Dropbox decided you were breaking their terms of service? Problems like this happen more often than we’d like to admit sometimes, and if you’re not planning ahead, you can end up being caught without your important files with no way to get them back.

That’s not to say the cloud is more dangerous than normal computers on their own. Your laptop’s hard drive could quit working for no apparent reason, and many of us have lost pictures and more from corrupted flash drives and memory cards. To prevent this, though, we usually backup our work and use security software to keep the worst stuff off our computers. We need a similar strategy with the cloud. Let’s look at some commonsense strategies for keeping your data safer, no matter where you store it.

In Google We Trust (or not)

This past week, a story made the rounds of Twitter about Google deleting a user’s account. Dylan, ala @ThomasMonopoly, wrote an extensive open letter to Google,  detailing how his Google Apps account had been suspended without any given reason other than that he’d violated the Google terms of service. Google didn’t tell him what he had violated in their 4,223 word Terms of Service. They also haven’t given him a chance to at least download the emails, pictures, documents, contacts, and more that he had saved in Google’s web apps. In a moment, his entire Google digital life was snatched away. He’s tried contacting Google, and Googler Matt Cutts even responded publicly on Hacker News that Google believes they’re right in deleting the account, but can’t say why.

Even if the user had done something wrong in his account, it still seems very wrong of Google to not give users any option to get their data out of Google’s servers after their account has been suspended. The volumes of important data we save in Google Apps daily, from important documents to irreplaceable emails, makes the risk of your account getting deleted a more scary thing than ever.

But this is not a single incident. Other users have complained of having their Google accounts suspended for dubious reasons. Numerous Google+ accounts have been removed for various reasons over the past few weeks. Hotmail has had several incidents over the years of emails being inadvertently deleted. Website hosting services have lost websites and crucial databases before during server changes. Dropbox had a recent problem that let any account be accessed with any password. And users of Sony, Gawker Media, and more had their passwords, emails, and more exposed to the world when their servers were hacked in recent years. Even an accidental mistake can cause a wide range of problems for users, from losing their data to having their identity stolen.

Protecting Yourself From the Cloud

So what’s the solution? Should we stop using cloud services? No, just like you didn’t throw away your computer the first time you heard about viruses, worms, trojan horses, and more. No matter what type of applications and devices we’re using, there are going to be some issues, sometimes from code, and sometimes from the folks who made the application. What you do need to do is to protect yourself.

No matter what computing device or system you’re using, there’s two main things you need to do to protect yourself: backup data, and minimize security risks. On your computer, you might run a regular backup to an external hard drive, and install antivirus software. At the very least, you’ll be careful not to browse to sites that might have malware, and will only install programs you’re certain are good.

On the web, your strategy shouldn’t be much different. Here’s some ways to keep yourself safer when using cloud apps:

Backup

  • Sync data whenever you can – Many of us have ditched Outlook and other email apps, and rely fully on Gmail. This usually works great, but it’s also a good idea to have your own saved copy of your emails, contacts, and more. One way to do this is to regularly sync with your favorite desktop email application. If your email account is deleted, you’ll at least still have a backup of your correspondence. This is one good thing about Dropbox: you’ve usually got all of your files saved on at least one computer in addition to the cloud.
  • Download export files from your services – Many web apps have an option to export your data, and you should take advantage of this regularly even if you don’t plan to quit using the service. Google offers advanced export from all of their services at the Data Liberation Front, and many other services including Pinboard, WordPress, Simplenote, 37signals apps, and more have similar options. Download your export file, and save it with your other computer backups for safekeeping on a regular basis.
  • Use backup services – One of the newer ways to keep your cloud data safe is with backup services. Backupify is one popular service that automatically backs up your Google Apps, WordPress, Flickr, Zoho, and more. VaultPress is a great service for keeping everything from advanced WordPress sites backed up. Pinboard can keep an archive of your Tweets and full copies of your bookmarked sites. These and other services like them are great ways to make sure you can always get to your data, even if an account is shut down.

Security

  • Use complex, unique passwords - It’s amazing how many people use simple passwords even for their most sensitive data. You should always use as complex and difficult to guess passwords as you can, and should avoid using anything with a dictionary word or personal information that someone could find out. If you can, use a random password generator to create your password, such as the ones built into 1Password and LastPass.
  • Never reuse passwords – This is a rule of thumb that’s harder to do, but it can really protect you if one of your accounts is hacked. Even a very complex password won’t help you much if you use it everywhere. Instead, consider using a password manager like 1Password or LastPass. Then you’ll only have to remember one ultra-secure password, and it can save the rest.
  • Only use reputable apps – Just because someone sent you a link for a service doesn’t mean it’s a secure app. Always check into links you receive to make sure they’re valid and not designed to steal your data. And if you’re using a brand new app, make sure you feel good about it and the service overall before you put in your private data.
  • Keep your email secure above all – Your email is essentially your online passport. You use it to login to almost everything, and there’s usually an incredible amount of private data in your email folders. Be sure to always keep your email password secure, and change it regularly. It’s also a good idea to use your own personal domain name for email if you can, so even if your account was shut down, you could always move to another service and keep the same address.

The Future

As we rely more and more on the cloud, it’s increasingly important that we don’t blindly trust services to protect our data. Just like you can’t trust that your computer will never have problems, or for that matter, that your cars tires won’t ever go flat, you really can’t guarantee that your favorite cloud service won’t have a problem. There’s many ways to keep your data safe, but you need to be proactive about it.

Then, when you’re looking for apps to use, always try to use apps that have options to export your data. The more places you’ve saved your data, the less likely you are to lose it. Also, try to use apps that are as secure as possible. If your favorite apps don’t use https when you’re logging in, or don’t have an option to backup your data, feel free to write and let them know why you want these options. It’s better for users and the companies if everyone can keep their data safe and secure!


  • http://www.technicallydigital.com Hammad

    Same thing happened with a friend of mine. His Google Account was closed without any reason. And thanks for the tips. I think every cloud user should sync his data every day and make a backup on some external HDD or usb

  • Pingback: Linkswitch #79, More Refereals, Brand Myths, Mutimedia Savvy

  • Pingback: Linkswitch #79, More Refereals, Brand Myths, Mutimedia Savvy | Freelancing Help

  • FreelancerJ

    On the keeping email secure front, I’ve been using email alias’ to keep my account secure. I have my central email address, the “real” one, but I then have 5 alias’ that I use when registering with various services around the web. Because that way, even if one of those sites get hacked and my account information exposed, no one has the account I use to log in with.
    For example, even if I were, in a moment of weakness, to register a facebook account and use the same password as my email on it, if my facebook account gets hacked and someone tries to log in with my “Me” account, they will be trying to use an invalid username.
    As well as the security, it means I can get email to do with my online persona, my professional persona and my personal persona in one place, but not be cross-providing any details in doing so. Makes for good times :)

    I really should, though, get to using unique passwords, as stated above. I currently have a small set of different passwords I use for different things based on how much I value the contents of those accounts.
    My email password and computer user account password, needless to say, are pretty decent, however my facebook and G+ passwords probably leave something to be desired. And like I said, they should probably be more varied! :D

    Mac OSX actually has a password generator built into the Keychain Access app, with a fair range of options for complexity and length, just thought it was worth mentioning :)

  • Pingback: Your Say: Have Your Online Accounts Ever Been Hacked?

  • yozenbalki

    I felt the same insecured discomfort to use those cloud apps. Because one has to register his ip number and pass word of his personal computer via these app maintaining people. Their server would be holding your access code. Then where is your safety? Men may or may not be good…the server may or may not go astray. The result would be a disaster for us. Afterall our home pc contains all of our beloveds data…can be vanished at a wrong touch/tech fault. No one can ask any one then.
    As the writer says…its a million dollar question to be or not to be..in cloud…in blue!!

    -yozenbalki
    senior Psychologist

theatre-aglow
theatre-aglow
theatre-aglow
theatre-aglow