I am a big fan of cloud storage services. It’s magic to me, the way that the photos that I take with my cell phone appear on my PC when I get home, without having to plug anything in. And to have all of my work from my desktop PC available to me on my laptop.
My data is available to me alone unless I choose to share it with someone. Most cloud services encrypt the data during transfer to/from the Internet (“SSL” encryption – you’ll know it’s encrypted because of the “s” in “https”), and then again when it’s stored on their servers. So if a hacker gets into their servers, unless they can crack the encryption, my data is still private.
The main risk is if my password gets compromised. Then anyone with my user id and password could access all of my data. If you’re concerned about cloud security, then it’s important to have a strong password, and to change it often.
You’ve probably heard that term before, but what does “strong” password mean? How long does it need to be? Do you need special characters? Numbers? How many? Do you need a different password for every cloud service? How do you remember all of those passwords?
It’s a complex subject. And unfortunately, the recommendations for “strong” passwords keep changing, as the hackers become more sophisticated.
I recommend using a password manager. Let the experts worry about it. A password manager is a plug-in for your web browser. You can use it to generate a password and it will indicate how “strong” that password is. Once you use that password to log into your cloud service through your web browser, then you can store that password in your “password vault” that the plug-in supplies.
The password manager is itself a cloud service, so you need a password for it. But it’s the only password that you really need to remember for all of your cloud services. I start with a word that has some personal meaning to me, add a character between syllables, a few numbers at the end (that I’m sure that I’ll remember), and then use the word in a complete phrase.
Password managers use a extra level of security for their cloud service. Your password vault gets encrypted locally, on your own computer, and then transferred and stored on the cloud server. When you log into the service through your web browser plugin, the reverse process happens – the password vault is transferred from the cloud down to your PC, and then decrypted.
I use LastPass as my password manager. Other people that I know have recommended OnePassword, which works similarly.
I believe that you can relax about your cloud security if you use a password manager and if you change your passwords regularly. The convenience of using a cloud service far surpassing the slight risk of having your privacy compromised. However I do not use cloud services for financial data, nor do I store my passwords for financial sites in my password manager. I suspect that it would be fine to do so, but I’m just not quite willing to risk it…
If you need help setting up your cloud service or password manager, Digital Chaos Control can help! Contact us today.
Great article, Pat! I think the key is to use a very strong password and change it frequently!
My pw are not very strong since I try to remember them. But I know I should have more complicated ones. Thanks for the great info!