Tips to Stay Secure While Using Cloud Computing
Cloud computing is the process of storing data in an off- site storage system that is maintained by a third party. It provides computing over the internet. If you store your websites in a cloud then you will have access to highly optimized virtual data centers that provide hardware, information resources, software for you when needed. You can connect with the cloud and use the available resources on a pay for use basis, unlike getting servers where you have to pay even when there is no such activity going on in your website. Though it is a relatively new system for general consumers there are some good companies that offer this service they are: Dropbox, SugarSync, Box.net, SpiderOak, Amazon Cloud Drive, Windows Live Mesh etc.
How secure are the companies?
The service providers are usually well reputed and are HIPAA or PCI certified. Companies have basically three level of security. There is a physical level of security where the physical environment of the data center is secured and protected from human and natural threats. Then there is the logical level security, which includes usage of sophisticated firewalls and antivirus. Finally there is methodology level security where everything is encrypted. But there is always a chance that some clever attacker might get access to your system and steal vital information. While companies or cloud service providers can be held responsible for any problem you face from their side, you cannot hold anyone liable if the fault is yours. So, there are certain things you can do to stay secure:
• Smart password– 1234, “password” are the most common passwords used by thousands of users around the world including some of the big names. Hence, it is no wonder that some of the renowned websites gets hacked easily. Passwords are meant to be difficult to remember and unique, hence the more complicated your password is the safer your data will be. The best practice for a more secure password includes using a name that is easy to remember yet complicated to get through, for example you can write bsetgsot as B53:tgSot. You can replace letters with numerical, for example instead of ‘O’ you can write ‘0’. It is recommended to use at least one or two numericals and an upper case character within the password.
• Reusing password– You must never, ever use the same password for different sites. You will have to take a bit of a trouble to remember all of them, but it is worth the trouble. The risk with reusing password is that once a single account gets hacked you stand a chance of losing all the other sites to the hacker. If the attacker gains access to your mail then he would be able to change password of all the other systems. Now with the mobile alert system this problem may rarely occur. Password is meant to be private, so do not share it with anyone as they might leak it accidently.
• Back up the data– With cloud computing you no longer need hard drives or pen drives to store and backup your data. Dropbox offers a couple of gigabytes of storage that is absolutely free. They create a folder on your hard drive that is linked to the web, and all you have to do is upload the files and drag them to the folder. With Windows Live Skydive you can even edit your office documents in cloud. As for Amazon’s Cloud drive, it offers 5 GB of storage absolutely free along with a web interface to upload your files. Service providers like SugarSync and Mozy automatically backs up important data for you. It is best to store files you mostly use in Dropbox and try to back up in a free service like Amazon Cloud Drive.
• Stay alert– It is important to log out before shutting your systems to avoid any sort of vulnerability especially when accessing public system. It is best not to access vital information from public systems as you may not be aware, but they may contain viruses that may leak your information to a third party.
• Testing– Though this method is not something you should try but in case the data that are stored are crucial you can try to test the security level of your service provider by hiring ethical hacker to get into your system. If the hacker gets access to your data then there is definitely a loophole in the system that should be notified to the service provider. However, think twice before you take this measure as you might get into trouble.