Why “The Cloud” Isn’t Secure

Published on Aug 05, 2019 by Team Hidden

Why the Cloud isn’t as Secure as You’d Like to Believe (and What you Should do Instead)

“Data in the cloud may be more exposed to attacks and breaches than enterprises believe, while the sharing of sensitive data in the cloud has increased 53% year-over-year, and nearly a quarter of all data in the cloud is sensitive”

- McAfee, Cloud Adoption and Risk Report

We are generally very trusting in the security of “the cloud”. Mac owners rely on it with their entire life’s photos – the images of their firstborn, irreplaceable videos of loved ones who may no longer be here. Others upload critical business docs, sensitive customer data and commercial secrets.

But is this unquestioning trust warranted?

After all, we’ve seen, and continue to see, intimate photos of celebs leaked online – a direct result of their being ‘phished’ into handing out their access details. But even for those who are savvier – the ones who would never click a link in an email, there’s a lot to worry about. Like unscrupulous software companies such as Pegasus, which has developed spyware that can copy authentication keys and access cloud services like Google Drive or iCloud. Then there’s the dark underbelly of hackers – the cybercriminals who are growing in numbers and taking leaps and bounds in the tools of their trade (Symantec reported a staggering jump of 200% in attacks in 2017).

“When it comes to super sensitive data, it is not always best to keep it stored in the cloud as you can never fully 100pc trust its protection... where possible, data kept off the grid is better protected”.

- Jake Moore, analyst at cyber security firm Eset (UK’s Daily Telegraph July 2019)

In April 2016, Mark Crosbie, international head of trust and security for Dropbox, was interviewed about their “solid” cloud security. At the time he described some of the security structure – “we split each data file into chunks - a process called sharding, and these chunks are then separately encrypted and stored in different places, so if someone did manage to break in and decrypt the data they'd only get access to random blocks”. A few months later, 68m Dropbox user passwords were leaked online.

This just goes to show that no matter the size of the company or the cloud service, no solution is impenetrable – Yahoo, Oracle, Sony, and T-Mobile being just a few tech giants to have suffered, as well as retailers including Target, Neiman Marcus and Home Depot.

And CIO tech writer and Enderle Group president Rob Enderle picks up on another salient point: “Simply stated, you can’t trust the employees of cloud service providers. Frankly, I don’t think we can really trust our own employees anymore either, but at least our capability to monitor them is far greater”.

Don’t get us wrong, the cloud certainly has a place in the lives of both private users and in business. It can reduce commercial costs, drive down administration and offers impressive reliability (the last time Google Drive went down was back in 2017, although the Apple iCloud has already gone offline twice in 2019).

“Keep the sensitive data out of the cloud, and lock down your current systems with secure firewalls and the latest security technology. There are plenty of files out there that you can share that don't constitute a huge risk”.

- Dan Olds, OrionX Anaylsts

Yet while the cloud does have its place, it shouldn’t be relied upon as a single standalone solution. And for the most sensitive of documents, serious thought should be paid to whether it should be trusted at all. This is especially the case given that businesses must now adhere to GDPR, which demands that you know ALL about your cloud solution, such as where their servers are based, whether you can completely erase and download all data and what security measures are in place.

"I think people have bought the story that the cloud is a panacea to them. They think it must be good because the cloud is the hot thing right now. What I've found in my research is that real data center folks aren't that enthusiastic about the cloud, and they don't think it's more secure".

- Dan Olds, OrionX Anaylsts

If the cloud isn’t safe enough, what is?

Here’s the thing - the safest and most secure place for your data is on your devices’ local hard drive. But in turn you must also add an extra layer of security (and remote access), just in case your device falls into the wrong hands. After all, Apple MacBooks, iPads and iPhones are stolen ALL the time (and are rarely returned).

So it makes sense to use theft recovery software that works to try retrieve your device and its critical data first and foremost. HiddenApp goes far beyond ‘Find My Mac’ and ‘Find My iPhone’ to triple up on your data security. With Hidden, in a few taps you can track down its exact location, remotely take photos of the thief and screenshots of what they’re accessing, lock the computer, and as a last resort remotely wipe it.

Find out more at www.HiddenApp.com

Get ten steps ahead of would-be thieves by installing Hidden App on your Apple devices. Then track, locate and recover them (and your precious data).