Cloud Storage and Technology Security. Key Rules

Cloud Storage and Technology Security. Key Rules
Oleksandr Filipov
Oleksandr Filipov Security engineer at Datami
Nov 13, 2024

Guidelines for Ensuring Security and Reliability of Cloud Storage and Technologies

Which cloud storage services do we use most often? Some of the most popular are Dropbox, Google Drive, Microsoft OneDrive, and iCloud for Apple users. There are also other, lesser-known cloud storage services, although their technology works in much the same way. It's important to make sure that the data in your Dropbox, Google Drive, or Microsoft OneDrive is secure, and that access is easy and intuitive.

Cloud storage today is 

a convenient service for storing and processing all kinds of  user information, closely integrated with desktop PCs and mobile operating systems on smartphones. We also rely on secure browsers for accessing cloud technologies. Every day, we sync with the cloud and store a large volume of photos, videos, documents, music, and even passwords saved in other services.

Having access to all your data from anywhere on the planet and from any device is certainly a huge advantage. But it also opens up great opportunities for those who might also want access to your files—namely, cybercriminals. Here are some rules to keep your cloud use secure: 

1. Use Strong Passwords and Two-Factor (or Multi-Factor) Authentication

All the standard cybersecurity advice applies to your cloud accounts as well: choose long, unique passwords that are hard to guess and use a password manager (to generate, store and manage them). Keep your passwords secret and secure, and be wary of any attempts to get you to share them (e.g., through an unexpected email), regardless of who asks for them, whether it's a bank or employer.

Also, if two-factor or multi-factor authentication (2FA) is available, it’s advisable to enable it (most popular cloud storage services support this option). Enabling 2FA means that unwanted visitors will be unable to access your cloud storage files even if they know your username and password, as an additional code from your phone (usually via SMS) will also be required.

2. Audit and Review Your Files and Shared Folders

Cloud storage services are excellent for sharing files with others—from family members to work colleagues—but they can also expose your data to unauthorized access. If someone finds these links, they could access the account of the person you shared these files with.

Be careful about who you share files and folders with; add access passwords and expiration dates to shared resources, if these features are available.

Today, many files are publicly accessible because someone once granted access without time limits and forgot to close it. A notable example was with VKontakte, where users could search “passport” in the “documents” section and find countless passport photos and screenshots from various users.

Another significant case involved Yandex, when the search engine indexed Google Docs and allowed many users to find publicly available files of varying levels of confidentiality that had been forgotten in shared access.

Regularly auditing all shared resources active in your account is also recommended—for instance, by clicking “Shared” in the Dropbox web interface. For shared resources that need to remain active, use any options available in your cloud storage account to make these resources read-only unless others need to be able to edit the files (Google Drive is one service where this is possible).

3. Clear Your “Recently Deleted” Files

Many cloud storage services use a “trash” feature, that keeps  files you delete for a period in case you want to restore them. This function is often useful and can be an advantage when recovering accidentally deleted information.

However, you should ensure that important confidential files are fully deleted and cannot be recovered by anyone else. That's why it's important to check the “trash” in your cloud storage if it contains important confidential files.

It's important to review the recovery options for deleted files that were previously shared with others who may have had access to them, as they might still be able to restore these files.

For instance, in iCloud, locate the “Recently Deleted” link to view files you’ve deleted. Setting expiration dates for your shared links is also the best practice.

4. Check Your Connected Apps and Accounts

Even if hackers can't access your accounts through traditional means, they may try to gain access through a “back door” by using another account connected to your cloud storage. They may also connect to your calendar or other email applications, making your cloud storage account more vulnerable.

Think of cases like Google Calendar where you may have received numerous “events” from unknown users with titles like “You have received $1,287,000, click the link to confirm this transfer” or “Transfer received, collect here” and so on.

These are all elements of social engineering used by black hat hackers to obtain confidential information.

At the very least, you should regularly check which third-party applications have access to your cloud storage, and remove those you are no longer actively using (you can always add them back if you need to).

For example, if you're using Dropbox, click on your avatar (top right corner), then “Settings” and “Connected apps” to see which apps are connected.

5. Enable Account Activity Notifications and Alerts

Most cloud storage services can send you notifications about various account activities, such as new logins, file changes, and access modifications. It’s essential to make sure these notifications are enabled. You can also subscribe to alerts about activity in your accounts, like new shared folders or deleted files.

Use every available notification option in each cloud storage service. Security with any cloud storage and technology begins with staying informed. 

At the very least, regularly check for recent activity in your accounts and files. For instance, in Google Drive, go to “My Drive,” click “Info” (top right corner), then “Activity” to view recent changes in your account.

6. Deactivate Old Devices That Still Have Access to Your Account

Most cloud storage services allow files to be synced across multiple devices. So, if you upgrade (or buy a new) phone or use a new laptop, it’s important to properly disable and deactivate old devices to prevent new owners from accessing outdated data. 

Usually this means logging out of the app completely before uninstalling it from the old device. Additionally, log out of the browser used to access the cloud storage, as many users choose “remember password and login” when accessing the cloud. This saves all login details in the browser itself, effectively making it a “key” to your accounts. Most accounts allow you to  do this remotely.

For instance, in OneDrive, you can click “All Devices” to view and remove old devices linked to your account.

7. Enable Account Recovery Options

Your cloud storage account is only as secure as its weakest link, meaning you need to keep your account recovery options as safe as your login credentials.

For example, have you set up a password reset email that you have full access to? In this case, it’s better to use a completely different email than the one you use for login. Many IT professionals use secure GSuite emails for data security and login control. Another reliable approach is to have multiple public emails (known to various services and people) for redirecting important emails to private, unpublished addresses.

Account recovery options are typically found in security settings; ensure they are enabled. If you have recovery methods through specific security questions associated with account access, these should be questions that no one else could guess, even those you live or work with (or anyone who follows your social media accounts).

8. Log Out of Unused Accounts

For convenience, we often stay logged in to our cloud storage accounts even when we are  not actively using them.

However, it’s essential to log out when you’re done working to prevent anyone else from accessing your files, especially if you’re using a shared computer (e.g., with family members or coworkers). Cloud storage providers also aim to keep your data secure, so the logout button is usually placed in a visible spot.

In iCloud, for instance, click on your name in the top right corner of the browser tab and select “Sign out.”

9. Protect Your Devices as Secure as Your Accounts

Physical security is important too. Keep phones, laptops, and other devices you use for cloud storage accounts safe from unauthorized access. Otherwise, if someone gains physical access to your phone or laptop, they may be able to access one of your accounts. If your devices are lost or stolen, the new owner could gain access to all your personal information. 

Some cloud storage apps allow you to add extra security within the app itself, such as an additional PIN, facial recognition, fingerprint (for some laptops), or retina scan. These options further enhance the protection of your cloud-stored files.

Another rarely used, but effective, method of data protection is “cloud data encryption.” This is a complex and resource-intensive process that significantly increases security. While cloud technology and its applications continue to expand each year, the security of cloud storage, technology, and authentication still leaves room for improvement.

You’re unlikely to find a flexible access control system, advanced event auditing with SIEM support, or built-in cryptography tools within them.

Your Datami

free_consulidation

Fill out the form below, and we’ll get in touch with you right away to discuss a plan to protect your business!

Updated: 09.12.2024
(0 assessments, average 0/5.0)

Related content

Information Security: Types of Threats and Methods of Mitigation Oleksandr Filipov
Oleksandr Filipov

Information Security: Types of Threats and Methods of Mitigation

Information security encompasses methods for protecting data from threats that can harm individuals or companies, and it requires continuous improvement due to the evolving technologies of criminals.

Nov 14, 2024
Smartphone Security and Cybersecurity Oleksandr Filipov
Oleksandr Filipov

Smartphone Security and Cybersecurity

Smartphone security is important, as the increase in their usage comes with the risks of data breaches, so users should adhere to basic protection rules, such as updating software and using complex passwords.

Nov 14, 2024
What is Penetration Testing, or How Can You Avoid Being Caught Off Guard by Hackers? Oleksandr Filipov
Oleksandr Filipov

What is Penetration Testing, or How Can You Avoid Being Caught Off Guard by Hackers?

Penetration test definition and types. The key steps penetration testers take during different pentestings and how it helps companies improve their overall cybersecurity resilience

Dec 9, 2024
Dangerous Smartphone Apps You Should Delete Oleksandr Filipov
Oleksandr Filipov

Dangerous Smartphone Apps You Should Delete

Malicious apps for Android can steal data, track geolocation, and display unwanted advertisements, so it is important to remove them from devices to ensure security.

Nov 14, 2024
Datami has been ranked as one of the best penetration testing companies on designrush Oleksandr Filipov
Oleksandr Filipov

Datami has been ranked as one of the best penetration testing companies on designrush

Datami has been ranked as one of the best penetration testing companies on DesignRush, underscoring its expertise and commitment to delivering high-quality cybersecurity services.

Nov 6, 2024
Top Cybersecurity Books to Read Oleksandr Filipov
Oleksandr Filipov

Top Cybersecurity Books to Read

Nov 13, 2024
Back to home page
Order a free consulidation
We value your privacy
We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. Cookie policy