Cloud Storage and Technology Security. Key Rules

Oleksandr Filipov Security engineer at Datami

Nov 13, 2024

Guidelines for Ensuring Security and Reliability of Cloud Storage and Technologies

Which cloud storage services do we use most often? Some of the most popular are Dropbox, Google Drive, Microsoft OneDrive, and iCloud for Apple users. There are also other, lesser-known cloud storage services, although their technology works in much the same way. It's important to make sure that the data in your Dropbox, Google Drive, or Microsoft OneDrive is secure, and that access is easy and intuitive.

Cloud storage today is

a convenient service for storing and processing all kinds of user information, closely integrated with desktop PCs and mobile operating systems on smartphones. We also rely on secure browsers for accessing cloud technologies. Every day, we sync with the cloud and store a large volume of photos, videos, documents, music, and even passwords saved in other services.

Having access to all your data from anywhere on the planet and from any device is certainly a huge advantage. But it also opens up great opportunities for those who might also want access to your files—namely, cybercriminals. Here are some rules to keep your cloud use secure:

1. Use Strong Passwords and Two-Factor (or Multi-Factor) Authentication

All the standard cybersecurity advice applies to your cloud accounts as well: choose long, unique passwords that are hard to guess and use a password manager (to generate, store and manage them). Keep your passwords secret and secure, and be wary of any attempts to get you to share them (e.g., through an unexpected email), regardless of who asks for them, whether it's a bank or employer.

Also, if two-factor or multi-factor authentication (2FA) is available, it’s advisable to enable it (most popular cloud storage services support this option). Enabling 2FA means that unwanted visitors will be unable to access your cloud storage files even if they know your username and password, as an additional code from your phone (usually via SMS) will also be required.

2. Audit and Review Your Files and Shared Folders

Cloud storage services are excellent for sharing files with others—from family members to work colleagues—but they can also expose your data to unauthorized access. If someone finds these links, they could access the account of the person you shared these files with.

Be careful about who you share files and folders with; add access passwords and expiration dates to shared resources, if these features are available.

Today, many files are publicly accessible because someone once granted access without time limits and forgot to close it. A notable example was with VKontakte, where users could search “passport” in the “documents” section and find countless passport photos and screenshots from various users.

Another significant case involved Yandex, when the search engine indexed Google Docs and allowed many users to find publicly available files of varying levels of confidentiality that had been forgotten in shared access.

Regularly auditing all shared resources active in your account is also recommended—for instance, by clicking “Shared” in the Dropbox web interface. For shared resources that need to remain active, use any options available in your cloud storage account to make these resources read-only unless others need to be able to edit the files (Google Drive is one service where this is possible).

3. Clear Your “Recently Deleted” Files

Many cloud storage services use a “trash” feature, that keeps files you delete for a period in case you want to restore them. This function is often useful and can be an advantage when recovering accidentally deleted information.

However, you should ensure that important confidential files are fully deleted and cannot be recovered by anyone else. That's why it's important to check the “trash” in your cloud storage if it contains important confidential files.

It's important to review the recovery options for deleted files that were previously shared with others who may have had access to them, as they might still be able to restore these files.

For instance, in iCloud, locate the “Recently Deleted” link to view files you’ve deleted. Setting expiration dates for your shared links is also the best practice.

4. Check Your Connected Apps and Accounts

Even if hackers can't access your accounts through traditional means, they may try to gain access through a “back door” by using another account connected to your cloud storage. They may also connect to your calendar or other email applications, making your cloud storage account more vulnerable.

Think of cases like Google Calendar where you may have received numerous “events” from unknown users with titles like “You have received $1,287,000, click the link to confirm this transfer” or “Transfer received, collect here” and so on.

These are all elements of social engineering used by black hat hackers to obtain confidential information.

At the very least, you should regularly check which third-party applications have access to your cloud storage, and remove those you are no longer actively using (you can always add them back if you need to).

For example, if you're using Dropbox, click on your avatar (top right corner), then “Settings” and “Connected apps” to see which apps are connected.

5. Enable Account Activity Notifications and Alerts

Most cloud storage services can send you notifications about various account activities, such as new logins, file changes, and access modifications. It’s essential to make sure these notifications are enabled. You can also subscribe to alerts about activity in your accounts, like new shared folders or deleted files.

Use every available notification option in each cloud storage service. Security with any cloud storage and technology begins with staying informed.

At the very least, regularly check for recent activity in your accounts and files. For instance, in Google Drive, go to “My Drive,” click “Info” (top right corner), then “Activity” to view recent changes in your account.

6. Deactivate Old Devices That Still Have Access to Your Account

Most cloud storage services allow files to be synced across multiple devices. So, if you upgrade (or buy a new) phone or use a new laptop, it’s important to properly disable and deactivate old devices to prevent new owners from accessing outdated data.

Usually this means logging out of the app completely before uninstalling it from the old device. Additionally, log out of the browser used to access the cloud storage, as many users choose “remember password and login” when accessing the cloud. This saves all login details in the browser itself, effectively making it a “key” to your accounts. Most accounts allow you to do this remotely.

For instance, in OneDrive, you can click “All Devices” to view and remove old devices linked to your account.

7. Enable Account Recovery Options

Your cloud storage account is only as secure as its weakest link, meaning you need to keep your account recovery options as safe as your login credentials.

For example, have you set up a password reset email that you have full access to? In this case, it’s better to use a completely different email than the one you use for login. Many IT professionals use secure GSuite emails for data security and login control. Another reliable approach is to have multiple public emails (known to various services and people) for redirecting important emails to private, unpublished addresses.

Account recovery options are typically found in security settings; ensure they are enabled. If you have recovery methods through specific security questions associated with account access, these should be questions that no one else could guess, even those you live or work with (or anyone who follows your social media accounts).

8. Log Out of Unused Accounts

For convenience, we often stay logged in to our cloud storage accounts even when we are not actively using them.

However, it’s essential to log out when you’re done working to prevent anyone else from accessing your files, especially if you’re using a shared computer (e.g., with family members or coworkers). Cloud storage providers also aim to keep your data secure, so the logout button is usually placed in a visible spot.

In iCloud, for instance, click on your name in the top right corner of the browser tab and select “Sign out.”

9. Protect Your Devices as Secure as Your Accounts

Physical security is important too. Keep phones, laptops, and other devices you use for cloud storage accounts safe from unauthorized access. Otherwise, if someone gains physical access to your phone or laptop, they may be able to access one of your accounts. If your devices are lost or stolen, the new owner could gain access to all your personal information.

Some cloud storage apps allow you to add extra security within the app itself, such as an additional PIN, facial recognition, fingerprint (for some laptops), or retina scan. These options further enhance the protection of your cloud-stored files.

Another rarely used, but effective, method of data protection is “cloud data encryption.” This is a complex and resource-intensive process that significantly increases security. While cloud technology and its applications continue to expand each year, the security of cloud storage, technology, and authentication still leaves room for improvement.

You’re unlikely to find a flexible access control system, advanced event auditing with SIEM support, or built-in cryptography tools within them.

Your Datami

Fill out the form below, and we’ll get in touch with you right away to discuss a plan to protect your business!

Updated: 09.12.2024

(0 assessments, average 0/5.0)

On this page you will learn what cookies are and how and when we use them. Definition of the term Cookies Cookies are pieces of data that a web server generates and that a website stores on your user device (computer, smartphone, tablet, etc.). Each website or third-party service sends cookies to the browser installed on your device only if your browser allows it. This is possible if you have not set any restrictions in your browser settings to save cookies. Browsers are a very well thought out technology. They protect personal data and allow websites to access only cookies that were previously sent to them. Cookies are divided into: session cookies. They are stored in the memory of the browser only during your session, after leaving the site immediately removed. permanent. They are stored in the memory of the browser for a long time. Definition of the term “browser” A browser is an application for browsing websites. The most popular browsers are Chrome, Internet Explorer, Firefox and Safari. All listed browsers are safe. In the settings of these browsers, cookies can be easily disabled, as well as change the settings of their work. You can: accept all cookies; ask the browser to notify when cookies are used; do not accept cookies. Cookies on ak1-3.com.ua and how we use them We use cookies to: our site is more functional; to understand how you navigate on the site, what content you consume better, to develop the content strategy of the site; understand how many visits to the site were per day, month, year. Analyze the geographical identity of users of the site, the number of repeated visits and other data. Cookies that we use on our site. Third-party cookies. The buttons of social networks, videos and some other services of our site are the property of other companies. These companies may also use cookies on your device if you have used them on our site or have been previously registered with them. The privacy policy of the use of personal data by these services can be found on the websites of these services. Blocking cookies All browsers allow simple actions to disable cookies. To disable them, you must go to your browser settings and find cookies in them. But we must remember that blocking cookies can have a negative impact on the performance of many websites. How to delete files You can also always delete cookies that are stored on your computer. To do this, follow the instructions of your browser Again, deleting cookies can have a negative effect on the performance of many websites.