Tech Made Simple

Hot Topics: Holiday Gift Ideas | How to Fix Bluetooth Pairing Problems | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Can You Trust the Cloud with Your Personal Data?

by Christina DesMarais on April 17, 2012

Do you use Facebook, Mint, Pandora, Shutterfly or an email service like Gmail, Yahoo or Hotmail? Then you're already storing information in the Cloud. The Cloud simply refers to a virtual place on the Internet where various kinds of data can be accessed by a computer, tablet or smartphone application. 

I confess, I love the Cloud. Google Play Music keeps track of what music I download to my Android phone and saves a copy of all my tracks and playlists online so if I want to listen to my music from a computer or other device, I can. Instant Upload for Android sends any photo or video I take up with my phone to a private album in my Google+ account, which makes sharing them easy. And any change I make to my Google calendar on my desktop gets instantly synced to my phone.

Apple’s iCloud works the same way. All the photos, music, documents and more that you have saved on the Cloud get pushed out to your devices so you can access them whenever and wherever you want.

For file backup, sharing and sync, I have used SugarSync, although Dropbox (among others) works just as well. Not only does it make my files available across all my devices, it has proven to be invaluable. Once my laptop died. After replacing it I was able to retrieve all my files from the Cloud and save them onto the new computer in just a few minutes. And when I need to access a document when I’m not at the office, I don’t have to save a copy on a USB stick or e-mail it to myself. I can use any Internet connected device to get at all my documents.

Even though most people who are active online are already using the Cloud to some degree, there are those who don’t trust it. This is particularly true when it comes to backing up files online as opposed to using a secondary physical location such as an external hard drive.

Such distrust isn’t unreasonable considering that even big names like Microsoft and Amazon have experienced outages with their Cloud services. And modern day hackers seem to be able to mess with anybody they choose, even security vendors like Symantec.

So is there a chance files you backup to the Cloud could get lost or hacked? Yes, although Cloud storage service providers go to great lengths to stop it from happening. In fact, I quizzed Robb Henshaw, SugarSync's Director of Corporate Communications, about the company's security protocols and they're quite extensive (see Q&A below).

So should you use a Cloud service?  It's not an easy answer. If you have sensitive information that could harm you or your business should it fall into the wrong hands or become unavailable for a period of time, you'll have to weigh the benefits of the anytime, anywhere access of the Cloud against the very small risk of loss. In the end, you may decide these select files may be better suited for a physical data locker that only you can open with a PIN, such as the 500 GB Apricorn Aegis Padlock 256-bit Encrypted Hard Drive ($174.99 on Amazon.com). But keep in mind that physical storage units can also be stolen or lost in a fire, perhaps at the same time as the computer they're backing up—which would be a disaster. For backing up photos, music and innocuous files that no one but you cares about—the Cloud is definitely the way to go.

Q&A With Robb Henshaw of SugarSync

CD: Is the Cloud safe from hackers?
RH: Certain Cloud services, like SugarSync, do offer top security measures to ensure your data is safe from anyone else but you. SugarSync, for example, offers users the same level of encryption, data protection and security as consumers receive when doing a transaction with their banks online. Users’ files are transferred securely using TLS (Transport Layer Security) and are stored in the cloud in an encrypted format using 128-bit AES. We also operate our own SAS-70 compliant datacenters. SugarSync also ensures that all files accessed via mobile devices are encrypted as well, using SSL encryption. In addition, SugarSync undergoes regular third-party security audits to ensure there are no vulnerabilities in our system, and we are also regularly vetted by the partners we sign to ensure our security meets their standards.

CD: Can law enforcement or other entities get their hands on data a person has stored in the Cloud?
RH: Yes, law enforcement can request that Cloud service providers turn over a user's data in connection with a criminal investigation—but they would need a subpoena to do so.

CD: Do most consumer Cloud storage services encrypt user files?
RH: Yes, most services do…SugarSync certainly does.

CD: What if a user encrypts a file before uploading? Does that cause a problem for SugarSync or in terms of accessing the files later?
RH: Some users do choose to use third-party encryption services (like TrueCrypt, etc.) to add an additional layer of encryption. When they do so, SugarSync cannot give anyone access to that content (even if served with a subpoena), but this also means that SugarSync will not be able to auto-sync changes made to the content because we will not be able to see the changes. But all other features would still work.

CD: Do you suggest that people also use some kind of secondary backup, like an external hard drive for extremely sensitive or valuable documents? Or is the Cloud so secure that nothing will ever happen to people's files?
RH: The Cloud is absolutely secure, so there is no need to backup to external hard drives. In fact, external hard drives fail every 3-5 years, so there is a greater chance of losing data on external hard drives than on the Cloud.

(Note: Code 42 Software, which developed a cloud storage platform called CrashPlan, recently told me it takes a different approach and suggests that users do back up their files somewhere else, just to be safe.)

CD: How can a person know employees of the Cloud service aren't reading or doing things with people's files?
RH: We promise as part of our terms & conditions that SugarSync employees will not access your account unless authorized to do so by the user expressly (i.e., for customer support reasons, if a user forgets their password, etc.).

CD: How can a person be sure that if a tornado rips through the building where the servers are kept they won't lose all their data?
RH: In SugarSync's case, we have multiple data centers, and everyone's data is stored in multiple locations. And all our data centers are also backed up to Amazon's servers. So three datacenters (at least) in very different locations would all have to be destroyed at the same time for any user data to be lost. That likelihood is nearly impossible.


Topics

Computers and Software, News, Internet & Networking, Computer Safety & Support, Blog, Tech 101


Discussion loading

gravatar

From Tiger Jackson on April 18, 2012 :: 4:45 am


A good article Christina.
It is true, the risks of running Cloud based services are high. However, companies that run them often have specialised departments to manage the security .. including; active intrusion detection, strong authentication mechanisms and 24x7 security staff monitoring the infrastructure and software…

TJ

Reply

gravatar

From Terry on April 18, 2012 :: 6:30 am


Thanks Christina. You have addressed the real concern of businesses. On the personal front, these services are definitely amazing and have been really helpful to all of us. When it comes to business and the sensitive data we handle, it becomes the biggest concern especially about the security risks. Because of these reasons, we opted for a solution called Syncblaze which can be self-hosted, so we have complete control over all our data and at the same time get the privilege to such great solution to manage and collaborate on content.

Reply

gravatar

From LJ on April 18, 2012 :: 8:30 am


The link for SugarSync in the article leads to Dropbox. Here’s the correct link for SugarSync:
https://www.sugarsync.com/

Reply

gravatar

From Suzanne Kantra on April 18, 2012 :: 8:50 am


Thanks! I’ve made the correction.

Reply

gravatar

From Steven Groves on April 18, 2012 :: 9:49 am


Christina, it seems to me to be disingenuous to question the stability and security of cloud-based options after almost 30 years of technology development in online storage and processing options. If taken separately, the questions of stability and security have been more than addressed but the industry. 
The stability and availability of the environment is dependent upon a hundred moving parts, several of which the hosting organization has no control over.  The hardware & software behind it however are as good as the industry has to offer, which when it is compared to the environment from a decade ago is far superior - faster, more resilient and of much greater capacity at a lower cost than ever before (heck, many providers give away more online storage than some organizations had a few years ago!).  The security is another matter, but the encryption that SugarSync provides makes the data yours and only yours.  it is safe, it is secure, it is backed up waaay more often than most businesses and consumers would ever do on their own.

Ringing this bell is not doing anyone a service - seems more like ambulance chasing and typical media scare tactics to sell newspapers (or viewers in Techlicious’ case) - Techlicious is better than this.

Reply

gravatar

From Suzanne Kantra on April 19, 2012 :: 7:50 am


I believe Christina provides a very balanced view of the benefits and risks of cloud-based services. There are risks, and to ignore them is disingenuous. But the purpose of this article is not to scare people away or sow fear, as some articles have. On the contrary, it’s to encourage people that, despite the risks, cloud services are an effective solution.

On the risks, the concern isn’t around the encryption being broken, which is well covered in the interview with SugarSync. The risks are with companies storing data in an unencrypted manner (see the recent Sony PlayStation hacks) or content being accessed by inadequate password protection features (see the Twitter hacking scandal from 2009: http://techcrunch.com/2009/07/14/in-our-inbox-hundreds-of-confidential-twitter-documents/). Cloud services have also encountered outages which made stored data temporarily irretrievable.

That said, there are significant risks from using local storage, too. Notably the loss or failure of your local backup device at the same time as your PC (as could easily happen with fire, flood or theft).

All together, Christina supports the use of cloud services in most instances, and uses them herself (as does Techlicious, extensively).

Reply

gravatar

From Tonya on April 18, 2012 :: 10:16 am


The sugarsync one is exactly what I have been looking for and wanting.  I’ve tried dropbox, and it didn’t really work well for me.  I just downloaded sugarsync, and so far it is seriously awesome.  Thank you.

Reply

gravatar

From Rich Moser on April 18, 2012 :: 10:35 am


Last night, I was alerted to this brand new bill that is sounds like would make all our security software and hardware pretty much meaningless if it passes US Congress:  The Cyber Intelligence Sharing and Protection Act (CISPA). “Companies that we trust with our personal information, like Microsoft and Facebook, are key supporters of this bill that lets corporations share all user activity and content with US government agents without needing a warrant in the name of cyber-security—nullifying privacy guarantees for almost everyone around the world, no matter where we live and surf online.” Please educate yourselves and spread the word.

Reply

gravatar

From Carrie on April 19, 2012 :: 9:28 am


I do and don’t agree with storing information in the cloud. I have been using online storage for awhile but recently changed to GoodSync to sync my files directly, instead of having them in the cloud. So far I really like it because I don’t have to worry about the cloud or expenses of cloud storage. I was using sugarsync for awhile but it just got too expensive.

Reply

gravatar

From Nat on April 19, 2012 :: 3:25 pm


Another factor to consider is how you are going to get your data if you need it.  If you have a hard drive crash and you rely on Cloud backup,  it may take a long time to restore data online. I backup about 100 gigs to a Carbonite account($59 per year, unlimited data).  I suspect that would probably take weeks to restore considering my DSL service. I keep an encrypted portable hard drive backup at home but I do not keep it as current as the Carbonite data. Carbonite does offers a “Courier Service” that will ship you a copy of your data but that is substantially more pricey.

Reply

gravatar

From rob branson on April 11, 2020 :: 7:12 am


If I understand correctly, people and businesses blindly trust 3rd parties with backup data just because its cheaper than to do it yourself?  If you compare the cost of risk control doing it like we always did (backing up with software to a location under your personal control, not Google or similar) to the hacking risk of a server or multiple servers who knows where, there seems a very shortsighted and really stupid decision being made.  Am I wrong?

Reply

gravatar

From Josh Kirschner on April 13, 2020 :: 5:10 pm


First of all, the “old way” of backing up wasn’t especially convenient or safe. If backups are stored near one’s computer, both could be lost in a fire or flood. And, there are plenty of stories of businesses losing backup tape, drives and other hardware which personal information that wasn’t properly encrypted. Hard backups also don’t make the data accessible remotely, for access when traveling, for multiple devices/users or to share with others.

But yes, online backups do have risks if you use a service that doesn’t have robust encryption on their servers and require an encryption key only you have access to. Or if you choose a password for your storage that is not unique or easy to guess. However, if you choose a solid service and follow best practices, online sync/backup is more safe than physical local backups and far more useful.

Reply

gravatar

From Rob on April 14, 2020 :: 11:46 am


The old way was not safe?  The “old way” (as if only new is always better) means you have backed up to a secure device ONLY UNDER YOUR CONTROL and on devices that you own.  Period.  There is nothing safer than that as long as you have redundant sites.  The cloud only exists because corporate America wants more and more tech to lower costs (eg fire people) yet also wants to contract out tech (fire more people) for yet even lower costs.  Unfortunately by doing this they give away their data which may be the biggest shortsighted blunder in US history.  Anyone that trusts Google or Amazon or any other big tech company that have “robust” encryption are in deep trouble!
Equifax had the most robust encryption of all and Google and others have already reported cloud hacks.  I have also heard that many big companies are reverting back to closed intranet systems for these reasons.

Reply

gravatar

From Josh Kirschner on April 14, 2020 :: 1:02 pm


With the Equifax breach, you had a situation where a major corporation was keeping data under their control. However, even a company as large as Equifax failed to practice basic security procedures, allowing a known Apache server vulnerability to go unpatched for months, which is how the hackers were able to penetrate its systems and steal the data of millions of consumers. These lapses are typical in the many, many data breeches we’ve seen from companies large and small. The issue here is that most companies are not experts in data security and never will be.

But the business question is somewhat a red herring as far as the intent of this article, which is directed towards consumers. Most content backed up by consumers has little interest or value to hackers. The biggest risk to consumers is simply losing those precious family photos or important documents. And most consumers aren’t going to be managing a multi-location encrypted backup process to keep those items safe. And that process would still make it far more difficult to share photos with others or access that content when working in a coffee shop or traveling out of town. For consumers, they absolutely should trust cloud storage and use it both for the security of backup and the convenience of syncing it across devices and anytime, anywhere access.

Reply

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.