Mark James, ESET IT Security Specialist, gives you some top tips for securing your Cloud accounts from hackers.
When we store our photos, credit card details or any other personal or private data on the internet we do not have any direct control over the server or providers’ security used on their servers.
Any data stored in “The Cloud” whether its iCloud, Dropbox, Google or OneDrive will always carry some degree of risk from attack or data breaches.
Having said that, the companies running these repositories take their security very seriously indeed.
The infamous photos that where stolen and published from the recent iCloud hacks were down to brute force password attempts to gain access to the actual accounts, not directly as a result of Apples inability to protect that data.
It’s no different than buying the most expensive lock for your house, then having the key on a piece of string tied to your door frame.
There are lots of things we can do to protect our data, over and above what the cloud provider offers by way of security:
Passwords
The first choice should always be unique passwords, if you ensure that every password used is unique then if that data is compromised from one site it is unable to be used elsewhere.
It’s your data. It’s your life it affects if that data goes missing. Creating and using good passwords is not rocket science, there are many ways to improve how you form your password: use phrases, numbers and don’t always tell the truth when it comes to questions and answers.
Double lock it
Two-Factor Authentication (2FA) or Two-Step Verification will protect your account against someone else trying to use compromised data to gain access. After your username and password are entered a unique code is required to validate you are the owner.
A good list of current adopters of 2FA is twofactorauth.org, here you can see who is and who is not using this technology. If your current website is not using 2FA then consider one that is.
Under lock and key
Password managers will help you with your unique, complex passwords. All of them, both free and paid for, should enable you to generate and store unique passwords for your websites.
Some also will help with form filling; consider applications that allow you to use a mobile and multiple access points for ease of use.
Secret code
Consider encryption for data being stored in the cloud, if it gets compromised then it’s useless to anyone who can’t decrypt it.
Think twice
Lastly, please just think about what you’re storing. If you want to keep it safe, then don’t store it on the internet, without sounding negative, we need to understand the internet is simply not private.
How many cloud storage services do you use? Let us know on Twitter @ESETUK.
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.