Saraya – Companies rent some computing services via the Internet, also known as the cloud, to store applications, software and other services that help develop information technology work, instead of purchasing, installing and maintaining information technology infrastructure to manage information technology work, which saves companies a lot of time and money by allowing them to pay only for the cloud services they use, as well as making it easier to build and use faster, more agile resources as they grow.
In other words, instead of saving information on large devices and computers, it can be uploaded to external servers managed by large information technology companies.
This method has its pros and cons as follows:
Advantages
There is no infrastructure cost.
Minimum administration and cost.
– There are no administrative or organizational problems.
– Easy access.
– Pay per use.
– Credibility.
Data control.
– Backup and restore data.
Huge cloud storage.
Defects
– Requires a good internet connection.
– Internet stopped.
Limited control over the infrastructure.
Restricted or limited flexibility.
Ongoing costs.
– Information Security.
A technical problem that is difficult to solve.
Rising popularity
As the popularity of cloud storage increases, so do concerns about the security of the data stored, and there is no doubt that many users are concerned about the privacy of their information – and there are millions of other users who may store their data in this way if they are sure of the degree of security.
Data encryption
But it is important to know that the data stored in cloud storage services is mostly encrypted, and needs to be decrypted before any hacker can read the information.
There are relatively simple ways for users to enhance the security of their data in addition to the existing security system of the service they are using.
Who owns the keys?
Commercial cloud storage systems encode each user’s data with a specific cryptographic key, without which files look like charades – rather than meaningful data.
But who has this key? It can be stored on the server itself, or with individual users.
Most servers keep the key to themselves, allowing their systems to view and process user data, such as indexing the data for future searches.
These servers also access the key when a user logs in with a password, exposing the data so that person can use it.
This method is much more convenient than having users keep their keys to themselves.
But it’s also less secure: just like regular keys, if someone else gets them, they can be stolen or misused without the original owner’s knowledge.
Some servers have flaws in their security practices that put users’ data at risk.
Give control to users
Some less popular cloud services, including Mega and SpiderOak, require users to upload and download files through the service’s client applications, which include encryption.
This additional step allows users to keep the encryption keys for themselves. For this added security, users give up some functionality, such as the ability to search their files stored in the cloud.
not perfect
These servers are not perfect, as there is still the possibility that their applications could be compromised or hacked, allowing a hacker to read your files either before you encrypt them for uploading to the cloud, or after they are uploaded and decrypted.
An encrypted cloud storage service provider can integrate certain functions into its application that put user data at risk.
Of course, if the user loses the password, the data is not recoverable.
Protect yourself
According to The Conversation, to maximize cloud storage security, it’s best to combine the features of these different approaches.
First, before uploading the data to cloud, encrypt it with your encryption software, and then upload the already encrypted file to cloud.
To access the file again, log into the service, upload it, and then decrypt it yourself.
Naturally, this prevents users from taking advantage of a number of cloud services, such as direct editing of documents that have been shared, and searching for files stored in the cloud.
And the company that provides cloud services can modify the data, by changing the encrypted file before you upload it.
The best way to protect against this is to use authenticated encryption. This method not only stores encrypted files, but also additional graphical information that allows the user to determine if the file has been modified since the date it was created.
Ultimately, for people who don’t want to learn how to code their own tools, there are two basic choices: Find a cloud storage service with reliable uploading and downloading software that’s open source and certified by independent security researchers. Or use trusted, open-source encryption software to encrypt your data before uploading it to the cloud. It is available on all operating systems and is usually free or low cost.
To follow Saraya News Agency on Facebook: Press here
To follow Saraya News Agency on Tik Tok: Press here
To follow Saraya News Agency on YouTube: Press here
