The number of businesses making the jump to cloud storage is growing by the day. But many individuals and business owners who haven’t made the switch yet are hesitant for a single reason: security. Giving up your sensitive data to be managed by another business, even if it’s one of the best cloud storage solutions, can feel like the digital equivalent of a trust fall.
So, is cloud storage secure, and if so, how secure? The answer to the first question is a resounding yes. In this guide, we’ll explain what makes the cloud secure, and offer tips to help you keep your data safe, as well as what to look for in secure cloud systems.
One of the most important advantages of storing your data in the cloud is that it’s not just backed up once, but multiple times. To understand why this matters, it’s important to remember that any data you store in the cloud lives on physical servers.
When you upload files to your cloud storage space, those files are instantly copied onto multiple servers in independent data centers around the US or even around the world. So, with a single transfer, identical copies of your data are stored in several locations.
This redundancy is critical to ensuring that your data is safe. If any one server fails unexpectedly, there are still copies of your data available on another server. Even if an entire data center is destroyed by an event like a fire or an earthquake, another copy of your data is available on a server in another data center.
Top providers also routinely check the integrity of each data copy to make sure it is available if you need it. This system is so effective that Amazon Web Services estimates that the chance of losing your data from the cloud is just one in 100 billion.
Creating an equally effective system of data redundancy is nearly impossible to accomplish without using the cloud. You could keep identical hard drives in different cities around the country, but then how would you sync data across those drives every time you edited a file?
Cloud storage offers an effective way to ensure that your data is protected against physical drive damage, which is one of the most common causes of data loss.
Another thing that makes cloud storage secure is that cloud networks are under near-constant surveillance. Major cloud storage providers have dedicated operations centers that are staffed around the clock with cybersecurity experts. These teams are constantly on the lookout for digital threats to their cloud storage infrastructure, and they have the necessary tools to lock out intruders.
On top of that, cloud storage providers have software teams working 24/7 to manage the security of their applications. Missing security patches are among the most common vulnerabilities that hackers use to gain unauthorized access to a network. Cloud providers’ software teams not only ensure that every piece of software is patched to eliminate entry points, but also proactively stress-test their own systems to identify potential points of failure.
Cloud storage providers and data center operators also take the physical security seriously of the servers that hold your data. Most data centers are patrolled by security teams, and servers are often kept in locked cages as an extra precaution against theft.
All data stored in the cloud should be encrypted—and only you should have the encryption key. This is common practice in the cloud storage industry, and is often referred to as end-to-end or zero-knowledge encryption.
Under this encryption scheme, your data is encrypted before it ever leaves your device. Only after the encryption process is completed are files transferred over the internet to your cloud storage space. Once they arrive, they’re kept encrypted at rest on your cloud provider’s servers.
This means that no one, not even your cloud storage provider, can decrypt your files and access their contents. In the event that your data is intercepted during transfer to or from the cloud, the attacker won’t have the information needed to decrypt your files.
What can you do to keep your data secure?
While cloud storage providers do most of the heavy lifting when it comes to keeping your data secure, you have an important role to play as well. Here are four things you can do to make sure your cloud storage is as secure as possible.
Turn on two-factor authentication
The majority of cloud storage providers offer an option to protect your account with two-factor authentication. This requires that you have both your password and a one-time verification code, which is sent to your phone or email inbox, to log in to your cloud storage account. As a result, attackers can’t easily break into your account even if they crack your password.
Two-factor authentication is typically turned off by default when you set up a new cloud storage account. Make sure you turn this setting on to better protect your data.
Protect your encryption key
One major catch to end-to-end encryption is that without your encryption key, which is typically your account password, there’s no way to access your data. If you lose your key, your cloud provider won’t be able to help. Always keep a backup copy of your key available in case you lose or forget it.
However, you don’t want to keep a copy of your encryption key somewhere that hackers could potentially get their hands on it. Consider writing down your key and keeping it somewhere secure. If you want to keep a digital copy of your key, you can use a physical device called a hardware security module. This puts your key behind a firewall, so that it cannot be accessed even if your computer is hacked.
Disconnect your devices
If your computer, smartphone, and other devices stay logged in to your cloud storage account when you’re not using them, that’s a potential entry point for intruders. By leaving your devices logged in, you allow anyone who gets hold of your device to break into your cloud storage. They don’t even need to know your password or circumvent the two-factor authentication process.
Always log out of your cloud account when you’re not using it. If your cloud provider offers an automatic time-out feature, turn it on.
Check your shared files
Cloud storage makes it easy to share files with friends, family, and colleagues. But creating links to your files that offer unlimited access can leave your data vulnerable.
Periodically audit which files and folders you’ve shared from your cloud account, and revoke access for anyone who no longer needs it. If your cloud provider offers links with passwords and expiration dates, put these features to use instead of sharing unrestricted access to your files.
Cloud storage is designed from the ground up for maximum data security. When you store data in the cloud, your files are encrypted and continuously monitored to protect against cybersecurity threats. Your data is also stored redundantly to ensure that a copy will survive any catastrophe.
Still, it’s essential that you take proper precautions with your own devices to help keep your cloud storage secure. Always turn on two-factor authentication and make use of any additional security features that your cloud storage provider offers. If you want to find a leading provider with the best security, read our feature comparing the cloud storage security of some of the top services.
Get the BEST of Tom’s Guide daily right in your inbox: Sign up now!
Upgrade your life with the Tom’s Guide newsletter. Subscribe now for a daily dose of the biggest tech news, lifestyle hacks and hottest deals. Elevate your everyday with our curated analysis and be the first to know about cutting-edge gadgets.
Michael Graw is a freelance journalist and photographer based in Bellingham, Washington. His interests span a wide range from business technology to finance to creative media, with a focus on new technology and emerging trends. Michael's work has been published in TechRadar, Tom's Guide, Business Insider, Fast Company, Salon, and Harvard Business Review.