Cloud Storage Security Guidelines

In light of the rapid development of the Internet and the popularity of mobile devices, the demand in cloud storage continuously increases. Cloud storage has no geographical restriction, making the service available around the globe; plus that the requirement in information security differs in every country, therefore, we have to be more cautious when opting for cloud storage.

Cloud storage provides convenience and other advantages that we previously do not have, for example, scalability, pay-as-you-go, off-site data storage and access from everywhere. However we must also observe the new security risks, including:

1. Data leakage and eavesdropping:
   • Attacks against cloud storage servers.
   • Unencrypted transmission channels for uploading and downloading files.
   • Only password protection provided but leaked to third parties.
2. Abuse at service providers level:
   • Staff of service provider can freely view your uploaded data if they are not encrypted.
   • Dishonest service providers might sell your data to third parties.
3. Personal mistakes:
   • Lack of data classification, resulting in uploading all data including sensitive ones to the cloud storage.
   • Erroneously sharing sensitive data.
   • Lost mobile phones being logged in by third parties.
4. Data jurisdiction:
   • For some regulated industry, there might be regulation to store data within the border of a certain jurisdiction. Cloud storage service might not provide that control and transparency of location of data storage.
5. Cloud service provider lock-in:
   • The data stored and the data structure might not be transferrable when user decides to unsubscribe and switch to another service provider.

Please click the following banner for more detail.

Cloud Storage Security Guidelines