Latest posts by Alvin Bryan (see all)
- Millionaire Tyupkin Malware ATM Hackers May Come to US, India After Hitting Europe - October 23, 2014
- BitLicense Will Allow Bitcoin Spying in New York - October 22, 2014
- Australians are Fighting Data Retention Laws - October 22, 2014
Third party hosting services have become very popular. These cloud storage services are convenient and often free. But these selling points may also be what make them dangerous to use. These services store huge amounts of data and often do not secure them very well. This makes them easy targets for data thieves and spy agencies.
Many businesses use VPN security to limit access to their company databases. This practice has prevented a great deal of security breaches. But many workers fail to take advantage of VPN security because they consider it to be inconvenient. It does not take much to log on via the VPN security portal to access a database. But they prefer to have files at their fingertips. This means being limited to the device that has the VPN security software installed on it. They used to get around VPN security by storing the data on their laptops or flash drives. This could also be dangerous if their devices were infected with spyware or if they lost their portable hard drives. But the new trend is using free, third party file hosting services. The increased convenience provided by these cloud services has drawn them to store data there.
Most workers, whether remote or in-office, spend time working on personal devices outside the office. For convenience, they take work files off secure company databases to work on them. With VPN security setups, this can be done without posing many risks to sensitive company data. But the use of third party cloud storage by remote workers does pose a big problem for business data security. VPN security ensures that data access is protected and that files remain confidential. In addition, devices that are used by company workers can be secured by firewalls and antivirus software. And they can be routinely checked for infections. But files on cloud services are completely out of the control of the company, regardless of how advanced their VPN security is.
Free File Hosting Dangers
The biggest problem with free file hosting sites is that businesses lose control over their proprietary data. When workers use these services, they are depending on free storage to secure that data. The data is no longer protected by VPN security because it is being transferred to a different database. Many cloud services claim that they provide security for their users. But most of the free services do not give users the level of encryption that VPN security provides. They may promise data encryption, but it is sorely lacking on three counts. First, not all file hosts will actually encrypt the data at all. Second, they will not be using the high standard of encryption that businesses need. Third, they often keep the decryption codes on the same servers where the data they are used for is stored. As soon as the server is breached, all the data there is as easily obtainable as if it were not encrypted to begin with.
And there is another huge problem with cloud services. They control all the data that is stored on them. Even if a worker finds and uses the rare service that can provide data privacy and security, there is still a leak. The could service has access to that data. This opens the data up to increased risk of breaches, even on services that are considered the most secure. VPN security, on the other hand, limits data access to the company and its authorized employees. With file hosting, it is also very easy for workers to make the mistake of sharing work files with other users of that same file host.
Third party file hosting extends these permissions to that third party. Most of these file hosts have their own terms of service that allow them to use the data that is stored on their servers. For instance, a worker using Google Docs gives the company permission to reproduce, modify and make public any files stored there. And if those files contain trade secrets, the business also loses its rights to that data. As soon as it is uploaded to any service like Dropbox or OneDrive, the business is not taking the required reasonable measures to secure the data.
In addition, third party access inevitably extends to government agencies with the power to hack or request for user data. The US government, for one, is working hard to get more powers to access data remotely. This would give federal agents the right to take data from any computer – or server – anywhere. This means that cloud servers and databases will be open to searches. In addition, the data will be on a well-known, publicized database that can be targeted by cybercriminals. And spy agencies and data thieves do target cloud storage because it is an attractive pool of data with minimum security to get around.