Cloud Computer Storage and Compromised Data / by kevin murray

More and more individuals as well as corporations are utilizing the convenience, cheap expense, and overall usefulness of cloud storage for their data and/or computer productivity tools. In some circumstances, there isn't much choice in choosing to store your data information onto a third party hosting company (cloud storage) because your laptop or mobile device doesn't have the physical storage space to perform this necessary action in the first place.  Additionally, for corporations they often find it much cheaper and efficient to use cloud storage so as to access and coordinate information more readily over multiple time zones and locations, as well as having powerful computer programs such as Microsoft's Office 365 available for all applicable users, all of the time.  On the surface, cloud storage appears to be a win/win scenario, with the users of this service as well as the providers of the storage both benefiting from this utility.  However, in virtually all circumstances, some of the data being stored or accessed throughout the cloudis by definition, either sensitive, confidential, private, or similar and should this data be compromised, would wreak havoc to those having such data breached.

 

Data breaches within corporation storage is an oft-recurring event (e.g. credit cards) for a lot of reasons, with the most prevalent reason probably being that by so doing, there is money to be made from exploiting and/or accessing this information.  This means, that it is a given, that even if you and your company follow the most strict and restricted protocol to store and to access your information on the cloud, one cannot state with an absolute certainty that the data stored on the cloud is both safe and secure.  While the cloud providers will take exception to this statement and go out of their way to assure you that your data is always safe and secure with them, that certainty is misapplied, as it cannot be 100% failsafe.  This means that it behooves all cloud storage providers to do everything within their power to provide to their customer base that expectation that all data stored within their cloud is, in fact, stored in the most secured manner possible, and in conjunction with this have plans in place, that should data appeared to have been breached, that the appropriate response to mitigate this breach be conducted at the utmost urgency. 

 

The other problem within cloud storage is the very basic question as to who is the "true" owner of the data to begin with.  One would think that the answer would be the person or entity that provided and accesses the data initially, or in the case of corporations, the corporation itself, but it isn't as clear as night and day as this when it comes to cloud storage.  Although, each cloud storage provider appears to grant you the sole ownership of the content that you place with them for storage, none of them, to the best of my knowledge, makes an iron-clad agreement to the effect, that your stuff is your business above all else, and that under no circumstances will they, the cloud provider, allow implicitly or explicitly access to your data to government agencies (e.g. NSA).     This means that the cloud providers as a matter of principle, should encrypt the storage data in such a manner, that even if they were given a warrant to provide certain information to government agencies, that they could honestly reply that they have no way of knowing whether that data existed or if so, where it existed, throughout their entire network, because of that encryption.  That would mean truly that the foxes weren't actually guarding the henhouse.