The Nuts and Bolts of Personal Cloud Security


The era of big data has given rise to a whole new IT paradigm where local storage isn’t enough anymore. All of us have gigabytes of information that we need to store, share and access from different devices no matter where we are. Data virtualization via cloud storage is what does the trick, providing on-demand access to a huge volume of shared computing resources. 

The ubiquity of cloud services and cloud-based apps makes them a lure for online threat actors who zero in on users’ and companies’ proprietary data. The prevalent attack vectors targeting cloud solutions revolve around phishing, password sniffing, ransomware, etc. As these incursion tactics are gaining momentum in the cybercriminal ecosystem, follow the rules below to protect your personal cloud account from being breached. 

1. Strong passwords are imperative 

This recommendation is self-explanatory. Make sure your cloud storage account is protected by a password that’s hard to guess or brute-force. Consider leveraging a password manager that will do the job for you and automate the login process to make it secure and hassle-free. 

2. Two-Factor Authentication Works Wonders 

If two-factor authentication is listed under your cloud provider’s security settings, be sure to toggle it on right away. It is an extremely effective feature to safeguard your account from unauthorized access. With this option enabled, you will be receiving secret codes in text messages or via a specially crafted application whenever you are trying to log in. This way, no one can complete the authentication unless they have this code. 

3. Peruse The Fine Print 

The devil is in the detail, so don’t ignore the terms of service when selecting a cloud provider. Keeping in mind that your personal data is at stake, familiarize yourself with the technicalities first. Where will they store your information? What happens if a breach takes place? Don’t click on that ‘I Agree’ button until you find answers to these questions and you’re okay with them. 

4. Opt For Cloud Services Featuring Data Encryption 

Encryption is a rock-solid layer of protection for your data, so the availability of such an option is definitely on the plus side of any cloud provider. Before making your final choice, take some time and check whether the service has crypto features on board. Even if cybercrooks manage to steal your sensitive information, encryption will prevent them from using it for malicious purposes. 

5. First Encrypt, Then Upload 

Long gone are the days when encryption was a prerogative of academic researchers. It doesn’t take a rocket scientist to leverage the best practices of crypto these days – there are user-friendly free tools that render files inaccessible without a decryption key that only you keep. By encoding important files before they reach the cloud, you can rest assured perpetrators cannot possibly compromise them. 

6. Mind What You Upload 

Highly confidential data does not belong in the cloud. No matter how reliable the service of your choice appears to be, refrain from storing unencrypted password lists, valuable documents, accounting reports, scanned IDs and other PII (Personally Identifiable Information) in it. If you do intend to upload such items to the cloud, you’re much better off encrypting them first. 

7. Automatic Uploads Aren’t A Good Idea 

Those who think automatic data syncing to the cloud is the best thing since sliced bread might want to reconsider this perspective. There are several major caveats regarding such a habit. First of all, there are sensitive files that should remain private rather than be shared. Secondly, some crypto ransomware infections can take advantage of auto-syncing to encrypt data residing in the cloud along with files stored locally. 

8. Treat Dependencies With Caution 

Get into the habit of regularly checking your cloud accounts for services that depend on each other. Whenever you spot a dependency that hasn’t been used for more than a month, consider revoking access for the corresponding application to your cloud account. Also, refrain from linking your account with social media apps. By keeping services isolated, you are much more likely to stay on the safe side. 

9. Share Wisely 

Sharing access to files stored in the cloud certainly helps streamline business processes and other day-to- day activities, but you should review such permissions on a regular basis. Set the access to read-only where appropriate and revoke it altogether when it’s no longer required. Furthermore, abstain from granting administrator privileges to anybody otherwise your account will be at risk if theirs gets hacked

10. Be On The Lookout For Social Engineering 

Figuratively speaking, social engineering exploits vulnerabilities of human nature rather than weaknesses of software architecture. The crooks can try to manipulate people into disclosing sensitive information, including login credentials. Don’t grant shared access to cloud data to someone you don’t trust, and beware of phishing attacks aimed at wheedling you out of your cloud account password. 

11. Use Secure Wireless Networks 

Unsecured Wi-Fi connection can expose your online sessions to man-in- the-middle and password sniffing attacks. Therefore, make sure you use a strong password to authenticate with your wireless home network. Importantly, abstain from accessing your cloud account via public Wi-Fi hotspots, especially if you are about to work with sensitive documents. 

12. Updates Matter 

Whenever your cloud storage app generates an update prompt, don’t ignore or postpone it. Not only do updates deliver new features, but they also include security patches to prevent the latest cyber threats from impacting your account. 

13. Diversify Your Backup Routine 

The cloud is not bulletproof, obviously. So prioritize your data and keep the most important files backed up in several locations. For instance, you can store backups on your computer, in the cloud, and on external media that’s not online accessible. Come up with a strategy with no single point of failure. 

In summary, the human factor is probably the weakest link when it comes to cloud security. Even a top-notch anti-malware suite won’t thwart a compromise if you use a weak password or grant administrative privileges to someone who shouldn’t have them. The rules above aren’t a panacea, but they will certainly help minimize the risk of your cloud account being hacked.



David Balaban is a computer security researcher with over 15 years of experience in malware analysis and antivirus software evaluation. David runs the Privacy-PC.com project which presents expert opinions on the contemporary information security matters, including social engineering, penetration testing, threat intelligence, online privacy and white hat hacking. As part of his work at Privacy-PC, Mr. Balaban has interviewed such security celebrities as Dave Kennedy, Jay Jacobs and Robert David Steele to get firsthand perspectives on hot InfoSec issues. David has a strong malware troubleshooting background, with the recent focus on ransomware countermeasures. Follow Privacy PC on Google+, Twitter, Facebook, & LinkedIn.





I hope you enjoyed this article about the nuts and bolts of personal cloud security to protect your business data.

Interested in more articles about cyber security?

Read My Posts:

- Understanding & Preventing Ransomware Attacks

- How AI & Machine Learning Will Fight Cyber Criminals

Published by Michael J Schiemer
Owner of Bootstrap Business
Money - Marketing - Motivation
Digital Marketing | SEO | Social Media
Mike Schiemer Builds Better Business

Share This On Social Media:

Bootstrap Business Blog Blitz Newest Posts:

Bootstrap Business Is One Of The World's Fastest Growing Business Blogs. 1,000+ Posts!