Magazine

Statement on Prism and the security of cloud services

Cloud Security

Because many providers prefer open cloud systems, you should always encrypt your data before transferring it to the cloud.

The largest surveillance program in history has been monitoring user data from US internet companies for over six years.

The whistleblower Edward Snowden, a former CIA technician, became a global figure when he revealed the existence of PRISM. PRISM is the most extensive internet surveillance program ever made public. Since 2007, this program has granted US authorities direct, real-time access to all data uploaded or modified by users on US-based social media, cloud, and email services. Alarmingly, American intelligence agencies are reportedly able to intercept even those thoughts that users type into Gmail or Facebook and then delete immediately.

Meanwhile, then-US President Barack Obama defended these actions by claiming that US citizens were not being monitored—only everyone else on the planet. This justification leaves a bitter aftertaste, especially when considering the online services provided by Google, Microsoft, Facebook, Amazon, Oracle, Yahoo, and others.

Data Is Stored Unencrypted in the Cloud

What many users do not realize is that most current cloud services store data unencrypted on their servers. Initially, I also assumed that established companies such as Microsoft and Google would encrypt documents stored on their online platforms. However, this assumption quickly proved false when I examined the “Fritz Box” network router and its integration with major cloud storage providers. My goal was to determine whether it would be possible to connect our own cloud backup service to the Fritz Box.

During my analysis of how other cloud services connect to the Fritz Box, it became clear that user-specific data encryption—meaning encryption based on a password defined by the user—does not occur with today’s mainstream cloud services. While cloud providers may encrypt data, they do so using keys generated and managed by themselves. This means that the provider, its developers, system administrators, and any employees with access to the storage infrastructure can view your data in plain text at any time. This also explains how data can be transmitted live to authorities when requested.

In my experience, most cloud providers prioritize interoperability and system compatibility over the data privacy of individual users. As a Swiss company, however, we have always placed the highest priority on user data protection. Because our backup cloud encrypts all data using the user’s own encryption password, we cannot simply link our cloud to the Fritz Box or similar systems. Doing so would require extensive modifications to third-party systems and could potentially compromise the entire data protection model. The advantage of our approach: Service providers using our cloud storage technology only ever see encrypted data—no employee or authority can decrypt this information with current technology.

We would like to hear from you: When it comes to cloud storage, do you prefer maximum interoperability or uncompromising data protection? Share your thoughts in the comments below.

Tips for Secure Cloud Storage Usage

If you already use Google Drive or OneDrive to back up your data online, do not simply copy and paste your files to the cloud. Instead, use a dedicated backup solution such as Langmeier Backup Business or Langmeier Backup Server, which encrypts your data with your personal password before uploading it. By choosing the Langmeier Backup default setting AES 256-bit as the encryption algorithm, you can be confident that even the most advanced intelligence agencies will not be able to decrypt your data.

about the author
Founder and CEO of Langmeier Software


I don't want to complicate anything. I don't want to develop the ultimate business software. I don't want to be listed in a top technology list. Because that's not what business applications are about. It's about making sure your data is seamlessly protected. And it's about making sure everything runs smoothly while you retain full control and can focus on growing your business. Simplicity and reliability are my guiding principles and inspire me every day.
 

Look it up further: Cloud backup, Langmeier Backup

Related articles
This is how important data backup is in real life
FAT32 or NTFS? Which format is better for backups?
The importance of image backups and emergency media: your savior in times of need


This article covers the topics:
Langmeier Backup Software