Statement on Prism and the security of cloud services
Because vendors like open clouds, you should encrypt your data before transferring it to cloud storage.
The largest spying program in history has been snooping on user data from US internet companies for six years.
Whistleblower Edward Snowden, former CIA technician is the hero of the current hour for enlightening the world about Prism. Prism is the most extensive Internet spying program ever to become public. The program, which has been in use since 2007, gives American authorities access to all data uploaded or edited by users on U.S. social media, cloud and mail services through a direct live interface. The American intelligence agencies apparently do not even shy away from intercepting the thoughts that one formulates in Gmail or in Facebook and immediately deletes again.
The current US president Barack Obama, meanwhile, defends the US action on the grounds that US residents are not being snooped on. Only all other inhabitants of planet Earth are being snooped on. Now that's an argument. Online services of Google, Microsoft, Facebook, Amazon, Oracle, Yahoo and Co. get a strange taste.
Data lies unencrypted in the cloud
What many don't know is that the data of current cloud services sits unencrypted on the providers' servers. I must admit - I too initially thought that such established companies as Microsoft and Google would encrypt the documents you put on their online storage after all. However, this nice-thinking came to an abrupt end when I took a closer look at the network router "Fritz-Box" and its connection to large cloud storages. The point of my analysis was to see if we could link our own cloud backup service to the Fritz Box.
I analyzed how the other cloud services are connected to the Fritz box. And my result showed quite clearly: user-specific data encryption - i.e. encryption based on a user-specified password - does not take place with today's cloud services. The cloud provider could indeed encrypt the data itself but only with keys generated by the provider itself. This means that the cloud provider, its developers, system administrators and other employees who have access to the storage can access the data in plain text at any time. So it is also explainable how it can come to the live transmission of the data to the authorities.
The cloud providers I know weigh the interoperability of their systems higher than the data protection of individual users. For us, however, as a Swiss company, it was a matter of course from the very beginning to place data protection for users as the highest priority. Because our backup cloud encrypts all data with the user's encryption password, we cannot easily link our cloud to the Fritz Box or to other systems. Extensive adaptations to the third-party systems would be necessary for this, and such an interface would possibly also completely nullify the complete data protection again. Advantage of our approach: service providers who rely on our cloud storage technology only have hyrogliphs on their servers - no employee or authority can ever decrypt this data using current technology.
Share with us - which do you prefer in cloud storage - high interoperability or seamless data protection? Post your opinion below in the comments.
Tips for using cloud storage securely
If you already use Google Drive or Skydrive as an online backup for your data, don't just copy and paste your files onto the online drive. Instead, use a proper backup program like Langmeier Backup Business or Langmeier Backup Server - which stores your data on the online storage encrypted with your personal password. If you use the Langmeier Backup default setting AES 256Bit as the encryption algorithm, then even the US Secret Service will not be able to decrypt anything.
About the Author Urs Langmeier, Founder and CEO of Langmeier Software GmbH
Articles relevant to the topicLangmeier Backup Version 10 is here
FAT32 or NTFS? Which format is better for backup?
Expert Tips: What is backup? Good Data Backup