|
PIEBALDconsult wrote: All data is sensitive. I have seen people storing (not theirs) pet photos/videos on the cloud.
You have just been Sharapova'd.
|
|
|
|
|
Nope, it isn't. I mean, take PI (π) for example - is that sensitive? I wouldn't think so. And now take your phone number...
How do you know sweet if you don't know about sour?
|
|
|
|
|
Don't they store your sensitive data in the cloud?
Am I missing something with this survey?
Should the question be are you encrypting sensitive data in the cloud?
|
|
|
|
|
Basically ... non-tech people tend to think very highly of cloud based storage. And I hear at least once a week the question about if it's secure (both as in privacy as well as in redundancy).
In both those cases it's an "It depends on TRUST" answer: "Can you TRUST the 3rd party company you give your data to? Can you TRUST their employees? Can you TRUST their redundancy and access control measures? Can you TRUST that they'll be available when needed? ..."
I've heard this one before, statement from a CEO: "We have very sensitive information in the order of several TB which we have to move to another geographic location. It is so sensitive that we will not trust a courier company. Which cloud service would you recommend?"
Exactly what does that CEO think a cloud service is? Some alien "god" company which doesn't have all the same issues as a human-run courier service has?
|
|
|
|
|
Great read! ...
Agree completely ...
A lot of companies want to go cloud based because “it’s the ‘in’ thing”, without truly understanding what risks their taking...
|
|
|
|
|
|
"Depends on the data you are storing" !?
can there several options for "sensitive data"? it seems someone wanted option #5 (NO WAY!) to be unattractive... i feel all score of option #3 should be added to #5.
|
|
|
|
|
Couldn't agree more. I had this WTE moment when I read the 3rd option.
If the survey was worded as "Would you recommend your clients store any of they data on cloud" ... then option #3 makes sense. Else it's contradicting the wording of the survey.
|
|
|
|
|
It just goes to verify how careless people are when dealing with information.
Either half the voters don't care about their sensitive information or they haven't a clue what the cloud represent.
I may be able to trust a company like Microsoft or Facebook, but there is no way in hell I will trust the system admin who is holding a master key to all servers.
|
|
|
|
|
Or they can't read properly - thus not understanding the question (don't know if that's worse).
I'd really like to know who chose #1, and probably #2 as well - just so I can avoid them like the plague. Well, perhaps #2 if you have come across some really decent and trustworthy company - you just might think similar is possible. At least those choosing #4 are honest in knowing that they don't know.
Re large companies ... I actually trust them less than small ones (all being equal). It's just a numbers game. All you need for your info to be leaked / stolen / abused / whatever is one single bad apple employee. The more employees a company has, the more chances that one of them is such bad apple.
|
|
|
|
|
Agreed. That's a bad option.
|
|
|
|
|
Perhaps those voters are thinking "It is fine to store other people's sensitive data in the Cloud, just not my own."
"When you don't know what you're doing it's best to do it quickly" - Jase #DuckDynasty
|
|
|
|
|
Company X may be trustworthy, but that makes them more appealing to company Y which isn't -- and who will buy them out.
|
|
|
|
|
seems foolish to believe that we haven't been storing this information already on remote networks that are accessible via a public or private network.
|
|
|
|
|
Kind of what I was going to say - unless the data is completely disconnected from any network that can access the internet, it's already in the cloud.
|
|
|
|
|
Your data is safe in my cloud.
I would not ever dare sell it, or create a full-text-search catalog
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I almost had a cloud subscription* (via a TigerDirect bundle) - they were sleaze and, as part of the consequence, I no longer do any business with TigerDirect.
Well - not long ago I received an email (as though I was subscribed to the cloud) that gave me a week to get my data off as they were closing down. Imagine some poor suckers who're away and can't get to their data in time!
And, of course, if the internet is down you can't get to your data at all. And, if you're fool enough to have cloud based applications, well - since you can't get to your data you don't need to worry about the doing any work, anyway.
* Why? Since it would be effectively free for the first year, I thought it'd make a good temporary drop-box.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
You hit the nail squarely on the head. Cloud storage is useful for storing backups or for sharing between various locations. That's about it as far as I am concerned. What sort of a dimwit will trust a total stranger with his most valuable assets? Not me matey!
I may not last forever but the mess I leave behind certainly will.
|
|
|
|
|
It's trust...
What is more "secure"? your 25 Euro Netgear router at home and your software-windows-firewall or the 100'thousands-of-$s riverhead, toplayer, intrusion detection systems of large providers?
It comes down to a question of trust - do you trust your provider? If yes, then go ahead, and TRUST. If you don't - then agree to that and don't put any data in that cloud.
It's not the attack from outside you have to fear - it's the man in the middle - or even worse: the insider - a totally pi**ed employee of your cloud provider, that tries to create trouble.
so choose a cloud provider that encrypts the data in its datacenters - where data is backed up as blackboxes. Then a cloud is as safe as it can be in my oppinion.
Just my 2 cent
Cheers, Mike
You know nothing, Jon Snow.
|
|
|
|
|
Mike Barthold wrote: What is more "secure"? your 25 Euro Netgear router at home and your software-windows-firewall or the 100'thousands-of-$s riverhead, toplayer, intrusion detection systems of large providers? Expensive doesn't make it more secure. Expensive firewalls, routers and switches are expensive because they need to be able to handle large amounts of traffic without slowing down and because they need to be managed. A 25 Euro netgear router probably has as many security holes as a 100'000$ one.
Mike Barthold wrote: so choose a cloud provider that encrypts the data in its datacenters - where data is backed up as blackboxes. Then a cloud is as safe as it can be in my oppinion.
No. That's like buying a house and giving the key to an employe so he can open up the door for you everytime you want to get in. What stops this employee from getting into the house and sniffing around? If you want to store sensitive data in the cloud, you have to encrypt the data yourself BEFORE storing it.
|
|
|
|
|
Sorry, but how can you be sure that vendor of your hardware/software does not have a key to your network/pc/nas/... ?
Isn't it easier to break in to your house/office and take the hardware that break into "the cloud"?
It's also the matter of trust, this time to trust the gear you buy.
And isn't it generally advised to encrypt the sensitive data? Stored locally or in cloud?
This is question about where to store, not if to encrypt...
|
|
|
|
|
I use a couple of removable hard drives (that are not shared beyond the PC) to make backups of my sensitive data. They are normally locked in a fireproof safe. I use two in case of hardware failure on one of them.
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
Fireproof safes a good idea, but one bit of advice I tend to give (following losing many systems but (by luck) no data to Hurricane Sandy):
A backup of important data should be in a separate location. The company I work for has financial implications so, by law, it must have a secure off-site backup. Someone already learned their lesson.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
I actually keep the fireproof safe at my office and the main data on a PC at home so they are several miles apart except when I bring one of the disks home for backing up.
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
inside a named box at the train station.
Cloud technology is great: it's a form of perr-to-peer parallel clustering, so internal clouds can be great for companies and governments. For small data and personal use the general purpose clouds are almost useful (you need an Internet connection to access the data, maybe in very urbanized areas it is not a problem but it is what? 20% of the world to be optimistic?), and for web contents they are very good - the risk of server breakdown and missing content is reduced.
But sensitive data? Only if hidden, steganographed and encrypted. Something like the "Super Secret Networks" we are used to see in movies like Hitman or spy movies...
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
"When you have eliminated the JavaScript, whatever remains must be an empty page." -- Mike Hankey
|
|
|
|