cloud security
Mar 2023 | Identity Theft | Credit Monitoring

In the third part of our series “Security Errors on the Internet” we deal with the topic “Computer Security”. There are dozens of misunderstandings that are constantly being repeated and all too quickly accepted as truth, without them being verifiable. There are a number of common misconceptions and points out how to minimize the risks that result from errors of IT security.

Read Part 1 and Part 2 here.

Myth # 1: “My data is securely protected from unauthorized access in the cloud.”

Data in cloud services is not always sufficiently protected.

The storage of user data in cloud storage or the automatic synchronization between mobile device and cloud storage is not sufficient backup of the data. Users have to expect in such services that this data is available unencrypted and the provider may use this data for their own purposes, although reputable cloud providers ensure the “security” of data in the cloud, dangers lurk in their access.

For one thing, criminals may have malicious programs that affect themselves on the smartphone, tablet or PC, can access the data even in the cloud. On the other hand, in the case of theft, the cloud data are only as secure as the protection of the mobile device: If, for example, thieves only have to crack the four-digit PIN or the simple blocking pattern and they succeed, they can effortlessly use the app for stored access data Steal, modify or delete cloud data. When accessing the cloud via public WLANs, personal information can also be intercepted by unauthorized persons when transmitting data.

Before deciding on a cloud service is to check in advance, who the provider is, where is the location and especially where the data centres are.

 

Myth # 2: “I have nothing to hide and no important data, so I’m not a target for cyber criminals, so I do not need to protect myself.”

This view is fundamentally wrong because cyber criminals can use all available data for their own purposes.

Anyone surfing, shopping, or banking online with an unprotected device uses and leaves behind a wealth of data that cyber criminals are interested in. These are not necessarily the vacation pictures, correspondence or other private documents stored on the computer. From an unprotected computer, criminals can easily steal and misuse access, account and credit card information stored or transmitted on the Internet.

On unprotected systems can also malicious programs such as ransomware nest. The authors of these programs can encrypt the infected computer in such a way that the user can no longer read his data.

The user receives only a message, a certain amount of ransom money, mostly via disguised channels such as the Internet currency Bitcoins to pay, so he comes back to his data. Many often find that they still have sensitive data such as holiday or family pictures. Also, insufficiently secured devices can quickly become part of a botnet and be abused for criminal purposes.

 

Myth # 3: “My data is in the cloud, so I do not need a back-up.”

That’s not true. Using a cloud does not guarantee that the data is always available.

Although data storage in the cloud offers a number of advantages: the security mechanisms provided by the provider, the ability to access one’s own data over the Internet at any time and from any device, as well as saving storage space, especially on mobile devices.

There are cloud services whose security and availability are high. Nevertheless, the case may occur that the user can no longer access his data. Technical problems, failures at the service provider or even the attitude of a cloud service are possible reasons. It is therefore essential not only to store important data in one place – as in a cloud – but also to regularly create back-ups, i.e duplicates of the data, on an (external) storage medium. It should be kept in mind that even devices, hard disks and storage media can be unexpectedly broken or lost or stolen.

 

Myth # 4: “My data is in the cloud, so I do not need a back-up.”

Myth # 4: “If I delete all the data from my device and then empty the trash, the data is gone forever.”

Not correct. To remove data from a disk or device irretrievably requires additional steps.

If users want to sell or dispose of an old device or an obsolete external storage device, they should ensure that all data has been securely erased to prevent possible misuse. Moving files to the Recycle Bin keeps the files completely on the storage media.

Even after emptying the trash can be restored data with little effort, since this process only the references to the data in the index, the contents of the hard drive, deleted and the area is released for overwriting. Only the overwriting of data makes them disappear on certain storage media never to return.

To permanently and safely erase data, special programs should be used best. If a device or storage medium should not be forwarded in anyway or cannot be overwritten for other reasons, it should be physically destroyed. Only in this way can a restoration of the data be made impossible. However, users should be careful to avoid splinter injury from the storage drive.