Version in Russian language

Leaking user data from cloud storage

Data leakage from cloud storage

Cloud storage is a space allocated to a registered user on the server of a service provider, with access rights to their files in the cloud via the Internet anywhere in the world, and from any device.

 

Advantages of cloud storage:

 

availability of files everywhere and wherever there is an internet connection;

high speed of transmission of stored data;

save space on the hard disk of a personal computer and in the memory of mobile devices;

the ability to work with one file (or an entire folder) for everyone who has access rights;

reliable file storage.

 

Disadvantages of data storage services:

 

requires access to the global network;

high requirements for the speed and quality of the Internet;

cloud software is sometimes slow;

not every control program has remote access functions;

not one hundred percent security of user data;

the need for regular payments when using large amounts of storage.

 

The most popular resources for storing files:

 

dropbox.com

icloud.com

box.com

google.ru/intl/ru/drive

aws.amazon.com

disk.yandex.ru

cloud.mail.ru

files.webmoney.ru

onedrive.live.com

sync.com

spideroak.com

syncplicity.com

pcloud.com/ru

 

The security of file storage is in the hands of the user himself.

 

According to the results of a global study by the InfoWatch analytical center, in 2018, 70 cases of unauthorized access to confidential user data in cloud storage were recorded worldwide. This is 43% more than in 2017, and more than 25% of all leaks are accounted for by the Amazon S3 service.

More than 40% of the incidents occurred with information belonging to high-tech companies that have been actively using the "cloud" for a long time. The share of data leaks from medical and educational institutions has also significantly increased.

As InfoWatch analysts explain, unfortunately, engineers and administrators serving cloud servers do not always take into account and comply with all the rules of information security when working, hence the frequent cases of unauthorized access to other people's files.

Over the past year, 1,3 billion were lost from open servers records, of which 440 million messages were lost as a result of the largest incident.

According to the study, 80% of cases are related to personal data, 9% - to payment information, and the same amount - to commercial and industrial secrets. According to the forecasts of InfoWatch analysts, the number of leaks from cloud storage will increase dramatically in 2019-2020.

To avoid the loss of corporate data from the "cloud", it is necessary not only to improve the level of qualification of system administrators, but also to conduct regular scheduled audits of their information arrays, using all kinds of access control tools.

Like many companies in the capital, Alexander Ivanov's web-studio has been using DropBox cloud storage for more than 10 years to store documents on web-projects under development, including information about administrative access rights to sites created for clients.

To increase the security level of the above documents, the most important of them are provided with a password to open in MS Word. Even if such a file falls into the hands of an attacker, he is unlikely to be able to open it! In addition, all files are duplicated every two weeks, with the update of their old versions, to an external hard drive that is not directly related to the storage on DropBox.