The individual as the cloud’s weak security link

According to some experts, the end user frequently poses the greatest threat to data security in the cloud.

As an increasing amount of information and computing moves toward cloud-based solutions, security issues begin to appear. After all, with so much data it becomes increasingly necessary to protect it from hackers and other online threats. While breaches, like the one experienced by Dropbox in August, highlight the need for cloud service providers to have the best layered security measures in place, the biggest security threat might actually be you.

Yes, according to Karsten Strauss of Forbes, the end user frequently poses the greatest threat to data security in the cloud.

“You have all of this technology but it’s still the person who clicks the button,” Lance Spitzner, an instructor with the SANS Institute, said to Forbes.

How to protect the cloud from yourself
So how can people institute more control over themselves? According to Spitzner, the key is proper security education. One can take the SANS Institute’s “Securing the Human” program that details the cyber security measures people can enact, or they can follow these simple guidelines:

· One of the main things people can do is to show the utmost caution when sharing files in the cloud. Spitzner recommended never sharing files with unknown parties, and to always be careful when grabbing someone else’s files from the cloud as even trusted colleagues could inadvertently have malware. When in doubt, store information in a private cloud instead of in an account that can be accessed by multiple people.
· End users should never share passwords with others, as lost account information can put all of the files located in the cloud at risk. Not only does this increase the harm of the cloud being hacked, but that same account information can also be used to get into email addresses, bank accounts and social media profile pages.
· According to Spitzner, all data should be encrypted before it is stored remotely. This way, even in the event of the cloud being compromised sensitive information is likely to remain safe.
· Turn to two-step verification, which not only adds an extra layer of protection but also makes sure hackers have a much more difficult time getting unauthorized access without the affected parties knowing about it.

What steps do you take to make sure your cloud accounts remain secure? Is application control the responsibility of the cloud service provider or the individual user? Leave your comments below to let us know what you think!

Matt Williams

A self-proclaimed ‘tech geek’, Matt has worked in technology for a decade and divides his time between blogging and working in IT. A huge New York Giants fan, when not watching football Matt gets his game on playing Call of Duty with his friends and other tech bloggers.