Are Dropbox, Google Drive, OneDrive and iCloud safe to use?

-



Cloud computing has risen to become one of the most powerful forces in business IT in recent years. Its significance has only grown in the last year as a result of the COVID-19 pandemic, which resulted in an increase in workers working outside of typical office hours. As a result, we've become more reliant than ever on cloud-based services, using them to store both work and personal data.

The protection of these sites has, understandably, become a major concern. Traditional cyber security strategies focused on suddenly obsolete office-based working models are insufficient to secure our scattered workforces, and hacking and ransomware attacks have increased since the pandemic. According to a study released in October, ransomware attacks in the UK increased by 80% throughout the pandemic, as hackers exploited new vulnerabilities generated by widespread remote working.

The consistency and security features of various cloud platforms and services would certainly be top of mind for IT decision makers. So, which are the most effective? 


About Dropbox
Drobpox has long been successful among consumers as an easy-to-use file storage solution, but in recent years it has shifted its focus to the enterprise market.

Dropbox has also strengthened its security protocols in response to increasing online threats, including data encryption in transit using secure sockets layer (SSL) and data encryption at rest using AES-256 bit encryption. The platform also includes stolen and missing device support, as well as the ability to quickly unlink devices from your account.

Business users get some extra features, such as the ability to set permissions for file sharing and to secure and expire any shared links with passwords.

Staff at Dropbox are unable to see the content of your files, but they do have the ability to access files if necessary, such as during a legal investigation. Employees have access to metadata as well, usually as part of tech support.


Dropbox Track Record
Major Dropbox hacks have been rare, but those that have occurred have been especially damaging to the business.

The first occurred in 2012, when a compromised password was used to gain access to an employee's Dropbox account. Dropbox said at the time that the hack gave an attacker access to documents containing a small number of customer email addresses, which were then used in phishing attacks. Dropbox responded by requiring two-factor authentication for account logins.

However, in 2016, it was discovered that the hack was even broader than previously believed, with a dumped database of 68 million passwords allegedly originating from the original 2012 breach being leaked online. Dropbox stated at the time that there were no signs that user accounts had been hacked as a result of the incident.


About Google Drive 
Because of how well it interacts with third-party applications and how well it connects to other Google services, Google Drive has become a go-to storage site for companies. However, this raises questions about how much access it has to other networks and sites in the event it is hacked.

Thankfully, Google has been using HTTPS on all of its services for years and has a team dedicated to tracking down compromised accounts. Google also uses two-factor authentication and SSL encryption for data transfers to and from devices; however, data at rest is encrypted with the weaker 128-bit AES encryption.


Google Drive Track Record 
Since Google's cloud services are so intertwined, a breach in one puts the others at risk. When a database of user credentials was discovered on a security forum on a Russian website in 2014, it was reported that nearly five million Gmail accounts had been compromised - but this turned out to be a dump of older phished passwords that had largely been reset by Google in the period after the theft.

Although Google Drive has never been the target of a major cyber security breach, a system administrator recently raised concerns about a vulnerability in the cloud storage system that could be exploited by a hacker to trick users into installing malware or ransomware.

The bug affected Google Drive's "manage versions" feature, which allows you to upload a new version of a file that has already been uploaded.


About OneDrive
While Microsoft's other services, especially Windows, are some of the most attacked platforms on the market, OneDrive has largely managed to stay out of the headlines when it comes to security incidents.

This does not imply that it is more stable than other channels. It usually follows the same principles as other services, like data encryption; but, with OneDrive, this is accomplished by syncing your data to your hard drive's BitLocker. This means that data is encrypted at rest using BitLocker, while encryption in transit is handled by Microsoft Cloud. This scheme also has the advantage of encrypting files on a per-file basis, which means that if a key is stolen, hackers will only be able to access that specific file.

Users are also given two-factor authentication when they log in, as you would imagine.


OneDrive Track Record 
Unlike the other systems, OneDrive has never been the victim of a major data breach, and the majority of security issues about the platform derive from user negligence, such as sharing files with others they shouldn't or using poor credentials.

Microsoft is one of a number of organizations championing passwordless logins and has taken measures to eliminate as many of these problems as possible.


About iCloud
 Apple has a well-deserved reputation for security. While Apple's iCloud platform had its credibility tarnished briefly in 2017 when it was the victim of a high-profile breach, the service continues to uphold its reputation by providing users with a comprehensive collection of security features.

Apple's iCloud web page promises that "iCloud is designed with industry-standard security technology, employs strict policies to protect your information, and is leading the industry by implementing privacy-preserving technologies like end-to-end encryption for your data."

iCloud, like Dropbox, encrypts data in transit via SSL, but it does so with AES 128-bit encryption rather than the more robust 256-bit used by Dropbox. The only exception is the iCloud keychain, which uses 256-bit encryption to store and transfer passwords and other confidential user data.

However, privacy has become a priority for Apple in recent years, with the company emphasizing the fact that encryption keys are generated at the device level, and that Apple has no access to these keys or any of the data used to decrypt them.

iCloud, like many other platforms, offers security tokens for additional authentication when accessing other applications through it, as well as two-factor authentication when logging in.


iCloud Track Record
While one incident tainted the company's credibility, iCloud has a strong track record when it comes to security.

In 2017, iCloud came under fire after hackers gained access to about 50 celebrity accounts and leaked their contents online. The legitimacy of Apple's cloud platform was called into question, despite the fact that the incident was the result of active phishing attacks against a small group of celebrities. The 2017 iCloud hack is now remembered as one of the most well-known data breaches in history.



My Thoughts  
It's common knowledge that no cloud storage system will ever be completely safe, particularly because maintaining the integrity of each account is dependent on the user adhering to best practices.

As a client, you must decide which storage platform performs the best in terms of preventing possible security incidents. The factors that affect this decision can differ depending on the nature of your company and whether you have any specific requirements, such as companies in highly regulated industries.

However, for most consumers and small businesses, each of the platforms mentioned here is adequate for data protection, as each offers data encryption at rest and in transit, which is perhaps the most important feature. Data security is constantly improving, and each of these systems is updated with new precautions each year, so you can usually depend on the organization to do the majority of the legwork.

If you're still not sure, you can always encrypt data before sharing it with an online platform. That way, even if a company's encryption keys are decrypted in bulk, you'll be the only one who can access your data.

Following best practice security standards is perhaps the most cost-effective way to ensure the data is never leaked. Get rid of all your old passwords, get a password manager, and use two-factor authentication if it's available.

Comments

Post a Comment

Popular posts from this blog

Healthy Life Style

-
Image
You'll probably get 50 different definitions of what a "healthy lifestyle" is if you ask 50 people to describe it. That's because there are numerous approaches to good health. Living a healthy lifestyle is as simple as doing things that bring you joy and satisfaction. On one person, that might entail going for a mile-long walk five times per week, consuming fast food only once per week, and spending every other day either virtually or physically with loved ones. Others may define a healthy lifestyle as preparing for and competing in two marathons annually, adhering to a ketogenic diet, and abstaining from all alcoholic beverages. One of them is not superior to the other. Both fit that individual perfectly. What constitutes a healthy lifestyle is entirely up to you. You undoubtedly know when your health isn't at its best. Possibly all you feel is "off." You might notice that you're run down, that your digestion isn't working as effectively as it u...
Read more

Stay Safe while Browsing Internet

-
Image
In both our personal and professional lives, we use the internet. We use websites to look for new gadgets, research subjects, and keep up with the latest news. The Internet has become an integral part of our daily lives. Potential attackers aren't just looking for the big fish in the markets. They are indiscriminate, casting a large net in order to benefit from even small bits of information. Please bear in mind that even though you strictly follow the steps outlined below, potential attackers will still be able to gain access to your device. As a result, I highly advise using a good antivirus/malware program with real-time security to stop and/or delete any malicious software before it can cause havoc. REMEMBER : The secret to secure Internet browsing is to combine strong security with proper knowledge. SAFE WEBSITES STARTING WITH HTTPS:// ARE THE BEST TO USE Internet addresses that begin with https:// and have a padlock on the web browser send and receive data over the Inter...
Read more

Basics of Content Writing

-
Image
  Basics of Content Writing With traditional forms of advertising fading away, the phrase "content writing" has become more and more popular over time. Companies from all sectors have realized that traditional, outbound marketing techniques are insufficient for success in the digital age. Every digital marketing strategy frequently starts with content authoring since emotional content is essential for everything from email and social media promotion to blogging and SEO techniques. What is Content Writing? In the current digital era, the practice of organizing, creating, and disseminating web material is referred to as content authoring. Along with writing the information, content writers may also be expected to edit and promote it. Inbound marketing techniques such as content authoring are used to draw customers to a certain brand, item, or website. The objective is to spread useful knowledge about a brand or product, gain customer confidence, increase engagement...
Read more