Cloud security: Using cloud services securely

Ensure that your access to the cloud is particularly well protected. Not having a password or only having a weak password makes things easy for data thieves. After gaining access to the cloud, they'll be able to access all your data, assuming that it hasn't been additionally encrypted. That's why it's important to use strong passwords and have a separate secure password for every account. Most cloud providers also offer two-factor authentication, which you should use.

The cloud is accessed via an internet-enabled device such as a computer, laptop, tablet, or smartphone. If a device is infected by malware, cloud services may also be attacked under certain circumstances. Therefore, make sure you set up your devices so that you can use them securely. This means installing all updates, protecting your data, installing antivirus protection, and using caution when clicking on links and attachments in emails and when downloading files from websites.

It's particularly important to protect your smartphone. If it's possible to access the data on your smartphone via an app, it's also possible to access the cloud with just a click. This is very practical, but also means there's potential for malware loaded on the smartphone to get into the cloud. Also, if your smartphone is lost or stolen, your cloud data is only as secure as your smartphone itself.

To ensure that sensitive data like bank statements, tax documents, and medical records are securely saved to the cloud, this data should ideally be encrypted before uploading it. Here are two examples of encryption tools:

• CryptSync is a small utility that synchronizes two folders while encrypting the contents in one folder. That means one of the two folders has all files unencrypted (the files you work with) and the other folder has all the files encrypted.The synchronization works both ways: a change in one folder gets synchronized to the other folder. If a file is added or modified in the unencrypted folder, it gets encrypted. If a file is added or modified in the encrypted folder, it gets decrypted to the other folder.

• Cryptomator is not relatively as easy to use as Boxcryptor, but it is open-source and free. Unlike Boxcryptor, you must create containers after installation in which the data to be encrypted is stored. The containers, which can be included separately and as needed, appear as drives in the file explorer. If files are copied there, Cryptomator encrypts the data and loads it into the cloud storage.

There are also cloud providers that automatically save all documents in encrypted form. These providers are often considerably more expensive but are also particularly secure and user-friendly.

When choosing a cloud provider for private use, you have to consider whether you want to prioritize data protection and data security or reduce the security demands somewhat in favor of features and usability.

The big cloud providers like Dropbox or Google offer a lot of storage space and work very well with other apps. However, most of the time, the data is not located in the user's own country, which impacts data protection. In turn, local providers offer security and compliance with local privacy regulations but score lower on functionality, integration, and ease of use.

Tools like Boxcryptor and Cryptomator help to increase data security and are a good idea in any case. Whether these tools also fulfill special data protection requirements (e.g., in the case of particularly sensitive data in the professional environment) must be clarified on a situational basis.

The overview of 32 common providers published on trusted.de helps when selecting a cloud provider. 

Access via public WLAN hotspots, for example, at the airport or in restaurants and hotels, involves risks. In these networks, attackers with the appropriate know-how and equipment could, for example, intercept the username and password for the cloud. This is especially critical if the communication between the cloud and your device is unencrypted. Fortunately, this happens very rarely, if at all.

Nevertheless, you should be aware of the risk when using a public WLAN and, if in doubt, do not access your data in the cloud. In any case, using two-factor authentication to log in to the cloud provides additional protection.