What you can trust in cloud services: opinions of IT companies
Cloud services are firmly rooted in the life of most Internet users. More and more people store their files, documents and personal correspondence on remote servers of Internet services.
A few days ago, foreign IT publications spoke about the new Cloud project KeyMe. It is noteworthy in that it offers users using a special application to photograph the key to their own home or car (the photo is saved in the cloud), and then " print " a copy of it using a special kiosk in the nearest supermarket.
The appearance of this service caused a wave of discussions - in particular, users were worried about the possibility that attackers would be able to steal photos of keys stored in the cloud and make copies of them to commit a robbery.
We decided to find out how sensitive data (personal and work) representatives of Russian Internet companies trust in cloud services .
Alexey Shevelev (@Boomburum), project manager of " Thematic Media "
Until recently, there was some level of mistrust in the “clouds” - I still couldn’t overcome the discomfort because I don’t have physical access to my information, that not everything depends on me. But lately, apparently, he has reconciled - at first he entrusted part of his data to iCloud, then he began to use all kinds of Dropbox / Yandex.Disk / Google.Drive more actively - I store some “working” data in them, which have a rather short lifespan : I delete this data immediately after I work it out. Getting access to this data by third parties is unlikely to somehow affect something.
I still trust the storage of more "long-playing" data only to physical drives - a RAID array at home and at work. But yes, at the same time, I often step on the rake of the inconvenience of synchronizing this data. But since it doesn’t bother me much, then, apparently, I am not yet an active user of cloud services.
Andrei Zagoruyko, co-founder of the Publishing House “Committee”
I personally use dropbox, and I store there both personal files and a number of working documents. In parallel with this, I regularly backup all key files in Google Drive, plus sync everything on Time Capsule.
I don’t see any security problems - two-factor authentication + a complex password protects data more reliably than any other services accessible to ordinary people. In the end, the hard drive from Time Capsule can simply be stolen, and the data from the dropbox so easily can not be pulled out.
Sergey Shalaev, CEO of Surfingbird
Of course, I do not trust cloud services, both in terms of privacy and reliability. But most often it’s just more convenient than all the other options.
My company’s employees are the same people - if there is a choice between convenience and relative security and super security, I think they will choose the first, even under penalty of fines [for using public cloud services].
Alexey Sintsov (@ d00kie), Principal Security Engineer Nokia HERE The
question is very widescreen. There are many points of view, depending on what kind of data we are talking about, what is the purpose of the cloud, etc. Personally, I completely trust the clouds from AWS to Google, but I also understand the risks in case of my negligence - weak passwords, lack of two-factor authentication, compromise of my keys, etc. In general, there are few “new” threats for the user. If we say that the owner of the cloud can "merge" the data - then this is a matter of pure trust and contract, I doubt very much that AWS or Gmail will merge my data. Selling depersonalized data, statistics, analytics of interests is possible, but it doesn’t bother me much.
Regarding hacking the cloud, this is also a rather vague topic, if you take the story with HeartBleed, for example, ELB AWS was vulnerable, which automatically means that all user services that used the SSL terminator on ELB were vulnerable and could be broken. On the other hand, Amazon quickly and independently fixed this problem by updating OpenSSL on ELB within 24 hours, thus automatically “saving” all its customers, while so many “non-cloud” infrastructures had a bad time, remember the story about Russian Railways and its payment gateways, through which quite a few cards flowed out due to the team’s sluggishness. That is, there is a lot to talk about and recall different examples, everything is quite individual and for a particular user or company there will be different data, different solutions and different usecase. For instance,
German Klimenko, founder of LiveInternet and Mediametrics services
I am very calm about cloud services. Conveniently. The data that I consider to be “critical” is stored in encrypted form. There are not so many of them and maintaining an encrypted archive of accounts, pins and various kinds of scans of important documents is not something burdensome.
Probably it will not be very pleasant for me if someone gets access to the folder of promising projects and information about how we make the game, for example, gets out. But the risk of such an event and the price of the consequences are certainly incomparable with the convenience of cloud-based storage of documents and teamwork.
Ilya Grabovsky, Head of External Communications at Maxima Telecom (Wi-Fi in the metro)
Cloud services have long been an integral part of my life. They are associated with both workers and personal affairs. Fears, like, no one arises. Firstly, I believe that safety, first and foremost, is the work of the user himself. Secondly, if someone wants to get some data about a specific user, then hacking, for example, cloud storage is the most difficult way.
Many people don’t even notice how much they talk about themselves on various social networks: you don’t need to crack anything in order to understand what a person likes for breakfast and with whom he is going to sign a cooperation agreement. Or, for example, you can go to Coffeemania (whatever) at any time of the day, order good coffee and just listen - people around you will tell you everything: starting with news from the latest press, ending with the intentions of their own companies. Therefore, it’s definitely not worth worrying too much about the security of cloud (or any other) services. You just need to be careful and attentive yourself. People give out the largest amount of confidential data without noticing it themselves - this is where the real security breach is.
Only registered users can participate in the survey. Please come in.
How much do you trust public cloud services?
- 27.4% Fully trust and store both work and personal files 162
- 57.3% I do not store sensitive files (financial information, scans of documents) 339
- 12.8% How can I send my data to someone else's server? And if they are hacked or they themselves want to "merge" information? 76
- 2.3% Other (I will write in the comments) 14