Need help regarding data safety on the cloud

Some discussions just don't fit into a well defined box. Use this forum to discuss general topics and issues revolving around the Church and the technology offerings we use and share.
adamhmiles
New Member
Posts: 1
Joined: Wed Jun 12, 2013 11:03 pm

Need help regarding data safety on the cloud

Postby adamhmiles » Wed Jun 12, 2013 11:04 pm

I need to save some extremely confidential information related to my business. Can anyone please tell me some technique through which I can move my data on the cloud without compromising security?

User avatar
david.fox2
New Member
Posts: 8
Joined: Sat May 18, 2013 12:20 am
Location: Alberta, Canada

Re: Need help regarding data safety on the cloud

Postby david.fox2 » Thu Jun 13, 2013 12:09 am

Hi adam,

Short answer: the cloud is NOT safe, but encrypting the files and password protecting them before transmission makes it a bit safer. (Choose an appropriate password of 10+ characters, symbols, etc.)

Longer answer:
I am a computer science / MIS student, and this is a great question to ask before hosting information on the cloud.

The cloud is currently NOT a safe place to store or transmit data to due to its design.
Reasons against Cloud Storage:
Information that is transmitted to the cloud does not take a predefined path, during its transmission it can leave your countries borders and information security laws. However this has becoming a recent headline problem of even if it is in your country who is looking at it? (NSA?)
The structure of the cloud does not always guarantee where your information will be located once on the cloud. Some data storage providers have cloud hosting all around the world and store your files (or copies of) in various locations.
Cloud providers usually don't guarantee information security or disclose there security measures, alot actually have a disclaimer in there terms of use. So if the cloud server gets hack so can your information. However this isn't usually a problem as the providers mainly have a good history of safety.
Some providers have terms regarding lengths of time that data can be stored on there servers, and additional terms regarding if the data is not accessed within a certain time period (12 - 18 months?) that it will be scheduled for deletion. As well as terms regarding unpaid accounts and deletion of data.
Internet connections need to be stable, and so does the hosting from your provider. Although rare for larger companies to have any server down time it does occasionally happen. But for smaller cloud providers this is a key issue to consider.
The list goes on, but these are a few of the primary concerns.

Reasons For Cloud Storage:
Accessibility -- world wide as long as there is internet
Convenience -- typically accessible at any time
Redundancy -- people often will make backups when they store on the cloud but not when they do at home?
Inexpensive -- Some are absolutely free
Group sharing of information

Overall if you take appropriate security measures it can be safer, and it comes down to if your willing to bite the bullet and accept the risks or not.

But if you are looking for some of the safest forms of data storage perhaps look at Ironkey. http://www.ironkey.com/en-US/

But then again Ironkey could be overkill.

On the less secure and free side.
I know alot of people who just store things in google drive and ensure security settings are correct, or they save a password encrypted file as an attachment and email it to themselve as email storage is rather large nowadays.

jdlessley
Community Moderators
Posts: 6522
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Moderator note

Postby jdlessley » Thu Jun 13, 2013 12:46 pm

Moderator note: The purpose of the LDSTech Forum is to discuss topics and issues revolving around the Church and the technology offerings we use and share. Those seeking assistance for business purposes should look to other forums. The response provided by david.fox2 to the opening post provides useful information to those looking to follow Handbook 2, 21.1.22, guidance. As such, this topic thread will be permitted to remain but caution others that topics not in line with the purpose of this Forum will be moderated and possibly removed.
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

User avatar
gregwanderson
Senior Member
Posts: 696
Joined: Thu Apr 15, 2010 9:34 pm
Location: Huntsville, UT, USA

Re: Need help regarding data safety on the cloud

Postby gregwanderson » Thu Jun 13, 2013 1:21 pm

In light of the recent news about the NSA data mining, I've wondered if we need to be concerned about whether we can share any confidential information via any email. If we are to believe that a third party might be able to read the text of our emails, what should we do to keep church information confidential and/or which email services might not be accessible to "inquiring minds"?

User avatar
Mikerowaved
Community Moderators
Posts: 3131
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Re: Need help regarding data safety on the cloud

Postby Mikerowaved » Thu Jun 13, 2013 11:22 pm

Email messages have never been considered secure, unless extra measures are taken (such as PGP) to encrypt the payload. An email might get archived on several different servers while traveling to the recipient; and in the US, after 180 days email messages lose their status as a protected communication and become just another database record on some server. There are other risks too, but suffice it to say, sending confidential information via email has never been a good option.
So we can better help you, please edit your Profile to include your general location.

User avatar
gregwanderson
Senior Member
Posts: 696
Joined: Thu Apr 15, 2010 9:34 pm
Location: Huntsville, UT, USA

Re: Need help regarding data safety on the cloud

Postby gregwanderson » Fri Jun 14, 2013 6:13 am

Mikerowaved wrote:...suffice it to say, sending confidential information via email has never been a good option.


...and that's kind of my point. It's just that, until the recent news broke about government surveillance, most people didn't realize this. But I don't remember any specific instructions from CHQ about avoiding email or being extremely careful about what you write. So, for example, a Bishop who wants to send a last-minute email to his Bishopric should only say, "Brethren, our meeting tonight is cancelled" rather than say, "Brethren, tonight's disciplinary council regarding Brother Anderson has been cancelled because he and his wife are seeing a marriage counselor tonight instead."

Of course, the second message would also be inappropriate because maybe it could be accessed by another family member and not just the member of the Bishopric. But I guess if anyone on that Bishopric were using a Gmail or Hotmail account (or any other email service) then we have no idea who else might be reading it, eh?


Return to “General Discussions”

Who is online

Users browsing this forum: No registered users and 1 guest