“Technology professionals (and retail software and service providers) have done a phenomenal job of seriously screwing up the perspective of what the “cloud” really is and how it should properly be defined. “
Let me first state that I am an Information Technology Security Professional with over twenty years of experience dealing with everything from high-level multi-site network communications down to the home user who can’t get their iPhone to connect to their computer. I have helped the State Police with child pornography investigations and I have taught foster parents how to protect their foster children online. So, I have basically seen it all.
That being said, when I am approached by my home user clients (most of whom I have known for years) and they ask me “Should I move to the cloud?” I cringe. Not because I have any problem what so ever with my home users, what I cringe at is the fact that this is a much more complicated question than they know.
What is “The Cloud”?
Technology professionals (and retail software and service providers) have done a phenomenal job of seriously screwing up the perspective of what the “cloud” really is and how it should properly be defined.
In short, all “the cloud” really is – is your data existing on someone else’s computer data center. It’s not sitting out there in some mysterious nebula where it has the ultimate protection. It is controlled and managed by humans, albeit humans who know technology better than most people (generally speaking). But there is still the human element of controlling how safe that data is, ensuring that it is protected from viruses, hardware failures, and even natural disasters.
Where In The World Is It?
First, let’s be clear. Your data is out there somewhere, physically. It’s sitting on a computer just like your computer at home but with a TON more power than your computer.
- Amazon Prime Drive: If you are in the U.S. and use Amazon Prime’s Drive, your data is sitting in a server (or set of servers) in Northern Virginia; San Francisco, CA; Seattle, WA or Northeastern Oregon. If you are in Europe, your photos and documents are sitting on a server in Dublin, Ireland.
- Google Drive: If you are in the U.S. and use Google’s Drive feature, your data is sitting on a server (or set of servers) in Dalles, OR; Atlanta, GA; Reston, VA; Lenoir, NC or Moncks Corner, SC.
- Dropbox: If you are using Dropbox to move files around or share files, then your data is sitting in one of three data centers in the U.S. or in one data center in Europe. Although I do know the location of these, I am not allowed to disclose the true location. It’s the same situation though, your data sitting on someone’s server in a physical location.
- Microsoft’s One Drive: If you are in the U.S. and use the free drive software that comes with Office 365, then your data is sitting in Quincy, WA; San Francisco, CA; Cheyenne, WY; San Antonio, TX; Des Moine, IA; Chicago, IL; or in one of two locations in VA.
There really is no way to know (unless you work at one of these facilities) exactly which location your data is actually calling home. Companies look at your IP address (the unique address that you use to connect to the internet) and determine your approximate physical location based on that. Then they generally try to keep your data physically close to that location, just so that you don’t have very many hops (a distance term on the Internet) to deal with.
Is My Data Safe?
Well now, this is the million dollar question, isn’t it? As evasive as it sounds, your data is as safe as the people operating the facility and the service. These companies are bound by privacy laws just like most companies in the U.S. and Europe. However, being bound to the laws and actually adhering to them are two different things. It takes a lot of manpower and a lot of work to ensure that encryption algorithms are kept up to date and maintained. We all know about the TJX data breach of 2007, the Experian data breach of 2017 and the Marriott / Starwood data breach of 2018. These are just three of the more than 300 data breaches that have occurred within the last 15 years in fortune 500 companies.
Keep in mind, those are JUST the fortune 500 companies. That’s not even looking at the thousands of companies that do not fall into that category. Here is a small list of known data breaches that have occurred just in the last 6 months: 2019 Data Breaches.
My Take on it All.
In my humble opinion, it is one thing for your private information to be stolen or destroyed out there in some corporate breach or disaster. It’s another for your priceless photos or documents to be irretrievable. It is my personal belief that no one can protect my data better than I can. I am responsible for maintaining these files. It is what I cherish and plan to pass down to my children. The photos of them being born, the articles and stories I have written. The interviews I’ve done of my family members on video. I frankly do not trust these irreplaceable files to be sitting in someone else’s hands.
I do have my data on “The Cloud”, but it’s my cloud. (I also happen to hold the data for most of my family as well) I am not oblivious to the fact that there could be a fire in my house or some kind of a disaster, so I work hard to make sure that it is all well protected. I back up all of my data to a special storage server in my home. That server replicates instantly with two other storage servers. One is located sixty miles from me at a friends house and the other is located seven hundred miles away at a family member’s house. I also connect (almost daily) just to make sure security patches are performed and that the data is replicating without any problems. The data is encrypted and cannot be viewed without a special encryption key that only I possess. Also, the people who do back up to my storage solution (such as my family members and friends) are the only ones who can see their own data. If I go look at it, it’s just a bunch of encrypted files that don’t make any sense without the encryption key (password) that is located on each of the devices that I back up.
It’s not a perfect solution, but I know that even if I have a fire or flood, I can still access my data and protect the data of my friends and family. I also have instructions in my will that state how to access the data and deal with it in the event of my own demise. This is the era we live in and it’s important that we understand the impact that a loss of data can have.
What Can You Do as a Home User?
First, check and see how much data you are talking about. Most home users don’t need more than 100GB to be protected. If this is the case, then my advice is – have two backup hard drives that will hold at least three times your data (300GB hard drive if you have 100GB of data). Then back up your data to both hard drives using software such as Acronis or EaseUS and keep one hard drive in a fireproof safe at home and take the other one somewhere that is at least ten miles from your home (take it to work and keep it in your desk or store it at a family member’s home). And here is the most important part: KEEP IT UP TO DATE!! Make absolutely sure you update your backups at least every thirty days.
Lastly, if all this seems too daunting, you can always reach out to me and I can do it all for you 😉