Pinterest Stumbleupon Whatsapp
Advertisement

When deciding which cloud storage provider to use Dropbox vs. Google Drive vs. OneDrive: Which Cloud Storage Is Best for You? Dropbox vs. Google Drive vs. OneDrive: Which Cloud Storage Is Best for You? Have you changed the way you think about cloud storage? The popular options of Dropbox, Google Drive, and OneDrive have been joined by others. We help you answer which cloud storage service should you use. Read More , most of us prioritize convenience over security.

Of course, convenience is important. If you can’t get your hands on your files when you need them, there’s very little point in having a cloud storage account. At that point, you’d be better using a USB stick.

However, security is equally as important. In fact, it’s arguably even more important. If you use cloud storage a lot, you probably have a vast number of sensitive documents in there. You might use your account for everything from bank statements to passport copies.

Clearly, you don’t want those files to get into the wrong hands. But is your provider doing enough to protect you? In this article, we take a look at which cloud solutions are the most secure.

Google Drive

Google Drive boasts 800 million users and 15 GB of free storage, thus making it the most popular cloud storage provider on the web.

Interestingly, it wasn’t until 2013 that Google enabled any form of encryption on its servers. The company was only forced to act after the revelations about NSA surveillance from around that time.

Today, the situation has improved. When you upload files, Google encrypts the data using the TLS standard. When your files reach Google’s servers, they are de-encrypted then re-encrypted in 128-bit AES. The encryption happens before Google adds the data to your account, therefore reducing the risk of data leakage.

Lastly, the AES keys themselves are encrypted with a master key. It adds a secondary level of encryption protection.

Google Drive’s biggest weak spot, which also afflicts some of the other services I’ll talk about shortly, is its password.

Of course, the password technology itself is not insecure Everything You Need To Know About Passwords Everything You Need To Know About Passwords Passwords are important and most people don't know enough about them. How do you choose a strong password, use a unique password everywhere, and remember them all? How do you secure your accounts? How do... Read More . Rather, the problem is Google Drive uses the same password as the rest of your Google Account. If a hacker gets hold of your login credentials, they’ll have access to all your documents, emails, and web history. It’s a frightening thought.

Microsoft OneDrive

Microsoft OneDrive is the other big player in the world of cloud storage. Users only receive 5 GB of free space with their Microsoft Account, but Office 365 subscribers An Introduction to Office 365 -- Should You Buy Into the New Office Business Model? An Introduction to Office 365 -- Should You Buy Into the New Office Business Model? Office 365 is a subscription based package that offers access to the latest desktop Office suite, Office Online, cloud storage, and premium mobile apps. Does Office 365 provide enough value to be worth the money? Read More are automatically bumped up to 1 TB.

When you’re sending data from your computer to your cloud account, OneDrive deploys SSL encryption. Unless you have a business account, however, the service does not encrypt your data when it’s “at rest” (i.e. when it’s sitting in your account). If you’re a security-conscious user, this will immediately set off alarm bells.

Business users can also benefit from per-file encryption: if the encryption of one file is hacked, the rest of your documents will stay safe. Personal users enjoy no such benefit.

Microsoft is also open about how it might share your data with third parties. Here’s a direct quote from the company’s Privacy Statement:

“We will access, transfer, disclose and preserve personal data, including your content . . . to comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.”

And another:

“If we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property belonging to Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.”

Finally, like Google Drive, OneDrive is prone to user error. Microsoft offers features like two-step verification Can Two-Step Verification Be Less Irritating? Four Secret Hacks Guaranteed to Improve Security Can Two-Step Verification Be Less Irritating? Four Secret Hacks Guaranteed to Improve Security Do you want bullet-proof account security? I highly suggest enabling what's called "two-factor" authentication. Read More and access logs to try and minimize the weak point, but it remains problematic.

iCloud

iCloud is the final one of the “big three” services. It’s arguably not as user-friendly as OneDrive and Google Drive, and it also covers a lot more stuff. In fact, Apple puts everything from Find my iPhone to Keychain under the iCloud umbrella.

It made headlines in 2014 when hackers leaked celebrity photos Apple Investigates Celebrity Nudes, YouTube Introduces Tip Jar, And More... [Tech News Digest] Apple Investigates Celebrity Nudes, YouTube Introduces Tip Jar, And More... [Tech News Digest] Also, looking forward to the Internet Slowdown, Windows XP edges 1% closer to death, play Star Citizen for free, the new Raspberry Pi Web browser, and the wearables we narrowly avoided. Read More on the service to the public. Despite initial reports claiming a flaw in Apple’s API allowed bots to make unlimited attempts at brute forcing the password, it was later revealed that phishing attacks were to blame. In truth, Apple iCloud security is highly robust.

mary winstead twitter

In terms of data transfer and storage, iCloud mirrors Google Drive. Your data is encrypted using SSL when it’s in transit and is stored in 128-bit AES when it’s on Apple’s servers. The only data stored in 256-bit AES is anything linked to Keychain.

Because iCloud is also the way iPhones, iPads, and even Apple Mail and Contacts backup their data, Apple uses secure tokens. Any apps that connect with iCloud use a token rather than asking you to keep a copy of your iCloud password on your device.

Dropbox

Dropbox differs from the Google Drive, OneDrive, and iCloud. Unlike those three, it’s not linked to a vast ecosystem of other apps and services. It’s the most well-known “standalone” provider.

Perhaps worryingly for users, it’s frequently been in the news over the last few years for a series of security breaches. In 2012, a comprised password was used to enter an employee’s account which in turn reveal user’s email addresses. Then, in 2014, hackers claimed to have almost seven million users’ email addresses Are You One of 69 Million Hacked Dropbox Users? Are You One of 69 Million Hacked Dropbox Users? It has been confirmed that 68 million Dropbox accounts were hacked in August 2012. Was yours one of them? What should you do about it? And why did the hack take FOUR YEARS to come... Read More and passwords.

It’s a shame the company’s external security processes are suspect because the security for your files is among the best in the industry.

The app uses SSL/TLS when data is moving between your computer and the company’s servers. When the data is at rest, it uses 256-AES encryption. It can also unlink data from your account if someone steals the encryption keys, thus preventing a small hack becoming a serious issue.

Dropbox’s two-step verification comes in the form of a text message or from a “Time-Based One-Time Password” (TOTP) app.

Box

Box is Dropbox’s great rival. It’s more enterprise-focused than its rival, and its security systems reflect that.

IT admins have a dashboard from which that can easily manage users accounts, including access and sharing policies, and a centralized management of all files.

The company’s Box KeySafe feature is particularly interesting. It lets organizations manage their own encryption keys using AWS KMS and AWS CloudHSM.

cloud storage
Image Credit: Rawpixel.com via Shutterstock

Lastly, there’s a whole host of business-specific features that will be valuable to employers while being of little interest to end-users. They include in-region data storage in Europe, Asia, Australia, and Canada, compliance with regulatory mandates such as ISO 27001, ISO 27018, SOC 1 (SSAE 16), PCI DSS, FedRAMP, and data loss prevention.

None of them necessarily make your data more secure, but they certainly help to make your business more secure.

Do You Trust Cloud Storage Providers?

If nothing else, I hope this article has made you realize that not all cloud storage is born equal. Even between the three biggest names in the sector, there are noticeable differences that can dramatically affect how secure your data is.

If you never plan to store more than an odd recipe or family photos, these security considerations might not be important to you. But if you use cloud storage as an extension of your computer’s hard drive, you need to give careful thought to where you store your data.

Do you use cloud storage providers for sensitive documents? Are you confident in the ability of providers to protect you? As always, you can leave all your thoughts and opinions in the comments below.

Image Credits: SaidAuita/Shutterstock

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Joe
    August 13, 2017 at 1:10 pm

    Read the privacy policies and then decide where to put your data. None of the mentioned services passes my criteria for protection of my privacy. Look at SpiderOak if you want to have a safe place to put your files or encrypt your files with Boxcryptor before putting them in the cloud. The author should reallly look at doing their homework before posting stories like this.

  2. emeryjay
    August 13, 2017 at 12:59 am

    There is one great reason not to use Google Drive for storing documents. It has nothing to with security directly. The terms of service gives Google the right to make a derivative work from anything stored on their servers. I write for a living and let's say I write a Pulitzer Prize winning novel in Google Docs before it is copyrighted. Google, through their terms of service, can make a derivative work from my hard work.
    Google will be the first to tell you they have never exercised that right. Do you want to be the first person to fall victim to that

  3. Davin Peterson
    August 8, 2017 at 11:15 pm

    Why do all celebraties use Apple? What's wrong using Android. If they weren't all on the iCloud they would not gotten hacked. Give Microsoft & Google devices a chance instead of always going with Apple

  4. fcd76218
    August 8, 2017 at 9:37 pm

    "Which Cloud Solution Is Most Secure for Your Documents? "
    nextCloud or ownCloud.

    "Do You Trust Cloud Storage Providers?"
    Not in the least! Especially the first three sharks you mentioned. They may protect your data from miscreants and nogoodniks but who is going to protect that data from THEM?!

    By storing your data on somebody else's server, you cede control over that data to the server owner.

  5. Glen
    August 8, 2017 at 1:38 pm

    all great services and I'd add Amazon's cloud drive to that list as well as Mega which might be the most secure; disappointed that Copy went away