Cybersecurity is top of mind for everyone storing their files, pictures and sensitive information on the cloud. Every cloud service offers some level of security, but hackers have proven that popular cloud storage providers like DropBox and iCloud are easily infiltrated, which shows that standard security systems offer insufficient protection. The major weakness inherent in cloud security systems today is the limited capabilities of their encryption services.
The most widely used technique is end-to-end encryption, which means that data is transferred securely over the network. Files are encrypted from the point of data entry to the point where the data is processed. This means that only the transfer is encrypted, which leaves files in plain text—and plain sight—after reaching their final destination. End-to end encryption protects files from breaches by the internet service provider, but users are still vulnerable to server infiltrations.
This was precisely the vulnerability that has enabled hackers on multiple occasions to steal users’ information from various cloud storage services.
Client-side encryption is the cryptographic technique of encrypting data before it is transmitted to the servers in a computer network. Encryption is performed with a passphrase that is not known to the servers, making it impossible for the service provider to decrypt the hosted data.
Client-side encryption allows for zero-knowledge privacy, meaning that storage providers cannot access the data stored by its users. Servers are incapable of viewing the encrypted file type, file-name and the file as itself – all this information is encrypted.
Forward-thinking cloud storage providers will look to client-side encryption for the most advanced privacy and protection for their users. For consumers and business that take their file security seriously, this is the only way to achieve military-level security.
Webinar By Duo Security: Securing Apps and Data in the Cloud and On-Premises (March 11, 2015 at 10 am PST / 1 pm EST)
About the Author
BIO: Tunio Zafer is the CEO of pCloud, an award-winning cloud storage solution. In his role, Tunio promotes innovation across pCloud teams in areas such as storage space, security measures and cost to end users. His team aims to make a significant impact on the rapidly growing IT market, for individuals and business alike.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.