Using cloud services securely

You can assume that your Authority or institution, if it uses cloud services, has chosen them carefully. In doing so, it has formulated specifications and assured itself that the dangers described are manageable.

If you want to use cloud services privately, you should ask yourself the following questions:

  • What data do I want to put in the cloud? Vacation photos - or photos that I wouldn’t show to everyone? My diary or just my shopping list?
  • Who do I want to entrust the data to? A company that is subject to strict data protection laws? Or a company that also discloses my data to third parties?
  • Do I mind losing the data? If so, I should keep copies at home.

Keep in mind that often cloud services from the manufacturer are already installed on your smartphone or home computer, and your data and sometimes your usage patterns (e.g. call logs) are stored by them!

Good to know

If you have decided to use cloud services privately, you should take the following security measures:

  • Inform yourself about the providers - does the data center have security certificates, e.g. according to “BSI IT-Grundschutz”?
  • Do not use providers to whom you grant rights to use your content.
  • Do not store highly sensitive data in the cloud.
  • Use secure passwords.
  • If possible, only upload data to the cloud that you have previously encrypted with an encryption program.
  • Keep copies at home.
  • Allocate access rights to third parties wisely.
Attention

Of course, official data may only be processed in the official environment, not in “your” cloud!