Wired

A Controversial Plan to Encrypt More of the Internet

The road to routing all Domain Name System lookups through HTTPS is pocked with disagreements over just how much it will help. The security community generally agrees on the importance of encrypting private data: Add a passcode to your smartphone. Use a secure messaging app like Signal.
/
Quartz

Deepfake videos are a far, far bigger problem for women

The number of deepfake videos found online has nearly doubled since 2018, and most of them are pornographic videos featuring women without their consent. The term “deepfake” refers to video altered using machine-learning technology to present a situation that didn’t occur, such as this video of filmmaker
/
Tunio

Improving Safety On The Digital Highway

Digital Highway Safety

When it comes to transportation, safety is highly consequential. From educational programs to legal penalties, safety is principle to the way that travel is spoken about and acted upon.

But what about digital travel? Although user files are hardly as important as users themselves, they often contain sensitive information. As cloud computing’s momentum increases, both users and cloud storage providers should be thinking about digital storage in terms similar to personal transportation.

On this digital highway, industry standards for safety should further the following:

Safeguarding Basic User Information

With the average household containing five connected devices, digital users are easy prey to hackers. Popular cloud storage providers, which rely on inadequate end-to-end encryption software to curb ISP hacking, remain susceptible to information breaches.

Like seatbelts and airbags, cloud storage providers should include features in their platforms that optimize user safety. These features should be innate, and, with minimal effort from users, constantly working to improve the well-being of stored information. The best cloud storage platforms should incorporate:

  • Client-Side Encryption: Unlike end-to-end encryption, which transfers files across third-party servers, client-side encryption performs all encryption directly on a user’s device. This means that plain text files never need to leave a user’s device unless the user wants them to.
  • Personalized Encryption Keys: To maximize security when encrypting files, cloud storage providers should only allow a single encryption key. With client-side encryption, users set their own passwords, giving them complete control over the safety of their files.
  • Zero-Knowledge Privacy Guarantees: With encryption happening solely on a user’s device, cloud storage providers are blind to the type, content or name of the files that a user stores. Similarly, because users are in control of their own encryption keys, passwords and user information are never stored on a provider’s servers. Although this means that if a key is lost the corresponding files can never be unlocked (not even the platform knows a user’s key), the strategy is an effective way to increase user responsibility over cloud storage and transportation.

Educating Users on Current Trends

 

Not only should cloud storage platforms protect user data, but they can simultaneously encourage users to increase their own understanding of cloud storage trends. Cloud technology is complicated and highly technical, and, like driver’s education or roadside billboards, bite-size tips can educate users on easy ways to keep their data safe.

For example, Barbie’s newest reincarnation, Hello Barbie, could inappropriately store children’s interactions on the cloud. While many parents fail to recognize the impact of the cloud on their daily lives, storage providers can highlight simple strategies to safely navigating the digital universe.

Providing Users with Storage Choices

Safety is not a universal experience, and what feels safe to one person might feel completely unsafe to another. When picking transportation, users are given multiple options to personalize their safety: car or train, cheap or expensive. Similar opportunities exist for cloud storage providers.

As all encryption happens on a user’s device, providers using client-side encryption authorize users with complete control over what data is encrypted. When storing a wide range of personal files, discretionary encryption helps users keep safe what needs to be protection most. For example, users can choose not to encrypt photos to allot easy sharing, while encrypting loan documents or other private files to increase their safety.

When getting into a car, one of first things drivers do is buckle their seatbelts. On a plane, passengers sit through an extensive emergency evacuation plan. And even on a rollercoaster, riders are advised to keep their limbs inside of the ride at all times. Across all modes of transportation, brands and businesses work to ameliorate safety standards.

For most, transportation security is second nature, and the same level of attention should apply to cloud storage security. Improved security features are increasingly important too, as industry leaders speculate that 2015 could be the worst year for hacks ever. Through additional security features, cloud storage providers can give users optimal protection, which, until now, has been troublingly absent from cloud storage systems.

It might be the worst year ever, but, in adopting better security measures, cloud storage providers have the opportunity to influence just how bad it will be.

By Tunio Zafer

CloudTweaks Contributor
Leading Cloud Source Since 2009
Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services. Contact us for ways on how to contribute and support our dedicated cloud community.
follow me

POWERPOINT COMIC LICENSING | CLICK TO SEE MORE

Steve Prentice CloudTweaks

How Printers Help Hackers Hide In Plain Sight

Printers and Hackers Spies and thieves often do their best work by hiding in plain sight. No one suspects the person sipping coffee at the ...
Mobile security

It May Not Be Sexy, But Strict Compliance Delivers The Freedom To Innovate

Compliance and Business Innovation When the U.S. based non-profit organization RHD | Resources for Human Development decided to move its operations into the cloud, one ...