When talking about Cloud Security, I've found that most are concerned about where cloud data is located and how secure that location is. While this is an important concern, reputable Cloud Service Providers (those obligated to legal, privacy, security and data ownership policies, service level agreements, etc...) have gone to great lengths (and expense) to protect their customers' data (including ensuring they are in certified data center facilities that restrict access, encrypt data, etc...) I believe there is a larger concern... you. Please ask yourself: What am I doing to secure my data? Am I using strong passwords (not one of these)? Am I using different passwords for different services? Is the device that I use to access my data secure, updated and protected? Is the internet connection I'm using secure?
First off, create strong passwords. Think of a sentence that you can remember and take the first letter of each word in the sentence to form the password.
Second, passwords alone are not good enough. They can be guessed, cracked, hacked or otherwise stolen. The result can lead to access to your accounts (regardless of location). If you use the same password for multiple services, this can be used against you to access to your other accounts.
2-step verification (also knows as 2-step authentication, two-factor authentication or multi-factor authentication) is the idea is that you use a password plus something else to secure access to your account (and your data). This is not necessarily a new idea. Banks have been doing this a long time (mother's maiden name, PIN, etc...) You can now enable two-step verification for some Cloud Services. What makes this unique is that these use your phone (app, SMS or voice call), but some use other more complex methods like printable matrix grids to reference.
- Enable 2-step verification for Google
- Enable 2-step verification for Apple
- Enable 2-step verification for Microsoft
- Enable 2-step verification for PayPal
Having unique passwords for different sites (and changing them regularly) can be a challenge. There are solutions out there to help with this. My favorite: LastPass. It will save your password in real time and enter it for you for most major sites that you have saved. Make sure you enable two-step verification.
Secure your devices and internet connections. Especially Windows, but I think all operating systems are at risk. Make sure you apply the most recent updates and patches and use anti-virus software. Set operating systems and devices to "auto update" if available. Enable your firewalls and disable sharing. Secure network routers that you own. Avoid using free public internet connections or shared public computers. If you are routinely mobile, get a hotspot. And finally, use a secure internet browser like Google Chrome or Mozilla Firefox.
Please take advantage of every opportunity to secure your data in the cloud (and everywhere else for that matter).