Editor's Note: HP 3000 managers do many jobs, work that often extends outside the MPE realm. In our series of Essential Skills, we cover the non-3000 skillset for multi-talented MPE pros.
By Steve Hardwick, CISSP
One of the many cloud-based offerings is storage. It moves data from the end device to a remote server that hosts massive amounts of hard disk space. While this saves local storage, what are some of the challenges and risks associated with the type of account?
Cloud data storage applications have been compromised through different weaknesses. Firstly, there is the straight hack. The hacker gains administrative access into the server containing the data and then can access multiple user accounts. The second one is obtaining a set of usernames and passwords from another location. Many people use the same usernames and passwords for multiple accounts. So a hack into an email server can reveal passwords for a cloud storage service. What are the ways to defend against this level of attack?
Encryption is always a good option to protect data from unauthorized users. Many service providers will argue that they already provide encryption services. However, in a lot of cases this is what is called bulk encryption. The data from various users is bundled together in a single data store. Then the whole data store is encrypted with the same password. This gives a certain level of protection, for example of the disk is stolen. But, if administrative access is gained, these systems can be compromised. A better solution is to choose a service that offers encryption at the account level.
Finally, there is a common misconception that an encrypted file is bigger than the original. For good encryption they should be about the same size. The only challenge with any encryption is to make sure the password is safe.
If you use the same username and password, the best solution is not to do it. But the difficulty is having 20 different usernames and passwords and remembering them all. One option is to let the browser do the remembering. Browsers have the option of remembering passwords for different websites. The browser creates its own local store of the passwords. However, if the computer's hard drive crashes, so does the password storage.
The next option is to use an on-line password account. The bad news is that they have the same weakness as other types of on-line storage. LastPass was recently hacked, so many users were worried that their password lists were compromised. I use a password vault that locally encrypts the vault file. That file can then be stored in online data storage safely. Plus, if you chose the right password application, the vault is shared across multiple devices. This way, different accounts and passwords can be used for each account and still be available from a secure, but available location.
Online storage, offline access
Most of the time many of us have access to the cloud. But there are times when I would like to have access to my data, but I don't have Internet access. The best example of this is on the plane. Although Internet service is available on many planes, not everyone has access. So it is good to choose a service that has a client application to synchronize the data. This will allow copies of the same file to be kept locally and in the cloud. This can be important when looking at mobile solutions.
In many cases, mobile storage is preserved by moving the data into an online storage location. Storing all the music files in the cloud, and then finding that they are not available offline, can be very infuriating on a plane ride.
Compression to be free
Free storage on-line services are limited to a set amount of storage. One way to get around this is to use data compression. Most raw data files can be compressed to some extent. But bear in mind that most media formats, such as mpeg, mp4, or jpeg, have already been created using compression. Many other files, though, can be compressed before they are stored. Some applications — for example back-up apps — will give the user a choice to compress the file before it is stored. Not only does this reduce the amount of space the data takes in the online storage, it is also faster to upload and download.