Evidence Solutions, Inc., (ESI) is a premier forensics company founded in 1982.

ESI Provides Elite experts in:

Digital and Electronic Evidence, Computer Forensics, Cell Phone Forensics
Trucking, Truck Accident Investigation and Trucking Regulations, Truck Safety Consulting, Heavy Vehicles & Hazardous Materials
Sports and Fitness, Fitness Facility Standard of Care
Real Estate & Land, Real Estate Syndication
Bankruptcy and Corporate Governance
Accident Reconstruction

Call for a free consultation: 866-795-7166

♫ Hey! You! Get off of my cloud ♫

Computer Forensics Expert:
How to Keep Anyone From Snooping around Your Cloud.

Digital Evidence / Computer Forensics Articles

By Scott Greene

--------------------------------------------------------------------------------------------------------------------------

How Secure is your Data in the Cloud?

In recent years government has increased its requests for access to Cloud data. Storage-As-A-Service providers such as Google Drive, Dropbox, iDrive, Microsoft Skydrive, Apple iCloud and others are receiving numerous requests to view what has been stored by various individuals and companies. In addition to the government, there are instances of the storage company’s employees exposing or taking data for their own or others use. Data breaches have been experienced by companies such as DropBox and iCloud which has exposed data. This happens when storage company employees seize the opportunity to make a quick buck selling everything from company data to personal credit card information which has been stored in the Cloud.

cloud data security expert

The American Civil Liberties Union, based in New York, NY., reported the U.S. Government claims the right to read personal online data without warrants. This trend is not unique to the U.S. Government. Many governments around the world make requests of these service providers as well.

According to statistics published by Google, it received over 16,000 requests for information affecting over 31,000 users in 2012. Google’s same statistics stated they provided information in over 85% of the requests.

In 2012 Microsoft received over 70,000 requests affecting over 120,000 accounts. While this is a much higher number, Microsoft only produced information on these requests about 2% of the time. Almost 80% of the requests asked Microsoft to divulged subscriber and transactional information only.

Locking the thieves out:

Companies and individuals can take easy steps to prevent thieves, companies and the government from gaining access to online storage which contains private information.

Here are a few basic ways of protecting or encrypting the data to keep prying eyes from viewing confidential and/or personal information:

1)      The data can be encrypted before it is stored in the Cloud. Products like TrueCrypt, Privacy Drive and MyInfoSafe allow for the user to encrypt their data. This type of encryption can be done for files as well as folders prior to storing it in the Cloud.

2)      Use an “On The Fly” encryption product which encrypts data as it is stored by almost any online storage provider. Products like BoxCryptor, Cloudfogger, SafeMonk, and Viivo integrate with the Cloud Storage provider(s) of your choice encrypting data locally, but seamlessly before it is stored in the Cloud. These services provide encryption completely separate from the storage provider, ensuring even the storage provider employees can’t access data stored in their company’s Cloud.

3)      Choose a provider that encrypts the data as part of their service. Storage-As-A-Service companies like SpiderOak, iDrive and Comodo not only transfer your data via an encrypted protocol, these companies also store the data in an encrypted format preventing those who don’t have an access key from easily viewing your data. It is unknown if there is a back door they are able to use to access data stored on their servers.
Businesses are acutely sensitive to government information requests due to their legal responsibilities under privacy laws, such as HIPAA and the Gramm-Leach-Bliley Act. Therefore, in highly regulated industries, such as financial services and healthcare, businesses must strike a balance between government oversight and consumer privacy.

The U.S. Electronic Communications Privacy Act of 1986 was enacted in the early days of the Internet. The act did not require government investigators to obtain a search warrant for requesting access to emails and messages stored in online repositories. In 2001, the PATRIOT Act further added to the authority of the federal government to search records under its "Library Records" provision, offering a wide range of personal material into which it could delve.
We are not suggesting people should try to skirt around the PATRIOT Act. But companies and individuals should do their best to comply with data privacy issues. It should be up to the organization or individual to establish a policy regarding exactly what, when and to whom they disclose information from their Cloud service provider..

By Scott Greene

Evidence Solutions, Inc.

Complex Electronic Evidence in PLAIN English.

Call us today with your Digital Evidence Questions: 866-795-7166 or This email address is being protected from spambots. You need JavaScript enabled to view it.

Related Articles:

Electronic Frontier Foundation 2014 “Who has your back”

Who is Watching You Online?

Law Firms Must Step Up Cybersecurity!

Traveling? Treat Your Laptop Like Cash

Six steps to more security and privacy

 

Like Evidence Solutions - Electronic Evidence on Facebook

Follow Evidence Solutions - Digital Evidence Division on LinkedIn

Circle Evidence Solutions - Digital Evidence Division on Google+

Google+ Author

Google+ Publisher