Threats of cloud computing and methods of protecting them. Secure encrypted data storage and features of working with it

Clouds, clouds - gigabyte platforms!

If you are tired of running between work and home with a flash drive, constantly carrying a laptop with the necessary files, and you want your important files to be available to you or your team on any computer or mobile device, then they can help you .

Cloud data storage- an online storage model in which data is stored on numerous servers distributed over the network, provided for use by clients, mainly third parties. In contrast to the model of storing data on your own dedicated servers, purchased or rented specifically for such purposes, the number or any internal structure of servers is generally not visible to the client. The data is stored, as well as processed, in the so-called cloud , which is, from the client’s point of view, one large, virtual server. Cloud data storage.

Offers to your attention review of 10+ free and paid cloud storage services.

Cloud data storage:

1. Google Drive

Google Drive- cloud data storage from Google, which speaks for itself. Google Drive allows users to store their data on servers and share it with other users on the Internet. Cloud storage divides space between Google Drive, Gmail and Google Photo. The service can store not only documents, but also photos, music, videos and many other files - 30 types in total. Everything is very convenient and familiar to users of Google services.

Google Drive pricing plans

The maximum file size is 5 TB.

Available in web browsers, Windows, Mac OS, Android, iOS, etc.

2. Microsoft OneDrive

OneDrive- Microsoft SkyDrive, renamed in February 2014, is a cloud-based Internet file storage service with file sharing functions. By the way, SkyDrive was created in August 2007 by Microsoft. Now OneDrive one of the flagships of cloud data storage.

Service advantage OneDrive is that it is immediately integrated with Office 365, so directly from the application you can create, edit, save Excel, OneNote, PowerPoint and Word files to Windows Live OneDrive.

Service OneDrive allows you to store it for now for free 5 GB (although previously 15 GB were offered) information organized using standard folders. Images are previewed in the form of thumbnails, as well as the ability to view them in the form of slides.

2017. Technoserv launched a file synchronization service for business - TechnoDisk

System integrator Technoserv presented the corporate cloud storage and file synchronization service TechnoDisk. Unlike analogues (Dropbox, Google Drive, Yandex Disk...) it (according to the developers) provides increased data security thanks to simple integration with client security systems. Among other advantages, the company names data storage in Russia, the ability to use a private cloud and advanced remote file management. TechnoDisk has a built-in antivirus. Users can sync files between PC and mobile devices on iOS and Android. For example, for a company with 2 thousand users and a total disk space of 100 thousand GB, the price will be about 500 rubles. per user per month.

2016. Mail.ru launched a cloud for archives

A new service has appeared in the set of business applications of Mail.Ru for Business - Cloud storage of cold data. It is suitable for storing backups, logs, media content, scientific and statistical data, as well as working archives of your company. This differs from conventional cloud storage in that it costs much less, but it provides data only upon request and not instantly, but some time after the request. At the same time, a high level of storage security is ensured, and unlike Western alternatives (Amazon Glacier or Google Nearline), compliance with legal standards is always ensured (i.e. data is stored in Russian data centers). ***

2015. Google Compute Engine lets customers use their own encryption keys

2015. Microsoft and Google have increased the security of their online offices

Microsoft has built a mobile device management (MDM) system into its Office 365 online office, which is available free of charge to all commercial subscribers of the service. This system allows you to control data (email, documents) located on employee devices (iPhone, Android, Windows Phone), centrally set access rights, security policies, and remotely erase data (for example, if an employee quits). In turn, Google has added many settings to manage access rights to the Google Drive for Work cloud storage. Users will be especially pleased with the ability to share files with external contractors without having to ask these contractors to register a Google account. Here's a video: ***

2015. Box has become the most secure cloud storage in the world

Cloud storages like Box, Dropbox, Google Drive, OneDrive are quite safe for storing business data. However, in some companies, security requirements are very high. And they are unhappy that although the data is encrypted during storage and transmission, the service provider can access it if they know the encryption keys. For such companies, Box has introduced a new service Box EKM, which allows you to independently create and store encryption keys. And so that this does not negatively affect the convenience of the service (so that the administrator does not have to install a key master on every computer and smartphone) - Box integrated its storage with the Amazon CloudHSM service, which provides a cloud key storage service. Please note that each file uploaded to Box is encrypted with a unique encryption key. In addition, the company receives a full access log to each file. ***

2013. Dropbox has become more suitable for business

You've probably heard the term "Dropbox for Business" before? Most often, this term is used not to refer to the popular Dropbox service, but to refer to its many competitors who are trying to create the same service, only meeting corporate requirements (primarily security). But Dropbox itself does not want to lose the business market. It has an edition of Dropbox for Teams, and about 2 million companies already use it. However, in most cases, these are either small businesses (where there is no admin), or companies that have an admin, but ignore him. Because until now, no admin could properly control what was happening in Dropbox for Teams. The new version of the service practically eliminates this problem. ***

2011. DropBox launches business version to compete with Box.net

The most popular service for online storage and collaboration with files DropBox has finally decided to launch a version for business - DropBox for Teams. It differs from the usual one in 2 things. Firstly, it has an administrative panel to manage users and access rights. In the admin panel you can also pay for the service centrally. Secondly, when sharing files for an employee inside a DropBox for Teams account, the amount of free space he has does not decrease. (In the regular version of DropBox, if, for example, a 100 MB file is shared for you, then 100 MB of free space is taken away from you). However, DropBox wants users to not have to worry about disk space at all when using the business version. DropBox for Teams has at least 1TB of free space. This is 2 times more than the business version of its main competitor - Box.net ***

2011. Trend Micro introduced a solution for small businesses to store, manage and access data remotely

Trend Micro Corporation, a developer of Internet content protection solutions, announced the release of a new application, Trend Micro SafeSync for Business. This solution, also for small businesses, securely stores, manages and accesses digital files remotely, helping to increase productivity and facilitate data sharing between employees and clients. SafeSync for Business makes it easy to access and share data, ensuring it's secure and up-to-date; and the ability to access them from various computers and mobile devices through innovative synchronization technology. SafeSync also stores an additional up-to-date copy of the data in the cloud, which can be accessed from any device capable of connecting to the global network. This helps protect data from loss in the event of hardware failure. SafeSync eliminates the need to manually move files from one PC to another, saving time and reducing the risk of losing valuable information.

2007. Box.net entered the corporate file storage market

Box.net paid attention to corporate clients and rolled out a new offer - Box Professional, which is ideal for those companies where employees take part of their work home. Unlike traditional file hosting, in Box Professional the company will be able to use its own logo. And of course there will be no advertising here. Box.net also places an emphasis on security and collaboration. Users can form working groups that work on the same project. It is possible to subscribe to receive notifications that a file has been changed. The developers also promised flexible administrative capabilities for managing users and folders (with definition of rights). Considering that Box.net is integrated with Zoho, this offer may be of interest to many small firms abroad. I think it’s too early to talk about prospects in Russia. Not all domestic companies are willing to pay $200 a year for convenient remote work of their staff with files.

A data processing center (DPC) is a collection of servers located on one site in order to increase efficiency and security. Data center security includes network and physical security, as well as resiliency and power reliability. Currently, the market offers a wide range of solutions to protect servers and data centers from various threats. They are united by their focus on a narrow range of tasks to be solved. However, the range of these tasks has undergone some expansion due to the gradual displacement of classical hardware systems by virtual platforms. To the known types of threats (network attacks, vulnerabilities in operating system applications, malicious software), there are now added difficulties associated with monitoring the environment (hypervisor), traffic between guest machines, and delimiting access rights. Internal issues and policies for data center protection, as well as the requirements of external regulators, have expanded. The operation of modern data centers in a number of industries requires the closure of technical issues, as well as issues related to their security. Financial institutions (banks, processing centers) are subject to a number of standards, the implementation of which is laid down at the level of technical solutions. The penetration of virtualization platforms has reached a level where almost all companies using these systems are very seriously concerned with enhancing security in them. Let us note that literally a year ago the interest was rather theoretical.
In today's environment, it is becoming increasingly difficult to protect business-critical systems and applications.
The emergence of virtualization has become a pressing reason for the large-scale migration of most systems to VMs, but solving security problems associated with operating applications in a new environment requires a special approach. Many types of threats have been well studied and protections have been developed for them, but they still need to be adapted for use in the cloud.

Existing threats to cloud computing

Cloud control and management is a security issue. There are no guarantees that all cloud resources have been counted and that there are no uncontrolled virtual machines, that unnecessary processes are not running, and that the mutual configuration of cloud elements is not disrupted. This is a high-level type of threat, because... it is related to the controllability of the cloud as a unified information system and for it general protection must be built individually. To do this, it is necessary to use a risk management model for cloud infrastructures.

Physical security is based on strict control of physical access to servers and network infrastructure. Unlike physical security, network security is primarily about building a robust threat model that includes intrusion protection and a firewall. Using a firewall involves operating a filter to separate internal data center networks into subnets with different levels of trust. These can be separate servers accessible from the Internet or servers from internal networks.
In cloud computing, the most important platform role is played by virtualization technology. To maintain data integrity and ensure protection, let's look at the main known threats to cloud computing.

1. Difficulties in moving conventional servers to the cloud

The security requirements for cloud computing are no different from the security requirements for data centers. However, data center virtualization and the transition to cloud environments lead to the emergence of new threats.
Internet access to control computing power is one of the key characteristics of cloud computing. In most traditional data centers, engineers' access to servers is controlled at the physical level; in cloud environments, they work via the Internet. Separating access control and ensuring transparency of changes at the system level is one of the main security criteria.

2. Dynamics of virtual machines

Virtual machines are dynamic. Creating a new machine, stopping it, and starting it again can be done in a short time. They are cloned and can be moved between physical servers. This variability has a difficult impact on security integrity design. However, vulnerabilities in the operating system or applications in a virtual environment spread uncontrollably and often appear after an arbitrary period of time (for example, when restoring from a backup). In cloud computing environments, it is important to reliably capture the security state of the system, and this should not depend on its state and location.

3. Vulnerabilities within the virtual environment

Cloud computing servers and local servers use the same operating systems and applications. For cloud systems, the threat of remote hacking or malware infection is high. The risk for virtual systems is also high. Parallel virtual machines increase the attack surface. An intrusion detection and prevention system must be able to detect malicious activity at the virtual machine level, regardless of their location in the cloud environment.

4. Protect idle virtual machines

When a virtual machine is turned off, it is at risk of infection. Access to the virtual machine image storage via the network is sufficient. It is absolutely impossible to run security software on a shutdown virtual machine. In this case, protection must be implemented not only within each virtual machine, but also at the hypervisor level.

5. Perimeter protection and network demarcation

When using cloud computing, the network perimeter blurs or disappears. This results in the protection of the less secure part of the network determining the overall level of security. To differentiate segments with different levels of trust in the cloud, virtual machines must provide themselves with protection, moving the network perimeter to the virtual machine itself (Fig. 1.). A corporate firewall is the main component for implementing IT security policies and delineating network segments, which is not able to affect servers located in cloud environments.

Attacks on clouds and solutions to eliminate them

1. Traditional attacks on software

Vulnerabilities of operating systems, modular components, network protocols, etc. are traditional threats, to protect against which it is enough to install a firewall, firewall, antivirus, IPS and other components that solve this problem. It is important that these protection tools work effectively in virtualization conditions.

2. Functional attacks on cloud elements

This type of attack is related to the multi-layering of the cloud, a general security principle. In an article about the dangers of clouds, the following solution was proposed: To protect against functional attacks, the following protection measures must be used for each part of the cloud: for a proxy - effective protection against DoS attacks, for a web server - page integrity control, for an application server - a level screen applications, for a DBMS - protection against SQL injections, for a data storage system - correct backups (backup), access control. Individually, each of these protective mechanisms has already been created, but they are not collected together to comprehensively protect the cloud, so the task of integrating them into a single system must be solved during the creation of the cloud.

3. Attacks on the client

Most users connect to the cloud using a browser. It covers attacks such as Cross Site Scripting, password hijacking, web session hijacking, man-in-the-middle attacks, and many others. The only defense against this type of attack is proper authentication and the use of an encrypted connection (SSL) with mutual authentication. However, these protections are not very convenient and very wasteful for cloud creators. There are still many unsolved challenges in this area of ​​information security.

4. Attacks on the hypervisor

The hypervisor is one of the key elements of a virtual system. Its main function is to share resources between virtual machines. An attack on a hypervisor could result in one virtual machine being able to access the memory and resources of another. It will also be able to intercept network traffic, take away physical resources, and even oust a virtual machine from the server. As standard methods of protection, it is recommended to use specialized products for virtual environments, integrate host servers with the Active Directory directory service, use password complexity and aging policies, as well as standardize procedures for accessing host server management tools, and use the built-in firewall of the virtualization host. It is also possible to disable frequently unused services such as web access to the virtualization server.

5. Attacks on control systems

The large number of virtual machines used in clouds requires management systems that can reliably control the creation, migration and disposal of virtual machines. Intervention in the control system can lead to the appearance of virtual machines - invisible ones, capable of blocking some virtual machines and exposing others.

Security Threat Protection Solutions from Cloud Security Alliance (CSA)

The Cloud Security Alliance (CSA) has published the most effective cloud security best practices. After analyzing the information published by the company, the following solutions were proposed.

1. Data security. Encryption

Encryption is one of the most effective ways to protect data. The provider providing access to the data must encrypt the client information stored in the data center, and also permanently delete it when it is not necessary.

2. Data protection during transmission

Encrypted data in transit should only be accessible after authentication. The data cannot be read or changed, even if accessed through untrusted nodes. Such technologies are quite well known; algorithms and reliable protocols AES, TLS, IPsec have been used by providers for a long time.

3. Authentication

Authentication - password protection. To ensure higher reliability, they often resort to tools such as tokens and certificates. For transparent interaction between the provider and the identification system during authorization, it is also recommended to use LDAP (Lightweight Directory Access Protocol) and SAML (Security Assertion Markup Language).

4. User isolation

Using an individual virtual machine and a virtual network. Virtual networks must be deployed using technologies such as VPN (Virtual Private Network), VLAN (Virtual Local Area Network) and VPLS (Virtual Private LAN Service). Often, providers isolate user data from each other by changing code data in a single software environment. This approach has risks associated with the danger of finding a hole in non-standard code that allows access to data. In cases of a possible error in the code, the user can receive the data of another. Recently, such incidents have occurred frequently.

Conclusion

The described solutions to protect against security threats to cloud computing have been repeatedly used by system integrators in projects to build private clouds. After applying these solutions, the number of incidents that occurred decreased significantly. But many problems associated with protecting virtualization still require careful analysis and well-developed solutions. We will look at them in more detail in the next article.

The idea of ​​cloud storage is brilliant. Instead of storing data locally on devices, external drives, and home network storage, and fiddling with access, synchronization, and backups, users transfer files and folders to service data centers over the Internet, worry-free. Access is provided from an application or client program, wherever the user is - you just need to enter a password. There are no problems with storage space: the services offer up to 30 TB, and there is no charge for the initial period of use.

And yet there is a fly in the ointment, because of which all the beauty of using clouds is forgotten. Users transfer their data into the wrong hands: photos from their last seaside vacation, or a video from a wedding, or personal correspondence. Therefore, in this comparison, we focused on the security of ten cloud storage services: IT giants - Apple, Google, Microsoft, Amazon, two hosting companies - Box and Dropbox - specializing in cloud storage, as well as two service providers from Russia - Yandex. and Mail.ru.

Plus a billion users in five years

Back in 2015, the number of cloud storage users was about 1.3 billion. By 2020, there will be 1 billion more users.

Data traffic - three times more

In 2015, cloud storage users transferred an average of only 513 MB of data per month. By 2020, the volume will triple.

Functionality: can you trust advertising?

Vendors, of course, know that users place a high value on security and must accommodate their requirements. A quick look at all the offerings gives the impression that cloud services use the highest security standards and providers go to great lengths to protect their customers' data.

However, upon closer reading it becomes clear that this is not entirely true and the standards are not always new. Service providers are far from fully exhausting their options for secure data storage, and “high security,” “SSL protection,” or “secure encryption” are little more than slogans to take advantage of the fact that most customers do not have special security knowledge.

Network memory capacity

Cloud storage services lure customers with free offers. The volume can be increased for a fee.

TLS is not everything

“SSL” and “HTTPS” are popular and well-known security abbreviations. But we shouldn’t let our guard down. This type of encryption is a necessity, but does not guarantee exceptional data security. The cryptographic protocol TLS (Transport Layer Security), which officially replaced SSL 3.0 (Secure Sockets Layer) in 1999, provides secure data exchange between the cloud storage website and the client program on your computer or an application on your smartphone.

Encryption during data transfer is important primarily to protect incoming metadata. Without TLS, any attacker can intercept the transmission and change the data or steal the password.

We tested cloud storage using the comprehensive testing tool Qualys (sslabs.com/ssltest). All providers use the latest version of the TLS 1.2 standard. Six of them prefer 128-bit AES encryption, four prefer the more powerful AES 256. Both of them are satisfactory. All services activate additional protection Perfect Forward Secrecy (PFS - “perfect forward secrecy”) so that the transmitted encrypted data cannot be decrypted even later.

HSTS (HTTP Strict Transport Security) - another security mechanism that protects against downgrade attacks - is not used by most vendors. The entire list, that is, TLS 1.2 with AES 256, PFS and HSTS, is only available from Dropbox.

Double access protection

Access to personal data must be protected by two-step verification. In addition to the password, Amazon requires a PIN code that is generated by the application.

Encryption on the server is a matter of trust

Another standard feature, in addition to secure transmission, is data encryption on the provider's server. Amazon and Microsoft, unfortunately, are exceptions to the rule by not encrypting data. Apple uses AES 128, others use the more recent AES 256.

Encryption in data centers is not a novelty: if attackers, despite all security measures, still manage to steal user data, they will still need the key - unless they resort to extortion. And this is often where the problem arises: this type of encryption is a very dubious solution if the vendors hold the keys to your data.

That is, any cloud service administrator can easily view all your photos at any time. If it’s hard to believe, maybe the option of investigators having access to the data will be more convincing. Of course, suppliers do their best to demonstrate a serious attitude to the matter, but clients have to overcome themselves and show trust, since in this way their data is not completely protected.

Dropbox provides security with 256-bit AES encryption at rest and SSL/TLS during transfer

No end-to-end encryption

So, most services ensure the security of user data by protecting the transmission and encrypting it on the server, and all participants in our comparison that encrypt user data have keys. None of the services use end-to-end encryption. Its fundamental difference from encryption during transmission and on the server is encryption from the very beginning.

End-to-end implies encryption locally on the user’s devices and transmission in this form to data centers. When accessing data, it is returned back to the user in the same encrypted form and decrypted on his devices. The point is that the user, firstly, sends data exclusively in encrypted form, and secondly, does not issue any keys to the supplier.

That is, even if the administrator is burning with curiosity, an attacker steals the data, or the investigative authorities need to disclose it, they will not succeed.
The implementation of the so-called “zero knowledge principle” is closely related to permanent encryption.

Translated into simple language, its essence is as follows: no one but you knows how to decrypt your data. No cloud storage provider receives information that can be used to decrypt encrypted data - you didn't tell them anything, they have "zero knowledge." To do this in practice is difficult and quite inconvenient, and the participants in our comparison according to this criterion cannot provide us with anything.

No two-factor authentication

It is obvious that suppliers are concerned with the security of their customers' data, but for some reason they do not fully think through the action plan. Access to data stored in the cloud is effectively protected by two-factor authentication. Its essence is as follows.

To successfully complete the login process, it is not enough just a username and password - you also need a PIN code, and not a permanent one, as, for example, for a bank card, but generated by an application on a smartphone or sent via SMS to the phone. Typically such codes are valid for 30 seconds.

The user needs to keep the smartphone linked to the account at hand, and when logging in, after the password, enter the received code. Domestic suppliers do not offer this simple and effective method of protection, unlike Internet giants, as well as “narrow-profile” Box and Dropbox.

Actual cloud storage speed

We measured cloud storage speeds over cable (up to 212 Mbps), DSL (18 Mbps) and LTE (40 Mbps). The diagram shows the average speed for all connection methods.

He's his own cryptographer. Boxcryptor encrypts files on the device and provides convenient management of cloud storage accounts in one window. Users can choose whether they want to manage the key themselves or not

Location is also an important aspect

Despite all efforts, at home it is impossible to achieve the level of security that a cloud data storage service offers in a data center, and this is a powerful argument in favor of cloud storage. You can see this by looking at their equipment. All providers except Dropbox are ISO 27001 certified, even for free offerings.

The location of data centers also plays an important role. The servers of Amazon, Google and other companies are located in the United States and are subject to American laws. Servers that are located only in Russia, for example, Yandex and Mail.ru, respectively, are subject to Russian laws.

To avoid interfering with other programs, Dropbox uses automatic restrictions in the client

Conclusion: there is room to grow

The cloud storage services that we reviewed offer only a standard set of security options. It makes no sense to look for End-to-end or Zero knowledge encryption. All services provide data transfer protection, but Amazon and Microsoft servers do not provide encryption.

But data centers meet high information security requirements. At the same time, the comparison did not reveal cloud storage with ideal protection.

Russian suppliers have the advantage of location, but they ignore the simplest security methods, such as two-factor authentication. It is up to you to ensure ongoing data protection yourself, even if this means high costs and complex management.

Cloud file storage technologies are today considered a must-have tool for a modern Internet user. Each of them has an account on one of the cloud drives: Google Drive, Yandex.Disk or Mail.ru. Most have at least two of these services. In this article, we will look at the main network file storage services, ways to increase disk space on them, and provide tips on how to use them effectively and safely.

What is cloud storage

Local disks and memory cards are physically connected to our computer or tablet by wires. Network storage drives are physically located in special server centers, where a stable power supply and a comfortable operating temperature are ensured. The local computer communicates with them via the Internet. When you access your cloud drive through a browser or mobile client application, the system displays a list of files located on the server. When a user transfers a file from the local My Documents folder to Cloud storage, the document is physically copied via the Internet and ends up on the server.

Therefore, even after the physical destruction of the phone or computer, the files will remain safe and sound.

To assess the popularity of disk storage, it is enough to cite one statistical fact. As of 2014, the most popular cloud was Google Drive. The storage works by default on all Android devices, except Chinese ones, where access to Google is limited. Its users were 240 million people.

What can you use Cloud Drive for?

The main tasks solved by users using network storage:

Developers are constantly improving the security system of their services. The standard today is to store user files in encrypted form. Without a special key, this is a useless set of bytes.

The security of services should not be overestimated. In 2011, the reputable company IDC published its report, where it unsatisfactorily assessed the level of their secrecy and resistance to hacking. Experts recommended strengthening the level of authorization and encrypting files in storage and during transfer. Most developers listened to the recommendations and made changes to their applications.

Login to the Cloud Storage can be protected with two-factor authorization: specifying a password and confirming login using your phone. But for most users, one password is enough.

When compiling this rating, the company's experts took into account technological solutions to ensure the security of user data and the presence of failures in the service in the past. Considering that all storage facilities presented in the diagram have been operating for more than 5 years, the history of failure statistics is comparable.

1. 1. Recognized as the safest OneDrive. Experts listed the benefits of the service as innovative security system , when the keys to encrypted files and the data themselves are stored on separate servers. By gaining access to only one of these arrays, an attacker will not be able to benefit. Let us remind you that OneDrive is aimed at the corporate market and is the default drive when subscribing to Office365. Subscribers are allocated up to 100 GB at once, while free users receive only 6 GB.
   2. Ranked second in safety iCloud Drive. This cloud serves users of the Apple ecosystem: iPhone, MacBook and other proprietary solutions of the corporation. Data encryption is performed here both during storage and during transmission. Overall the storage is reliable and comparable to OneDrive in terms of security, but it earned a negative point for a failure in 2014. Many users were involved in this scandal. Private photographs of stars stored on their iPhones have been leaked online. If you use Apple technology, then you can’t do without a proprietary cloud. It backs up data and system settings of your phone and laptop. With its help, deleted photos and documents are recovered.
   3. Third place awarded Google Drive. Reason - insufficient level of security when storing files . When transmitting data to the server and to the client device, the traffic is encrypted. Experts added two-factor authentication with password confirmation via SMS to the phone number specified during registration as an advantage of the cloud. Experts note that in business accounts designed for corporations, Google Drive provides an increased level of security comparable to OneDrive. Regular users are recommended to encrypt confidential data themselves. For example, archive them with a password.
   4. Russian takes fourth place Yandex.Disk. Experts noted that the security benefits of this cloud include a wide range of authorization methods, including TouchID, PIN code and QR code. An important advantage for ordinary users is checking files for viruses . The transmission channel of the Yandex storage is encrypted, like its competitors. The only serious failure is considered to be an error in the service’s client program for Windows, made by the company’s programmers in 2013. Users did not lose out. They were allocated 200 GB of disk space for unlimited free use as compensation.
   5. Fifth place for an old-timer of the market - DropBox. Its security disadvantage is no client side encryption . In theory, this allows an attacker to intercept data as it is transmitted from the local device to the server. In 2011, there was a serious glitch in the DropBox service. It lasted only 4 hours. During this period of time, it was possible to access the entire storage, and not just the data area of ​​​​a specific user. But we note that in 2011 there were simply no other competitors from the rating. DropBox was a pioneer in online storage and had room for mistakes.

How to get more free cloud storage space

All cloud storage services are commercial. Their main task is to earn the money required to cover the costs of supporting the development team and developing the server infrastructure. Therefore, users are provided with a limited amount of free space. To receive additional free storage space for photos and documents, you will need to meet certain service conditions or participate in promotions.

For example. Yandex.Disk offers 32 gigabytes of free space. auto-uploading photos on a mobile device.

Other cloud services also offer space expansion options for free:

• For inviting friends.
• For installing a cloud drive mobile application or program on a computer.
• Students and teachers for providing a photograph of a student ID or university pass. Yandex.Disk provides an additional 32 free gigabytes for this promotion.

Also, cloud file storage services provide free space under an affiliate scheme. For example, when purchasing laptops or tablets of a certain brand.

A universal way to multiply your cloud storage space for free is to create multiple accounts.

How to install a cloud drive on your computer

Three network storages are most suitable for a computer:

1. Google Drive. It is chosen by active users of GMail services and the powerful online document and spreadsheet editor - Google Docs.
2. Yandex.Disk. A good choice when you don't need to use Google services. This is a reliable Russian cloud drive, for which you can easily get up to 42 GB or more free space by enabling auto-upload of photos on your mobile device.
3. OneDrive. Users of computers and laptops with the Windows 10 operating system receive support for this network drive “in load”. If you have a Windows account, 5 GB of space is allocated on OneDrive. In the This PC shortcut, a folder of the same name is created, synchronized with the cloud.

Installing the program on your computer will only be required for the first two services. OneDrive support is implemented at the system level. Here are step-by-step instructions for installing the application using Yandex.Disk as an example.

Every modern smartphone comes with support for at least one cloud storage out of the box.

• Apple phones come with iCloud support for backing up settings, system files, and photo syncing. Additionally, you can connect Yandex storage using a program downloaded and installed from the official Apple app store.
• Samsung phones include support for two clouds at once: the proprietary Samsung Cloud and Google Drive. Owners of smartphones of this brand have a Google account, like Android users, and a Samsung account for the manufacturer’s proprietary services.
• Xiaomi phones out of the box support communication with Xiaomi's own cloud, MiCloud. Everything works similarly to the iPhone: backups are made to storage on the network and photos from the camera are sent.
• Windows Phone smartphones come with OneDrive access enabled. If you have an Office365 subscription, your available storage will increase by 100 GB.
• Android smartphones from other manufacturers support one cloud storage - Google Drive.

You can purchase additional space by fulfilling the requirements of service promotions or by purchasing it with money.

Please note that Android smartphones support Google Drive, but to work with Google Docs and Sheets you will need to install separate mobile applications. There is also a client program from Google Drive for easy navigation through network storage. The latter is most often preinstalled on the phone.

If the capabilities of the pre-installed network storage are not enough for you, install a third-party one. The most popular: Yandex.Disk, DropBox, Mail.ru.

We'll show you how to install an application for them using Yandex Drive as an example.

Create a complex password. Your private photos and videos are more likely to be leaked online if you have come up with a simple password. A complex one can be generated using a special program or you can come up with it yourself using the following algorithm: !-!123HELLO-WoRlD123!-!. This combination is easy to remember, but is a very difficult password to crack.

Encrypt sensitive data before uploading it to the network. It is dangerous to store passwords and account keys in clear text. If you don't have a dedicated encryption program, archive sensitive files with a password before sending them online.

Use dual authentication. A number of network storages support dual authentication. You need to enter a password and confirm the entry by sending a code from an SMS sent by the service. This procedure seems less convenient, but provides greater data protection.

History of cloud file storage technologies

The phrase “cloud technologies” was first used in 1997. The new global global network required a new computing paradigm. Professor Ramnath Chellup from the University of Texas has proposed a move to cloud computing as an alternative to increasing local computing power.

Real developments in terms of sharing resources on the network date back to 2000. We owe the commercial launch of the service on the new cloud scheme to Amazon. This happened in 2002.

Google has become a pioneer in the implementation and development of cloud applications running through a browser. The new technology has been on the market since 2009.

The idea of ​​​​creating cloud storage on the Internet is described by its inventor Drew Houston as follows. The guy was sitting on a bus traveling from Boston to New York, with a laptop, but without a flash drive, left at home. To overcome the problem, he began to think about accessing files wirelessly and came up with an application that would implement this idea. The first DropBox code was written, according to this version of events, right on the bus.

According to the founder of DropBox, Steve Jobs wanted to acquire the project at the startup stage, but was refused. Today the company is worth approximately US$4 billion.

All subsequent network storage: iCloud, Google and Yandex appeared much later. Their main promotion paradigm is that the service is conditionally free. The user receives part of the gigabytes immediately, free of charge and unconditionally. The rest must be purchased by subscription.

Modern cloud drives have become not only a place to store information, but also offer a number of technological solutions for collaborating on files for people living in different parts of the world. Below are the most popular problems solved with their help.

Report content

Copyright infringement Spam Incorrect content Broken links

Send