July 2014
By Tom Stibolt, MD, Mobile Musings Column Editor
An interesting trend in mobile as well as desktop computing is the use of “cloud storage” and cloud enabled applications. The term “cloud” I suspect was created to hide the reality of cloud computing. Cloud computing refers to a program or application that runs on a connected server or servers rather than on a local computing device such as a PC, tablet, or smartphone. Cloud storage is the use of mass storage on a vendor’s server rather than on a local device. Providers of cloud storage are responsible for keeping the data available and accessible, and the physical environment protected and running. They are also responsible for keeping your data secure.
Major vendors are involved in this market including Apple, Google, Microsoft, and Amazon. There are a number of vendors whose business consists of providing cloud storage such as Dropbox. Some specialize in backing up your entire computer with vendors like Carbonite or Acronis. Several of these vendors are doing everything possible to force the use of their cloud services, Apple and Google being prime examples.
Many of these services are quite attractive and provide a reasonably large amount of storage for free, typically 2 to 5 Gigabytes. Beyond the free storage, users need an account and are charged for the amount of storage used.
In 2012, Gartner Consulting predicted a shift from offline PC work to mostly on-cloud by 2014. Today, we rarely choose to send a bunch of photos by email, and we no longer use USB flash drives to carry docs. The cloud has become a place where everyone meets and exchanges information. Moreover, it has become a place where data is being kept permanently. Even our documents from the bank, ID scans and confidential business papers work find their new residence on the cloud. So is it safe?
The unfortunate answer, at least in 2014, is no! Neither technology to insure security nor laws to do so are anywhere near providing adequate protection for sensitive data. That said, one can still use cloud services as long as the user makes sure that data stored there is not of a nature that someone else getting access to it would cause major problems. Thus photos, e-books, music, some contact lists, some calendar entries and the like can safely be stored on the cloud. Patient information, patient schedules, and any financial information should likely be kept local and not stored on the cloud nor shared via the cloud.
It is a good idea to read the user agreement from whichever service or services you use. A number of cloud vendors retain the right to examine what you store on their mass storage.
The passwords used to access your cloud services/storage are important and need to be designed to not easily be broken. Keep in mind that your data is accessible 24 hours a day 7 days a week to hacking.
For added security, you can encrypt files that you store in the cloud. There are even some cloud services that do this automatically. LastPass, my preferred password manager is actually a cloud service but all data stored on their servers is encrypted on my devices before being stored and must be decrypted on my devices to be used.
Hopefully, changes resulting in better protection and security for cloud services and storage will be coming along. In the meantime, use these services carefully and with knowledge of the potential risks.