|
Sorry, but how can you be sure that vendor of your hardware/software does not have a key to your network/pc/nas/... ?
Isn't it easier to break in to your house/office and take the hardware that break into "the cloud"?
It's also the matter of trust, this time to trust the gear you buy.
And isn't it generally advised to encrypt the sensitive data? Stored locally or in cloud?
This is question about where to store, not if to encrypt...
|
|
|
|
|
I use a couple of removable hard drives (that are not shared beyond the PC) to make backups of my sensitive data. They are normally locked in a fireproof safe. I use two in case of hardware failure on one of them.
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
Fireproof safes a good idea, but one bit of advice I tend to give (following losing many systems but (by luck) no data to Hurricane Sandy):
A backup of important data should be in a separate location. The company I work for has financial implications so, by law, it must have a secure off-site backup. Someone already learned their lesson.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
I actually keep the fireproof safe at my office and the main data on a PC at home so they are several miles apart except when I bring one of the disks home for backing up.
- I would love to change the world, but they won’t give me the source code.
|
|
|
|
|
inside a named box at the train station.
Cloud technology is great: it's a form of perr-to-peer parallel clustering, so internal clouds can be great for companies and governments. For small data and personal use the general purpose clouds are almost useful (you need an Internet connection to access the data, maybe in very urbanized areas it is not a problem but it is what? 20% of the world to be optimistic?), and for web contents they are very good - the risk of server breakdown and missing content is reduced.
But sensitive data? Only if hidden, steganographed and encrypted. Something like the "Super Secret Networks" we are used to see in movies like Hitman or spy movies...
GCS d--- s-/++ a- C++++ U+++ P- L- E-- W++ N++ o+ K- w+++ O? M-- V? PS+ PE- Y+ PGP t++ 5? X R++ tv-- b+ DI+++ D++ G e++>+++ h--- ++>+++ y+++* Weapons extension: ma- k++ F+2 X
If you think 'goto' is evil, try writing an Assembly program without JMP. -- TNCaver
"When you have eliminated the JavaScript, whatever remains must be an empty page." -- Mike Hankey
|
|
|
|
|
that is the question. In every place data can be attacked, so thinking the cloud is insecure can be an error too.
But personally: I dont like cloud, because of the external downtime risk.
Press F1 for help or google it.
Greetings from Germany
|
|
|
|
|
If I am working on a project where authentication is being processed, I won't suggest them to store the passwords on a separate local file. Clouds would definitely provide methods to encrypt sensitive data and other data that is not sensitive can be easily stored without effort.
Clouds are, like other tech, emerging with a great velocity. The better would be start finding a good way to secure them rather than thinking of a "Trick or Treat" method to avoid storing the data. If I get a space on Cloud for my application, I would use better methods to make sure the data is stored and is saved in every possible way.
So, my vote is I would store it if I am using good precautionary measures. After all storing the passwords in plain-string or base64 isn't the efficient way to store passwords on or off Cloud., is it?
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
No offence... but you sound a bit idealist in my opinion.
Are you now programming for living? I would guess "no"
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
When you select a Cloud company, how many of its employees do you rate as loyal to you and your company? How many of them work for minimum wage but still have access to your data? How many of them would accept a small sum from your competitors in order to pass over a backup?
How do you know that the company does any backups, much less how frequent and "solid" they are? How do you know that they won;t be bought out by a company that is accountant led instead of technically savvy?
How do you know the company will still exist next year?
We have worked damn hard over the last twenty or more years to get away from the centralised data model, and to a "local" data and processing environment - and now the centralised model is back, but with the added twist of handing it all to unknowns to look after...
Not for me, thank you!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I guess it's not only about that, but it's the mainreason to not store sensitive data in any cloud (except your own). On that view i guess clouds are mostly interesting for students to share project stuff and homework.
Otherwise i can't imagine data that can go in the cloud without being sensitive
Rules for the FOSW ![ ^]
if(this.signature != "")
{
MessageBox.Show("This is my signature: " + Environment.NewLine + signature);
}
else
{
MessageBox.Show("404-Signature not found");
}
|
|
|
|
|
HobbyProggy wrote: On that view i guess clouds are mostly interesting for students to share project stuff and homework.
I didn't know that the QA is now a cloud
Gimme codez plzzzzzzzz
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
In that case, get a separate laptop and adjust it to act as a web server. I am sure you trust yourself to not phish it and rely on yourself and that laptop.
Do not forget to send me the URL to your site!
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
OriginalGriff wrote: How do you know the company will still exist next year? You have the same problem when investing in an OS.. So, if it is the same company you're betting on..
Not my opinion, but would sound reasonable as argumentation.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Eddy Vluggen wrote: would sound reasonable as argumentation.
It's not really the same: if Microsoft went bust tomorrow, there would still be people using windows in ten years time. If the company holding your cloud data goes bust, and their servers are repossessed...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Good point
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
I agree,
and that credit card token storage is pretty much a fancy name for cloud.
I got into an online argument here on CP about that issue, and everybody was brainwashed into thinking that the secure token method was the way to go, and I was an idiot not to use it.
Perhaps it just programmers passing the buck for the care and responsibility of sensitive data.
|
|
|
|
|
OriginalGriff wrote: How do you know that the company does any backups, much less how frequent and "solid" they are?
Once had an admin friend of mine tell me, "Nobody cares about backups. Restores, however..."
|
|
|
|
|
Any cloud will eventually get hacked...
And that sensitive data will be out on the street.
Except when you're government.
In that case your sensitive data will come out on the street anyway
|
|
|
|
|
See, that's where the NSA's going about it wrong.
Instead of being this secretive organization, they should market themselves as "Your free backup solution."
"We've got all your data, any time you need it."
|
|
|
|
|
Getting hack is secondary to me. Would you trust a stranger with a master key to you house, regardless how well intension (s)he may be? Any encrypted data can be broken, it just a matter of time. Once that sensitive data goes into the cloud, it stays in the cloud indefinitely.
I don't use Facebook, Twitter, Google drive or Drop-box. I don't event trust putting sensitive data on a thumb drive let alone the cloud.
|
|
|
|
|
Some data very impotent and confidential for you but its dose not have any value without logic then its not at all important data for all.
Life is all about share and care...
public class Life : ICareable,IShareable
{
// implements yours...
}
|
|
|
|
|
On the contrary, I would argue that most data may not seem important to you, but invaluable to a data collector. A single piece of information may not seem relevant, but enough cumulative of information are as good as gold to those who know what to look for.
|
|
|
|