With all the stories about hackers these days, is online backup safe to use?
This question was answered on January 13, 2016. Much of the information contained herein may have changed since posting.
It’s easy to understand why anyone would have concerns with ‘cloud-based’ services with all the stories you hear about government agencies and large corporations getting hacked.
If these big guys can’t stop the hackers, how safe is my data in the hands of a small commercial entity?
While it’s true that nothing on the Internet is un-hackable, the real concern is will my data be a target.
Random acts of hacking are completely different than targeted hacks, such as the ones you often hear about in the media.
Sophisticated hacking syndicates don’t waste time on targets where they don’t know what’s on the other side.
Hackers know that they can grab valuable data from government agencies and large corporations so it’s worth the time and effort to make them a target.
The real question you need to ask yourself when it comes to backing up and securing your data is “are they better equipped to protect my data than I am?”
For the tech savvy crowd, the answer may be no, but for most people the clear answer is yes; these companies that make their living providing secure online storage of data are more focused on security and fighting hackers than you’ll ever be.
Any of these online services can be ‘hacked’ which would generally only provide access to a large amount of encrypted data. This would require the hackers to spend an unknown amount of time attempting to decrypt the data just to see what they were able to steal (that’s just not what smart thieves do).
Keep in mind, your small data set amongst millions of others would also have to somehow become a specific target.
It’s not that these online service aren’t hackable, they just aren’t that attractive of a target for ‘hackers’.
Most people don’t encrypt their data on their own computers, but all of the online backup services that I am aware of do.
When you use an online backup service, your files are encrypted on your own machine before they are uploaded via a secure connection to the company’s storage servers.
The files remain encrypted and many give you the option of storing the only key on your own computer for decrypting your data.
While from a security standpoint, this is more secure, if you ever lose your encryption key, you’re backup data becomes useless without it.
Some services like Carbonite use a proprietary file system, which adds another level of complexity if anyone where ever able to get past all the rest of the security.
Keep in mind, you’re balancing what is technically possible against what is most likely to happen.
Using an external hard drive connected to your computer will certainly remove the risk of a hacker compromising an online service, but it’s of little use if you’re a victim of theft, fire, flooding, ransomware attacks or other more common scenarios for the average user.
The ultimate backup scenario uses the 3-2-1 method: 3 copies on 2 different devices with 1 copy off-site.
(Image courtesy of https://www.flickr.com/photos/jakerust)
About the author
Posted by Ken Colburn of Data Doctors on January 13, 2016