What's new
What's new

What's wrong with cloud storage?

BRHMFG

Aluminum
Joined
Oct 9, 2014
Location
South Dakota
Over and over I hear on this forum of a reluctance to have anything on the cloud. Why? I admit we are on the bottom end of the scale as far as drawings and cad work and if someone got our files it wouldn't be too serious. But we have every file backed up on drop box which is so handy. Recently bought new drafting computer and after installing software all we did is sign in to drop box and everything downloads right there! All files can be opened on any computer. If the network is down the files are on each computer that is signed in and can be opened edited and saved and when the network returns the newest version is updated on each device.
if a computer crashes its all backed up.
As far as security I wd think most of these cloud services wd have more means of security than a shop office. If someone wanted to hack into your drawings I bet it would be a lot easier to pay off an employee than to hack into the cloud....
So enlighten me on this.....Why the great reluctance?
 
'cuz we're old, grumpy and don't like change. I'm still running XP :D



Seriously though, I have some jobs where I have to maintain controlled, limited access documents

I also have one customer that won't even let scrap parts be photographed or displayed show-and-tell style.

I couldn't imagine what would happen if I put that info out on the internet and they found out.
 
Because I want my data to be my data. I know maybe this is paranoid and no I don't have much to hide. Still it is my data and I want to keep it that way. Without lots of lawyers and money you have no way of knowing exactly what the arrangement is. As far as security goes I am sure they do far better setups but when I screw it up I know who to blame.
 
Once your confidential data is on someone else's network you no longer have full control. If they get hacked or have a dishonest employee your design data could be stolen.

And if that cloud floats over China you may soon have a knockoff competing with you in the market.
 
The cloud is just a fee for service operation & I'm sure they do their best at security. Prolly the biggest security hole would be the users...

So when it gets to an exchange of money from my account to their account for convenience, I have a choice - "do I need that convenience"? At one time I thought it was normal for females to pick up my clothes after a bath (mother did it) - but later on, quite surprised when this didn't translate to "all females" :eek:... Pretty sure money for service would not have fixed that latter issue.

I just do it myself if I can, thinking fewer surprises are better.

IMHO of course,
Matt
 
For my small shop I use Google drive, my thoughts are it's probably much more secure than any local machine I would store backups on. I can access drawings from home or the shop and everything is always backed up. I don't have drawings with limited personal access issues this would seam like a very good reason not to use a cloud drive. I open to hearing why a cloud drive is a bad idea, but for me it works extremely well.
 
'cuz we're old, grumpy and don't like change. I'm still running XP :D



Seriously though, I have some jobs where I have to maintain controlled, limited access documents

I also have one customer that won't even let scrap parts be photographed or displayed show-and-tell style.

I couldn't imagine what would happen if I put that info out on the internet and they found out.
And I'm sure your office is locked with security cameras in place and computers are logged off with secure password access anytime someone is out of office and prints are shredded when finished.........
I wonder if anyone uses a bank? Just letting that money out of site ya know....
But seriously has anyone had actual problems with this or is it just the idea of change?
 
for the most part I think the security concerns are paranoia and BS, I don't have armed guards or a moat either and am able to sleep at night....yeah there are breaches but unless you no internet access your local stuff is hackable, heck it would probably be a lot easier for someone to physically break in if any or out stuff is that important to them.

Still, i'm fairly anti-cloud computing. Reason, it's just too damn slow. We've a cloud server now with accounting on it among other things and the book keeper ready strangle me. I'm in the process of dumping in favour of a local network with remote access. When a computer is slow, it puts the person's whole work mode in 1st gear.
 
I think it is ok for a backup to use cloud services, it is just another copy of what you have, just in case. OTOH, I think I'd feel dumb if my internet connection went down and I had nothing local to work with. I thought about this a lot when I was trying out Quickbooks online for a trial. The more I used it, the less I liked never having a copy of my own data. Everything is secure online......until such time as it suddenly isn't.
 
I think it is ok for a backup to use cloud services, it is just another copy of what you have, just in case. OTOH, I think I'd feel dumb if my internet connection went down and I had nothing local to work with. I thought about this a lot when I was trying out Quickbooks online for a trial. The more I used it, the less I liked never having a copy of my own data. Everything is secure online......until such time as it suddenly isn't.

that and the online version is very much QB lite. really carved down. And probably bloody slow.
 
BRHMFG - the substantive issue is something we might call "attack frontier"

By this I don't mean all the programming interfaces and the bugs in them, or the ill advised user behavoir. Those things are part of the attack surface.

By frontier, I mean "how many people on Earth can attack you at once?"

In a shop in which all of the confidential material is stored on machines either not on the internet or behind very very good firewalls, the effective frontier is that physical location. Being low profile actually helps. Door locks, dogs, etc. actually help. Persuading people to NOT write their passwords on stickies attached to their monitors helps. (BUT - go read about stuxnet...)

With the cloud, which is largely built out of layered arrangements (dropbox appears to run on top of amazon's AWS for example) you can have nasty virus propogation and data breaches without security failures by any of the major players.

A recent nasy example that's been going around. An encrypt-your-files-for-ransom virus is injected onto some user machine, which has a local dropbox tree that syncs all of the important files of the org. The encrypted-for-ransom changes are then *automatically* propogated by dropbox to every other workstation in the org. If you don't have offline backups, or at least a directory to get at dropbox's packrat with, you are screwed, All of this actually happened to an org I volunteer for.

It's an example of a case where the *fundamental nature* of cloud storage services means they can propogate new nasty malware *without any defects in the file services or file propogation services* - it's not an AWS bug, it's not a dropbox bug, it's not a breach of either of them. But it's a big time breach of the org it happened to.

By the way, I can carry 128gb (or more) from my office to my shop in 20 minutes, would take about 4 days over the links available.... Bandwidth is neither inifinite nor cheap and that lmits the practical use of the cloud.
 
Data is always being stolen and misused.

So you're saying don't have data? for that matter, as are cars.....so we shouldn't have one?

Point is how much of risk is it? Do you not have an internet connection? that's probably a bigger risk.
 
I use the cloud for files I am working on and want to finish elsewhere. Toss in dropbox and open at the next location...or along the way.

When working a project I may put all files in Dropbox so I have it all wherever I am.

However, if its sensitive material...

Well, I figure it is like a text or email...you don't want to write anything you don't want every or anyone to see and read. So nothing sensitive is put up there.

No I have yet to hear of a problem...but you can bet it is only a matter of time.
 
Do I trust them not to try to read my files? No.
Do I trust them not to try to sell my files? No.
Do I trust them not to lose my files? No.
Do I trust them not to change or withdraw the service? No.
Do I trust them not to increase the prices to an unreasonable level? No.
Do I believe there are cloud hackers out there? Yes.
Do I believe among the hackers are governments? Yes.
Do I believe etc.

Them being Google, Apple, Microsoft and a whole host of other organisations who have form for
screwing us. Them being every government with their NSA, GCHQ etc.

My master files are on micro SD cards, cards which are removed before I go online.
Nothing on hard drives except Windows, other programs and files created by those programs.
Plus other security procedures.
Multi encrypted backup to mutiple locations.

Anyone who trusts these ****s is a fool.

I am a private individual so I can please myself.
Many contributors to PM have customers to please. I would be surprised to hear that these
customers would be happy with their specifications on cloud.

Rich
 
So you're saying don't have data? for that matter, as are cars.....so we shouldn't have one?

Point is how much of risk is it? Do you not have an internet connection? that's probably a bigger risk.

I don't leave the keys in my car and I don't leave it parked overnight in a dark alley.

All my financial spreadsheets and other confidential files are on removable media. I run cleanup programs after accessing them to remove cached data. I keep virus and malware programs up to date. I stopped using Internet Explorer years ago because of all the vulnerabilities and hidden caches. Same for Outlook email. I use an email program that allows selective download so potential attack emails stay on my provider's server. If I think they may be legit I open them on the server using web mail. I use strong passwords for online transactions and a different one for every site. I clear history and caches when done. I use real LAN connections, not wireless.

This probably sounds like paranoia to those who have never been seriously hit but believe me when it comes to online stuff they really are out to get you. About a dozen years ago I got hit at work by a trojan that activated when the email displayed in the preview pane in Outlook. I never even opened the message. I lost about 90% of my files and it also wiped out the backups on the server by following the stored shortcuts. Much of what I do is mandatory practice at clients I have worked for and was instructed by savvy IT professionals.
 
What's wrong with cloud storage? Quite a bit: and most most of the (potential) issues have been mentioned above. My main concern relates to stability. Will the company still be around next week? Next month? Next year? And, if it's not, what happens to your data? Will you have time to get it back before the company closes its doors? Cloud companies have gone belly up before, and it's inevitable that others will meet with a similar fate. While this probably isn't too much of a concern if you've got your data with one of the big guys, it absolutely is if you're using the services of a smaller company (Carbonite has been bleeding money for years - in fact, I'm not sure that the company has ever turned a profit).

It’s also worth noting that many cloud companies do not actually have their own servers and instead rent capacity from one of the majors – Dropbox, for example, uses Amazon S3. And there are pros and cons to this. On the positive side of things, it means your stuff probably isn’t being stored on a hokey home-brewed server in a recently converted warehouse with a leaky sprinkler system and no lock on the front door; rather, it’s ensconced a nice purpose-built data centre. On the negative side of things, it means that you have absolutely no contractual relationship with the company that actually stores your data and that your ability to access it is entirely dependent on your cloud company paying its bills to Amazon, Google or whoever the back-end infrastructure provider may be (cloud companies’ contracts with providers typically enable the provider to switch off a service in the event of non-payment and to eventually delete the data in the event of continued non-payment – usually after either 30 or 60 days).

I view data like cash. I wouldn't trust a cloud provider I knew next-to-nothing about with my data any more than I'd trust a bank I knew next-to-nothing about with my money. For me, that means I'd never use Carbonite or any other small company - and potentially cash-strapped - company that I didn't know much about.

I'm not a paranoiac when it comes to security/privacy and think that data stored with a major cloud provider is - for the most part - just as secure, if not more secure, than it would be if it were kept in the home/office. I say "for the most part" as there are some specific scenarios where that may not be the case. Take trade secrets, for example - which, by definition, is something that you've made reasonable efforts to keep a secret. To quote Forbes magazine, "Given such security vulnerabilities, might a court find that, by placing highly-sensitive and valuable information in the cloud, a company did not take “reasonable” efforts to maintain the secrecy of its information? While the courts have yet to grapple with this question, it deserves careful consideration. The fact that cloud providers may contractually limit their liability to far less than the likely value of such “crown jewels” could further undermine a company’s efforts to show that it took reasonable precautions to protect its data. For instance, cloud provider Salesforce.com has limited its liability for a data breach to the lesser of $500,000 or the amount paid by the subscriber in the twelve months preceding the breach. Given the potentially vast differential between the value of trade secrets and limitations on a provider’s liability, a court might find that it is simply unreasonable for a subscriber to have placed such valuable information in the cloud."

And the cloud isn't necessarily the cheapest option. I use a fire/water/theft-proof hard drive (at least, I did until I recently upgraded to a fire/water/theft-proof NAS from the same company). The hard drive cost $350 plus an extra $100 for a 5-year warranty and their Data Recovery Service (if your hard drive breaks, they’ll replace it as well as recovering the data from your old drive and putting in on the new one). While that may seem like a lot, I did the math and, if you spread the cost out, it’s actually pretty cheap. Between my and my wife’s computers, we have about 500GBs of data. To back that up with CrashPlan’s Family Plan would have cost $12.50/month, or $750 over 5 years. To back it up with Mozy would have cost about $30/month, or about $1,800 over 5 years (yikes!). In other words, the drive should save me quite a bit of money compared to the alternatives (touch wood!). And that, of course, assumes that cloud companies don’t increase their pricing – which I suspect is something that may happen in the not too distant future. (the current downward trend cannot continue indefinitely).

All that said, I also put our important but non-sensitive stuff – photos, for example – in the cloud simply as a precautionary measure. It costs nothing to do - using the free 15GBs of OneDrive capacity - and provides an additional layer of protection.
 








 
Back
Top