Cloud storage

The term cloud storage denotes storage space which is accessed over the Internet.  Not all cloud providers score well as far as data pro­tec­tion and data secu­rity are con­cerned. A few rules will help you pro­tect your data in the cloud.

Pro­tect your­self by...

  • Choosing a suit­able cloud provider. Using for­eign providers often has some draw­backs with regard to your data pro­tec­tion.
  • Securely log­ging in. Use a secure pass­word and if pos­sible two-factor authen­ti­ca­tion, sim­ilar to the method used with e-banking.
  • Only ever trans­mit­ting your data in encrypted form. Use a ser­vice which trans­mits your data in encrypted form (https).
  • Only ever storing your data in encrypted form. You are fre­quently unable to check that your cloud provider encrypts your data cor­rectly. You should there­fore encrypt your data your­self.
  • Cre­ating an addi­tional local back-up of your data. Reg­u­larly create local back-ups of your data stored in the cloud - you are gen­er­ally unable to check that your cloud provider backs up your data cor­rectly either.
  • Pro­tecting all devices accessing your cloud data. To do so, please follow our “5 steps for your dig­ital secu­rity”.

When using cloud storage such as Dropbox, iCloud, OneDrive or Google Drive, your data are stored in cen­tral loca­tions via the public Internet. You are there­fore passing on your data to a third party. This raises con­cerns with regard to secu­rity and data pro­tec­tion.

Cloud provider loca­tion

The cloud provider’s loca­tion is vital: Your data are often stored abroad and are there­fore sub­ject to dif­ferent data pro­tec­tion laws. In addi­tion, many data on the Internet are sys­tem­at­i­cally recorded and analysed by intel­li­gence ser­vices.

According to law, storage and reten­tion of data is also a form of data pro­cessing and hence sub­ject to data pro­tec­tion.

Using cloud ser­vices there­fore becomes par­tic­u­larly crit­ical if third party per­sonal data requiring spe­cial pro­tec­tion are stored with a cloud provider. Depending on the envi­ron­ment, this can quickly lead to a breach of the local data pro­tec­tion reg­u­la­tions (DSG) or the stricter Euro­pean Gen­eral Data Pro­tec­tion Reg­u­la­tions (GDPR).

Some instances of per­sonal data requiring spe­cial pro­tec­tion are:

  • Reli­gious, ide­o­log­ical, polit­ical or union-related views or activ­i­ties.
  • Health, pri­vate life or eth­nicity.
  • Social ben­efit mea­sures.
  • Civil or crim­inal pros­e­cu­tion and sanc­tions.

To pre­vent poten­tial con­flicts with the data pro­tec­tion laws, you should there­fore prefer­ably opt for a Swiss provider.

Secure access

You either access your cloud data via your browser by calling up your provider web­site and log­ging your­self in there. Or you use a pro­gram or app installed on your device pro­viding you with access to your ser­vice.

The point of access is the vul­ner­a­bility here: A weak pass­word throws the gates wide open to attackers. It is there­fore an absolute must to follow our “6 rules for a secure pass­word”. If pos­sible, use two-factor authen­ti­ca­tion, sim­ilar to the method used with e-banking, to better pro­tect access.

When accessing the cloud via smart­phone or tablet, your data are only as secure as the level of pro­tec­tion against access to your device and the cloud ser­vice in case of loss or theft. Fur­ther infor­ma­tion can be found here. Access via unse­cured net­works - i.e. Wi-Fi - also poses a risk.

Secure data trans­mis­sion

Use a ser­vice which trans­mits your data in encrypted form and pre­vents unau­tho­rised access by third par­ties during trans­mis­sion this way.

In your browser, this is the case if your address line starts with “https://”, and a lock symbol is dis­played. If you use a cloud ser­vice via soft­ware or an app installed, you must ensure that your data are trans­mitted via an encrypted con­nec­tion via your con­fig­u­ra­tion set­tings.

Secure data storage

With cloud storage, you entrust third par­ties with the storage of your data. For this reason, it is vital to pay par­tic­ular atten­tion to data back-ups and data encryp­tion.

Most cloud providers now offer the option to file your data in encrypted form. Yet while this is gen­er­ally easy and con­ve­nient to handle, it is just about impos­sible to check how reli­able this is. The most secure method there­fore is to encrypt and decrypt at least your sen­si­tive data your­self.

Secure back-up

You are gen­er­ally unable to check that your cloud provider backs up your data cor­rectly either. For this reason, you should make absolutely sure that you create local back-ups of all your data stored in the cloud, too. Fur­ther infor­ma­tion can be found here.

Secure devices

If your device is infected with mal­ware, your data are not secure in the cloud either and are liable to attack. You should there­fore follow our “5 steps for your dig­ital secu­rity“.

Cloud provider

There are a large number of cloud providers all over the world: Some exam­ples:

For­eign cloud providers:

Swiss cloud providers with data storage in Switzer­land:

With cloud storage, data are stored in cen­tral places via the public Internet. This saves storage space and enables access to your data from any loca­tion and with dif­ferent devices, even by sev­eral people at the same time.

Passing on per­sonal data to third par­ties how­ever can poten­tially adversely affect your data secu­rity and raises con­cerns with regard to data pro­tec­tion. It is there­fore vital to make the right choice of provider.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic courses

This basic course will point out cur­rent threats on the Internet and con­veys mea­sures as to how you can pro­tect your­self by taking some simple mea­sures.

fur­ther infor­ma­tion

Prac­tical courses

Learn and prac­tice the most impor­tant mea­sures for your com­puter and e-banking secu­rity on com­puters pro­vided by us.

fur­ther infor­ma­tion

Send this to a friend