Home Page Navigation Contents Contact Sitemap Search

Cloud storage

The term cloud storage denotes storage space which is accessed over the Internet.  Not all cloud providers score well as far as data pro­tec­tion and data secu­rity are con­cerned. A few rules will help you pro­tect your data in the cloud.

Pro­tect your­self by...

  • Choosing a suit­able cloud provider. Using for­eign providers often has some draw­backs with regard to your data protection.
  • Securely log­ging in. Use a secure pass­word and if pos­sible two-factor authen­ti­ca­tion, sim­ilar to the method used with e-banking.
  • Only ever trans­mit­ting your data in encrypted form. Use a ser­vice which trans­mits your data in encrypted form (https).
  • Only ever storing your data in encrypted form. You are fre­quently unable to check that your cloud provider encrypts your data cor­rectly. You should there­fore encrypt your data yourself.
  • Cre­ating an addi­tional local back-up of your data. Reg­u­larly create local back-ups of your data stored in the cloud - you are gen­er­ally unable to check that your cloud provider backs up your data cor­rectly either.
  • Pro­tecting all devices accessing your cloud data. To do so, please follow our “5 steps for your dig­ital secu­rity”.

When using cloud storage such as Dropbox, iCloud, OneDrive or Google Drive, your data are stored in cen­tral loca­tions via the public Internet. You are there­fore passing on your data to a third party. This raises con­cerns with regard to secu­rity and data protection.

Cloud provider location

The cloud provider’s loca­tion is vital: Your data are often stored abroad and are there­fore sub­ject to dif­ferent data pro­tec­tion laws. In addi­tion, many data on the Internet are sys­tem­at­i­cally recorded and analysed by intel­li­gence services.

According to law, storage and reten­tion of data is also a form of data pro­cessing and hence sub­ject to data protection.

Using cloud ser­vices there­fore becomes par­tic­u­larly crit­ical if third party per­sonal data requiring spe­cial pro­tec­tion are stored with a cloud provider. Depending on the envi­ron­ment, this can quickly lead to a breach of the local data pro­tec­tion reg­u­la­tions (DSG) or the stricter Euro­pean Gen­eral Data Pro­tec­tion Reg­u­la­tions (GDPR).

Some instances of per­sonal data requiring spe­cial pro­tec­tion are:

  • Reli­gious, ide­o­log­ical, polit­ical or union-related views or activities.
  • Health, pri­vate life or ethnicity.
  • Social ben­efit measures.
  • Civil or crim­inal pros­e­cu­tion and sanctions.

To pre­vent poten­tial con­flicts with the data pro­tec­tion laws, you should there­fore prefer­ably opt for a Swiss provider.

Secure access

You either access your cloud data via your browser by calling up your provider web­site and log­ging your­self in there. Or you use a pro­gram or app installed on your device pro­viding you with access to your service.

The point of access is the vul­ner­a­bility here: A weak pass­word throws the gates wide open to attackers. It is there­fore an absolute must to follow our “6 rules for a secure pass­word”. If pos­sible, use two-factor authen­ti­ca­tion, sim­ilar to the method used with e-banking, to better pro­tect access.

When accessing the cloud via smart­phone or tablet, your data are only as secure as the level of pro­tec­tion against access to your device and the cloud ser­vice in case of loss or theft. Fur­ther infor­ma­tion can be found here. Access via unse­cured net­works - i.e. Wi-Fi - also poses a risk.

Secure data transmission

Use a ser­vice which trans­mits your data in encrypted form and pre­vents unau­tho­rised access by third par­ties during trans­mis­sion this way.

In your browser, this is the case if your address line starts with “https://”, and a lock symbol is dis­played. If you use a cloud ser­vice via soft­ware or an app installed, you must ensure that your data are trans­mitted via an encrypted con­nec­tion via your con­fig­u­ra­tion settings.

Secure data storage

With cloud storage, you entrust third par­ties with the storage of your data. For this reason, it is vital to pay par­tic­ular atten­tion to data back-ups and data encryption.

Most cloud providers now offer the option to file your data in encrypted form. Yet while this is gen­er­ally easy and con­ve­nient to handle, it is just about impos­sible to check how reli­able this is. The most secure method there­fore is to encrypt and decrypt at least your sen­si­tive data yourself.

Secure back-up

You are gen­er­ally unable to check that your cloud provider backs up your data cor­rectly either. For this reason, you should make absolutely sure that you create local back-ups of all your data stored in the cloud, too. Fur­ther infor­ma­tion can be found here.

Secure devices

If your device is infected with mal­ware, your data are not secure in the cloud either and are liable to attack. You should there­fore follow our “5 steps for your dig­ital secu­rity“.

Cloud provider

There are a large number of cloud providers all over the world: Some examples:

For­eign cloud providers:

Swiss cloud providers with data storage in Switzerland:

With cloud storage, data are stored in cen­tral places via the public Internet. This saves storage space and enables access to your data from any loca­tion and with dif­ferent devices, even by sev­eral people at the same time.

Passing on per­sonal data to third par­ties how­ever can poten­tially adversely affect your data secu­rity and raises con­cerns with regard to data pro­tec­tion. It is there­fore vital to make the right choice of provider.

What else would you like to learn about security when e-banking?

Reg­ister for a course now
and learn more:

Basic course

Find out about cur­rent Internet threats and some easy pro­tec­tive mea­sures, and how to securely use e-banking.

fur­ther information

Online course mobile banking/payments

Find out about mobile banking, mobile pay­ments and how to securely use these apps.

fur­ther information

Online course for the under-30s

Learn how to use your smart­phone securely. Next to basics, we will show you what you should know about social media, clouds, mobile banking and mobile payments.

fur­ther information

Course for SMEs

Is your organ­i­sa­tion suf­fi­ciently secure? Learn which mea­sures you can take to sig­nif­i­cantly strengthen your organisation’s IT security.

fur­ther information