Clouds: How to store, share and work securely
Clouds: How to store, share and work securely
Cloud computing is very practical: You can easily upload and download files, share with others and access them everywhere even when you do not have your personal devices with you. But this also means that everybody could access your files who is able to log in to your account of a cloud service. This is risky. Moreover, the cloud service provider might also have access to your files and could be legally bound to hand it over to governments. Here are pros and cons for clouds and basic rules for journalists to work with clouds.
Local vs. Cloud: Pros and Cons
local | cloud | |
advantages | - No access for third parties to the files - Easy to encrypt files locally | - Availability for many people - Flexibility for many devices - Currentless of data - Low costs of storage |
disadvantages | - No access for colleagues and team members - Collaborative work impossible - High costs if every team member needs to buy storage and devices | - High responsibility for individual user to secure account and data - Mostly no end-to-end encryption by default - Accessto files for the cloud provider - legal obligations for cloud providers to cooperate with government |
Basic rules for working in the cloud
Here are 4 basic rules that journalists and their sources should keep in mind:
- Protect access to your account, especially with a strong password and a Two-Factor-Authentication.
- Only share files with people who really need to have access to it. The more people who have access to a cloud, the more likely it is that adversaries could find a way into it as well.
- "Clean" your cloud regularly. Only leave files in the cloud that you or your team really needs at the moment.
- Use end-to-end encryption for files that you upload in a cloud. If you are a group of people, you should agree on one encryption tool, so that everybody can decrypt it. For example, you could use VeraCrypt, PGP or Boxcryptor (commercial) for file encryption in a cloud.