Head in the Cloud, feet on the ground - European Cyber Security Month

Clever Cloud User - TIPS - BEE SECURE is promoted by Securitymadein.lu, Luxembourg main national online source for cyber security, which provides news, relevant information as well as a toolbox with useful cyber security solutions for private users, organizations and the ICT community.

Check the whole article and tips accessible in French and in English.

The security triangle: availability, integrity, confidentiality

Many types of cloud exist and it is impossible to list them here. However, it is crucial to be attentive to the conditions of use and guarantees offered by the various cloud services.
The security of data in the Cloud can be summarized in three factors:

  •  Availability: (the fact that the data is available quickly and at any time)
  •  Integrity (the fact that the data are not changed, altered or deleted unexpectedly)
  • Confidentiality (the fact that the data is not disclosed).
On the Cloud, these three factors must be evaluated specifically:
  •     Availability: everywhere and all the time?
  •     Integrity what guarantees? What protections?
  •     Confidentiality
Enjoy the cloud safe? It's possible !

The Cloud has benefits and lower or higher risks, according to the use that is made. How to tip the balance of the side benefits?

Here is the method to be followed and some practical tips.
    Define its priorities

Do I need a simple storage space to access my documents with different devices? To store and sort my photos?
From a collaborative workspace?
On a platform of exchange and sharing?
From all this at once?
Tip 1: Think about the usefulness of each time a form of cloud is offered on a device or application.
Tip 2: Make order regularly. If documents are no longer needed, delete them from the cloud. If you have applications that you use no more, delete them also.


    Understanding the Risks

The benefits of cloud are simple to understand. The risks are less.
Therefore, take the time to think about to determine what use we want to do, to identify the risks associated with these practices and take appropriate protective measures. Master your Cloud, did not suffered!
Depending on your needs and your priorities, different solutions are available to you. Each has different risks and opportunities.
Tip 1: Do not put your data in the cloud only. Keep a copy of your messages on a hard disk that belongs to you.
Tip 2: Do not store private documents or sensitive data in the cloud.


    Secure its data / identity online

To limit the risks, some basic rules apply:


Use a strong password to log on to your Cloud (Test your password on pwdtest.bee-secure.lu);
2. Use two-factor authentication (also known as 2-factor authentication or validation in 2 steps) to access your cloud services. This is notably available on Facebook, Google, iCloud and Dropbox;
Figure your sensitive documents or data stored on the Cloud (See bee-secure.lu/cryp) so that they are unreadable for someone who will not accede legitimately;
4. Protects all devices that have access to your Cloud. 10 tips to make them invincible: https://www.cases.lu/fr/securite-mobile-10-astuces-indispensables.html
Opts secure browsing (https) whenever possible.
Even your favorite social network (whether Facebook or another online service) must be used cautiously. Https (small padlock visible in your browser's address bar) will prevent hackers to access all your personal data while you visit social networks.
Do not use unsecured Wi-Fi to access your cloud services.

    Secure its connected devices (smartphones, tablets, objects ...)
The Cloud and smartphones, it's like the chicken and egg. It is not known who was the first ... But what is certain is that they are inseparable, for better or for worse. The Cloud enables us to access the same data and documents from multiple devices (tablets, smartphones, computers, printers and other connected objects ...).
We always use more practical and useful applications in our daily lives.
In particular, applications of "mobility" (eg Google maps, Mobiliteit, DB Navigator ...), assistants to sports training, etc. These applications collect a wealth of data about our habits and movements. We even have the ability to record our activities or preferences for easy retrieval.

If this data were disclosed, they could be used to harm us. 

Five rules must be respected:


- protect devices connected by a strong password
- use backup services associated with tablets and smartphones in order to recover data in case of loss or theft device while deleting them on the device in question.
carefully check the reliability of installed applications;
check what data is collected by each installed application;
uninstall applications you no longer use.

Smart Tip: an application that uses GPS location can also function when the GPS is disabled. This also applies to other features. Master your smartphone, do not suffered!

For more information on the risks related to smartphones

Check more activities during European Cyber Security Month by ENISA.