Here is a quick video overview of how we enable pinpoint secure access for you when you are away from home. This is incredibly important security feature that is unique to ‘A Cloud Of My Own’ . Your cloud is not accessible on the public internet by default.
The only time it becomes accessible is when you make a secure request. Then, we allow only access from our secure, monitored data center through to your server. Only users from the particular address can reach your login page, and then only for the time you allow.
This is known as reducing the Attack Surface Area – on both the time and location vectors. This surface area is reduced by well over 99.999%.
This should be terrifying for anyone with a businessthat is storing their files on Google Drive. There is no such thing as confidential information if the files are on the google drive.
Make sure you understand the risks of placing your creative and other files on the Google Drive.
“Google also retains “a worldwide license to use, host, store, reproduce, modify, create derivative works […], communicate, publish, publicly perform, publicly display and distribute” your stuff.This license to use your data specifically persists even after you stop using their services. Although they specify that there are some services which will allow you to “access and remove” your data, they are not specific in their terms of service as to which services these are.
Arguably of more important note, this license to use your data also applies to, in Google’s words, “those we work with”. This means third parties, which might include governments, social networking sites, and anyone else Google has relationships with. They don’t specify any further what entities this applies to.”
We think differently. All of your files are encrypted and decrypted on the device you purchased and own. The encryption keys never leave your network. The files that are store in the cloud are truly just a ‘bucket of bits’ to anyone but you and those you authorized.
Like the 24 hour convenience store on the corner, the convenience of having a cloud storage solution that is always online is assumed these days. (Think dropbox, onedrive, google drive) But should it be?
Having your cloud files stored on a public web site, invites the probability of attack by the millions of bots, trolls and hackers probing all web facing sites for vulnerabilities.
By having your site online 24x7x365 (always on), time is on the hackers side. Although you probably will never see it, the battle is continuous. Your cloud provider will be keeping guard of your site (and the thousands or hundreds of thousands of other sites that are running.), but how much can they spend on your site in particular?
Additional attack vectors outside of their control are the applications that your have on your server, as well as the application and server configurations. All of those must be patched and maintained – most likely by you (if anyone is).
Large companies can taken on the added security, however you protecting yourself, your family and/or your small businesses cloud files sharing and storage site is unrealistic.
That is why we approached the problem differently. Unlike your ‘always on’ cloud sharing products (dropbox, onedrive, etc), you own the main physical ‘server’. It plugs into your internal network (not exposed to the public internet), so that moves everything from the 24 hour convenience store into your kitchen (in a really tiny package).
When you need access (during the evening perhaps), you leave the ‘A Cloud Of My Own’ appliance plugged in. You have full access to your files – which are encrypted and stored out in the Cloud. When you are done for the night, simply unplug the appliance. The files remain locked up tightly in the cloud. Even if someone managed to break into the cloud storage, the encryption keys are in a secure device in your home, that you powered off. There is absolutely no way for someone to obtain them.
With Encryption – Why do we leave our keys in our locks?
We don’t leave our keys in our locks (it kind of defeats the purpose). So why do we continue to have the keys to encrypt and decrypt the files are stored together in the cloud?
Because it has been the ‘logical’ way developers looked to solve the problem. Either the keys were on the client ( the laptop, table, phone, or desktop) or they were on the side where the file were stored (the server).
Having the keys stored on the client side limited the access to only that particular device. In addition making the data – ‘single device/single user’, it also added the risk of the device failing (or being stolen or compromised) .
Putting them on the server side makes the files available to many devices and users, and dramatically reduces the risk of a machine failure. However – it becomes much easier to compromise the information, by capturing both the encryption key and the file at the same time.
Just like the lock and key shown above…
We thought about the problem differently. In “A Cloud Of Our Own” – The keys aren’t on either the client (eliminating the single user/single device issues and compromised device) or the cloud server (eliminating the risk of compromise from a server breach). They exist on a hardened, secure device (about the size of a cellphone) that you plug directly into your home network.
You lock your car and take the keys with you. We believe a similar approach to your cloud files. Keep your files safe.
Basically, by agreed to ‘give’ information to a 3rd party provider, you no longer have a reasonable expectation of privacy.
“Furthermore, users generally entrust the security of online information to a third party, an ISP. In many cases, Fourth Amendment doctrine has held that, in so doing, users relinquish any expectation of privacy. The Third-Party Doctrine holds “…that knowingly revealing information to a third party relinquishes Fourth Amendment protection in that information.”
This is why you must take control of encrypt any data you store with third parties – and don’t store the keys there as well..