Data privacy: how safe is your data in the cloud?

Cloud data privacy: is your data safe and secure?

We are using the cloud more and more. As Internet connections get faster and more reliable, the convenience of having all our data available on all our devices becomes ever more attractive.

However, there are disadvantages to using cloud services, particularly the free of charge ones that still have to make a profit somehow. There are many valid, albeit scary, questions you'll want to mull over before trusting a third party to keep your data safe and we've listed them below.

The answers, as you will discover, in this feature are generally not what you want to hear:

  • Privacy - is your data stored or is it being mined for advertising and marketing purposes?
  • Reliability - can you be certain that the service you're using will always be available? What guarantees do you have regarding the safety of your data and is there anything you can do to improve this?
  • Security - is your data encrypted? Who has access to the encryption keys? Could your data be hacked or stolen?
  • Continuity - Can the cloud provider suspend or cancel your account, possibly even losing all your data, for any reason?
  • Performance - Is your Internet connection fast enough to use the services you want without delays?
  • Copyright - who owns the content you upload? Can your photos be sold or published without your consent?

While a large company's security and backup policies are likely to be better designed and implemented than your own, you still have the questions about what they can do with your data. You may feel that allowing them to parse emails to provide more relevant advertising, which you may or may not ignore, is a fair price for a free service.

On the other hand, you may want to keep your private emails just that, and if you are using email for business, you've even more concerns. You are not only responsible for your own data but that of organisations you deal with.

You may also be concerned about keeping private information within your private network, not only for commercial secrecy but also data protection and preserving the privacy of those an organisation deals with.

One law for us, another for them

Another serious issue is that the cloud service may be operated in a different country to your own, and therefore subject to different laws and policies. Even if you are happy with the location, there is nothing to stop the cloud service provider moving everything to a data centre in a different country for economic or political reasons - or simply as a tax avoidance measure.

Google has come in for a lot of stick over its approach to privacy (not to mention its apparent consideration that paying tax is optional here in the UK) but it's are not alone in this, or even the worst. Google is simply the provider with the highest profile.

To its credit, it is reasonably open about using your data to make money - most of us knew Google would read our emails before we signed up for a Gmail account. Still, the idea of cloud services is appealing and convenient; so how do we resolve this dichotomy?

The answer is simple to run your own cloud. That way you get the convenience of easy access to your data from multiple platforms and locations but you retain control over that data.

Now, we are not suggesting that you set up your own data centre to implement your own Gmail, Dropbox and Facebook, but you don't need the scale of those organisations for a home or small business operation.

What do you need?

The cloud is basically built on top of the web, and Linux has something of a track record in providing web services. All you need is a Linux computer running the standard LAMP (Linux, Apache, MySQL, PHP) stack and you can install most of the software from the following pages in minutes.

That just leaves two questions to answer: what and where. Depending on how much you want to do, the hardware could be a small server box, your desktop computer if you leave it switched on all the time it may be needed, or even something really small and power efficient, like a Raspberry Pi or one of the plug computers. Any of these would be hooked up to your local network and so would give excellent speeds when used from within your LAN.