How do I use cloud services during my studies?
15 November 2017
Most people have encountered clouds in some form. The magical storage nobody knows where it comes from. However, clouds are not that magical. Basically, they are a cluster of servers or computers, which provide a service to the user. While most users know clouds as storage facilities, there are also different types of clouds (like for example a computational cloud) but we won’t examine those in this text. This text will talk about storage clouds and how to use these services as a student or academic staff. Storage clouds can be classified in following categories:
Personal Clouds: These clouds are set up and maintained by the user of the cloud himself. This often requires elaborate technical knowledge to set up, but once they are up and running, they provide flexibility, and relatively high data security and privacy if setup correctly without recurring fees. Examples: OwnCloud, NAS.
Consumer Clouds: These types of clouds are the most widely known. They require almost no technical knowledge to use. A client is often offered by the cloud provider, who sets up everything correctly. They are often free or cheap. However, these cloud services are less flexible than personal clouds. Data security is managed by the providers. Since they are professionals, the security standard is very high, but they are more often targeted by hackers and thus more vulnerable to data breaches (e.g. iCloud hack in 2014). Examples: Dropbox, Google Drive, OneDrive.
Corporate Clouds: These services are very closely monitored and maintained. However, they are often quite expensive, mostly because of the outstanding technical support. They are mostly used by institutions as they require high security and high reliability. Examples: Onedrive for Business, SwitchDrive.
What do I do with my cloud?
There are many ways to use your cloud. You can use it to store personal data like photos, music or documents, making them available to you on multiple devices. Furthermore, you can also run so-called portable programs/apps from your cloud. These programs do not require a fixed local installation. Instead, they can be run from either a usb-stick, a hard-drive or in our case, from a cloud. When deployed on your cloud, you will be able to access all your portable programs from all your devices supporting the executable without having to install them again. Examples for such programs are: Browsers (e.g. Mozilla Firefox Portable), Mail Clients (e.g. Mozilla Thunderbird Portable), Photo-Editors (e.g. GIMP Portable) and much more. These programs are a good idea if you often change your working environment but still want to maintain a personal experience while using computers.
In addition, if you have enough storage on your cloud, you can use it to backup your devices. This is especially interesting if you have a personal cloud, where you can cheaply and easily expand the storage capabilities. The SafeIT initiative of ETHZ and ourselves recommend to always keep 3 different copies of your important data on at least two different types of storage media. For example if you are working on an important personal project you could save your work on a USB drive, your working computer, and a consumer-cloud of your choice. This may seem cumbersome, but if a catastrophe happens and you happen to lose both your computer and USB drive, you will be happy to find your data safely in the cloud. Please keep in mind that clouds can also fail even if they are managed and maintained by professionals: Backup your cloud from time to time and do not forget to keep applying the three-file-policy proposed by SafeIT for important files.
What kind of cloud should I use?
Depending what you are doing with your cloud, you will probably choose a different solution. For example to save personal pictures, it is probably enough to choose a consumer cloud. If you run out of storage you can upgrade to a premium data plan with most providers without needing to move your data. If you like to play around with technical problems, you can set up your own personal cloud. However, keep in mind that they require time to set up and maintain. Furthermore, they require technical knowledge to set up and might not be for everyone. On the other hand, having a personal cloud will guarantee full control over your data and over your hardware. Handling material handed out by your university might be quite complicated. Due to data security and copyright, many universities chose to prohibit the use of consumer clouds for sensitive data. Material you created during a Bachelor’s or Master’s thesis or during your doctoral studies is not personal data and you should not store it on a consumer cloud. This could violate licensing, copyright (the work you create during your time at your university using their resources does not belong to you entirely), or data protection laws (you don't know what consumer cloud providers might do with your data and where they store it). Please check with your university’s IT department for guidelines on cloud usage.
How do I keep my data safe?
Everything stored online has a certain risk of being stolen. This is something you have to keep in mind if you use data storage which is located online. On the other hand, a USB drive or hard drive can be stolen as well. If you really have to keep your data secure, use data encryption on your sensitive data. This will make it almost impossible to read your data, even if a person with malicious intents stole it from your cloud or from your external storage unit. For external physical storage devices, there are a lot of different programs which will encrypt your data efficiently.
But let’s focus on the cloud encryption. Even if your password for your cloud is really strong, your data might still be not secure. So it’s a good idea to further encrypt your files. There are two products which I will present. However, it is a good idea to search the web yourself for a solution which might suit you better than what I propose.
Boxcryptor: This is a service which will encrypt your cloud storage. The free package allows up to two devices to have access to the encrypted files, for more devices you will have to subscribe to a package.
Cryptomator: This is a open source alternative to Boxcryptor. This package basically does everything Boxcryptor does for free and has its source code posted online.
Both of these programs support Windows, Mac Os X, popular Linux distributions (Cryptomator can be compiled for the rest), Android distributions, iOS.
This summarized how to keep your data safe. Now let’s move on to how to keep your account safe: You can setup two-factor authentication for most clouds, including but not limited to: Google Drive, Dropbox, OneDrive. When two-factor authentication is activated, you not only need to enter your password when logging in from a new computer, but you also need a verification that this was indeed you, for example by entering a code you received by mail, SMS or per app notification. Even if somebody is able to steal your password, it will do him no good, as you need to confirm it is you at the login prompt.
Always check if you are allowed to upload to your cloud. If not, store your data on a cloud or NAS which is owned by the university you work/study for/at.
Always store three copies of your work on at least two different storage types (e.g. your computer, a USB drive and a cloud).
It is also always a good idea to ensure nobody besides you can access your account, this can be done with two-factor authentication. If you want to be sure nobody can access your data, encrypt your cloud storage with a cloud-encryptor like proposed in the text.