Send your data into the cloud and make it… vaporize

“Cloud computing” --- the term is as nebulous as real clouds.

 

Basically, it means storing data somewhere on the Internet. This certainly has advantages, since this data will be available anytime from anywhere. For example, the Google mailbox is available from everywhere; “Dropbox” provides a central storage for any type of files; “ZAPR” and “TeamViewer”, once installed, allow you to share your local files by just sending around links, or give third parties full remote access to your PC, respectively. In addition, there is a growing number of cloud synchronisation services (e.g. “iCloud”/”MobileMe”, “Firefox Sync”, “Dropbox”) which provide (semi-)automatic back-ups of all local files of a laptop, PC or mobile phone.

But hold on. What actually is transferred into the cloud? Personal files like bank statements? Passwords, especially CERN passwords, too? “Back up” usually encompasses everything, including those passwords and bank statements. Furthermore, is this data properly protected? The actual degree of security provided by a cloud services is often extremely difficult for random users to find. Just recently, “Dropbox” confirmed that “a programmer's error caused a temporary security breach that allowed any password to be used to access any user account” and, thus, any user’s data. There the passwords and the bank statements vaporize…

Thus, be careful when using cloud services. Make sure that you do not leak sensitive or personal files to those services. In particular, avoid installing programs on your PC which synchronize with cloud storages (like the “Dropbox” plugin), or, worse, open up your computer for remote access from anywhere (like “TeamViewer”). Do not use peer-to-peer applications that export the contents of certain local folders onto the Internet. Finally, do not register your CERN account and password with external cloud services (e.g. Google mail). You have committed to protect your CERN password against disclosure…

Also recall that CERN is a cloud service provider, too. Your CERN mailbox is available, too, from the Internet as well as your files stored on DFS or on AFS. Remote log-in is possible through the LXPLUS cluster or the CERN Windows terminal service. So why not use a service which you can trust? Check the different means to connect to CERN from the Internet here.

If you have questions, suggestions or comments, please contact Computer.Security@cern.ch or visit us at http://cern.ch/security.

by Computer Security Team