Files Aren’t Properly Encrypted on Cloud Storage Services

   

Great news! Will Schmidt, Tech Cocktail senior writer, has disscussed Cloudifile Mac beta version launch in his new article.

 

According to the team at Cloud Labs Kft, trusted big name brands have left many people vulnerable with their lack of strong encryption practices. Existing cloud storage platforms either store user information without any encryption, or they store account logins, passwords, and encryption keys for data right on their own servers.
It bothered the team so much so that they went out and built their own solution in Cloudifile, which was recently launched into beta for iOS. The platform they built automatically encrypts data for secure cloud-sharing and local file storage.
Currently, the company works to secure both local computer and Dropbox files. With Cloudifile users don’t need to double save their files, they only pick which files they want encrypted and it will automatically be sent to DropBox.

“Many people think that cloud storage platforms are using secure encryption methods but it’s simply not the case,” says Dennis Turpitka founder and CEO of Cloud Labs Kft. “We aren’t asking people to stop using Dropbox, we believe it’s a great solution. We feel it’s important to remind people that their files are not properly encrypted on cloud based storage services. By downloading Cloudifile and saving their files using our high-standard encryption methods their files will be truly secure.”

As Turpitka says, services like Dropbox are storing all users important information in their data centers, this means that if someone hacks into their system criminals will have the data and files of 300 million people at their fingertips. In 2014 alone, more than 7 million Dropbox usernames and passwords were reported to be compromised.
Cloudifile employs zero-knowledge security principles to ensure that they’re completely secure. Even if the platform were to be hacked, the users would not be affected because logins and passwords aren’t stored anywhere.

“Existing solutions for data protection are sophisticated and not consumer friendly, and with them users have to manually change the location of their sensitive data and move it to the cloud storage,” says Turpitka. “There are not any tools that could combine the advantages of the modern cloud solutions with the security of big enterprise software. And this is why Cloudifile is so important for Dropbox users.”

 

 Visit www.cloudifile.com to download Cloudifile for FREE!

 

Cloudifile Launches Mac OS Beta

For Dropbox And Local File Encryption

Budapest, Hungary - May 18, 2014 - Cloud Labs Kft announces that Cloudifile, its free cloud file encryption client software, launches a Mac OS Beta today.

Cloudifile automatically encrypts data for secure cloud-sharing and local file storage. Currently, the company works to secure both local computer and Dropbox files. With Cloudifile users don’t need to double save their files, they merely have to pick which files they want encrypted and it will automatically be sent to Dropbox.

Trusted big name brands have left many people vulnerable with their lack of strong encryption practices. Existing cloud storage platforms either store user information without any encryption, or they use pointless security methods by storing account logins, account passwords, and encryption keys for data right on their own servers. Services like Dropbox are storing all users important information in their data centers, this means that if someone hacks into their system criminals will have the data and files of 300 million people at their fingertips. In 2014 alone, more than 7 million Dropbox usernames and passwords were reported to be compromised.

By applying  Zero-knowledge security principles, Cloudifile is completely secure. Even if Cloudifile were to be hacked, its users will not be affected at all because user logins and passwords are not stored anywhere. With Cloudifile user encryption keys stay protected on their own computers, thus even Cloudifile couldn’t access its user’s files. Keeping user data online and transmitting it between devices is not a secure method, thus Cloudifile provides a free zero-knowledge security layer for Dropbox.

Existing solutions for data protection are sophisticated and not consumer-friendly, and with them users have to manually change the location of their sensitive data and move it to the cloud storage.There are not any tool that could combine the advantages of the modern cloud solutions with the security of big enterprise software. And this is why Cloudifile is so important for Dropbox users.

“Many people think that cloud storage platforms are using secure encryption methods but it’s simply not the case,” said Dennis Turpitka founder and CEO of Cloud Labs Kft. “We aren't asking people to stop using Dropbox, we believe it’s a great solution - we feel it’s important to remind people that their files are not properly encrypted on cloud based storage services. By downloading Cloudifile and saving their files using our high-standard encryption methods their files will be truly secure.”

About Cloud Labs Kft:

Cloud Labs Kft launched Cloudifile in November 2014. Cloudifile is a powerful cloud encryption tool that adds a proven security level to Dropbox improving its simplicity and efficiency at the same time. It transparently encrypts user data kept in the cloud, providing transparent access and synchronization from any computer. 

To learn more details and download FREE version, visit www.cloudifile.com!

Users of File Sharing Apps Continue to Expose Valuable Private Data, Including Tax Returns

Intralinks recently has published a new article, saying that it was still (almost 18 months after first making the issue known to Dropbox) receiving links to information that Dropbox users clearly did not intend to fall into unauthorised hands.

About a year ago, Intralinks revealed that it had uncovered a security issue with many consumer file sync and share applications that, due to how they were being deployed, put users’ sensitive personal information at serious risk. One year later, we’ve found that similar issues continue to persist, raising significant concerns about how these products are being used.

Background

Like many companies, Intralinks advertises using Google Adwords, and often uses industry product or company names to determine when an ad is presented alongside a search. In 2014, when using Google Analytics to review the results of some campaigns, we inadvertently discovered the fully clickable URLs necessary to access documents in some Dropbox and Box accounts. Subsequently, we found other issues with file sharing apps, and reported our concerns to the affected companies so they could take any necessary action.

However, it’s clear that many users still don’t understand the security issues they face when sharing personal or sensitive information. Many users likely presume the data they store in file sharing apps — which may be personal data and, in some cases, may include their employers’ data — is always safe, when often it isn’t.

As a result, when we analyzed a Google Adwords campaign we ran last month, we once again found active
links to user files that could be downloaded. And, the truly scary thing is the types of files we found: in one case, we even inadvertently discovered a completed U.S. tax return that contained extensive personal and financial information, potentially sufficient to enable identity theft.

Who’s At Risk?

To be clear, we gained access to files because users of file sharing applications often don’t take steps to safeguard their data. Most file sharing apps explain how shared links can be used. Nevertheless, many users clearly don’t know or perhaps don’t understand that even if they don’t actively share a link to a file, an unsecured link could still be uncovered and their files could be accessed. With estimates of well over 400 million users of consumer file sharing apps, this is a significant issue.

Conceivably, all file sharing apps could potentially be vulnerable to this issue. Many people don’t use basic security features, like setting passwords. To compound the problem, many people use consumer file sharing apps for both personal data and company data, with no or insufficient security in place.

Even with warnings about these risks, it appears that a number of users of file sharing apps remain unaware that some free products come at a price: they don’t provide the necessary features to secure files adequately. We believe that using a file sharing app that doesn’t support robust security like authentication and password protection is, simply put, very risky.

How To Protect Your Data

Users of file sharing applications need to take more care with their data, and educate themselves about the risks. They also need to understand which products are safest to use. If you want to avoid putting your data at risk, here are steps you can take:

• Check that your cloud file sharing app supports privacy settings — and use them!
  Make sure that the product you use supports “privacy” settings that ensure that only people you specifically invite will be able to access your files. The system should support authentication, requiring users to identify themselves to gain access to your files. These security features should be part of the platform you use, not an “add on” you need to integrate. If possible, make the default setting for your account the most secure setting.
• Avoid file sharing apps that don’t support data privacy and security
  If your current file sharing service doesn’t support privacy and security settings, switch to a version or alternate product that does. Adequate security doesn’t have to mean the product will be clunky to use or expensive. And losing your files can be embarrassing, costly, and potentially damaging. (We know because we found some truly hair-raising files.)
• Sharing pictures of your cute cat is different from sharing your tax return
  Many consumer file sharing apps are great for storing certain types of data in the cloud and for sharing non-sensitive pictures and files. But sharing sensitive data isn’t safe unless you’ve taken the right precautions. Think about how you share different types of information and make sure that your security settings match the sensitivity of your information. If you share especially sensitive data, such as financial information, then consider advanced security features like information rights management that provide full control of files and how they are accessed, even after you’ve shared them.
• Delete old files that you don’t need anymore
  Get into the habit of deleting files once they’re no longer needed, especially if you have shared them with others. If you’ve been using a file sharing app without security enabled, we recommend deleting all of your previously posted files and reposting them to a new account that has security enabled.
• Don’t mix work and pleasure
  Mixing work and personal files in a single account is, quite simply, a bad idea. Losing your personal data is serious enough, but losing company data can have severe consequences: lost reputation, reprimands and other professional consequences, regulatory and legal issues and even fines.