Is my Cloud Storage safe?

Depends… Look into the End User License. Some of the danger comes from companies that have data centers outsourced. For example, if you pay for cloud storage and the actual hard drives it sits on reside in China where they have no copyright laws then your data could be pirated and sold to another company. Also, some cloud storage places stipulate that they own whatever you upload. There have actually been people sued over copyright infringement for using their own wedding photos after uploading them to the cloud. This was because they clicked “ok” and gave up rights to the pictures.

Always keep a local copy incase the cloud provider is hacked or goes out of business.

ISOs 27001 and 27002 provide standards for auditing and reporting the compliance level of the cloud environment. This can be used by a provider to show the customers how well they are securing their data. The cloud provides three main types of services: software as a service (SaaS), platform as a service (PaaS), and infrastructure as a service (IaaS) (SANS Institute, 2010).

Policy for security these cloud models must address protection of data, enforcement of privacy, network connections, and physical security at server location.  Some of the issues arise in not knowing where exactly your data resides in a public cloud. This makes it very difficult to determine who has jurisdiction and enforcement of laws (Cloud Standard Customer Council, 2012).

References

Cloud Standard Customer Council. (2012). Security.

DOE. (2015). Research Call To DOE/Federal Labs RC-CEDS-2015. Retrieved from DOE: http://www.netl.doe.gov/business/solicitations/details?title=5ed8702c-fda9-4e84-be1d-81f51c3cab44

OWASP. (2015). OWASP Internet of Things Top Ten Project. Retrieved from OWASP: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project

SANS Institute. (2010). Cloud Security and Compliance: A Primer. SANS Institute.