Cyclical Storage Logic (Personal Data)
-
@BRRABill said:
@Dashrender said:
Was there more to this than the system showing the password reminder on screen? or people/celebs having easy to guess passwords?
I think it was a combination of weak passwords and Apple security flaw.
People kept claiming that, but it was found to be nothing but people trying to discredit Apple. There was no vulnerability found nor any reason to believe that there was one once they tracked down what had happened.
-
@BRRABill said:
Granted, it is probably magnitudes higher security in general than a home user's PC, but just gives an example of what I mean.
Though I would agree it's probably safe to say there is less of a risk of exposure (no pun intended) with MS or Apple or Google than on my uncle's home PC.
Actually it is a GREAT example of.... why cloud is secure. Because to discredit it people actually have to use examples where the platform wasn't at fault in any way. You are correct, it is far more secure than the alternatives. Far more. Not just more secure, but with a flawless track record (in this area.) People work hard to make up reasons why it is insecure but they are, thus far, all misdirection.
-
@BRRABill said:
- Risk. You are moving to relying on your backups (basically assuming that they will be used) rather than using them as a last resort. You are making one half of your data protection strategy have basically no protection. So your backups go from "nice to have" to "absolutely critical all of the time."
How so? Because the probability of loss with a MS cloud solution is much smaller than the risk on my own personal PC? (Hard drive loss, theft, etc.?)
Correct. In one case you know that your local store WILL fail and will fail soon. Your uncle's PC doesn't even have RAID nor is stored in a carefully controlled datacenter. It is more likely to fail by system design, by use cases, by security, etc. Orders of magnitude more risky in each way.
Basically the risk looks like this:
Chances that your uncle's totally fragile home system will fail in the next 20 years: 99.9999%
Chances that Microsoft's backup system will NOT fail in the next 20 years: 99.999%Notice those are INVERSE numbers. Basically, you can be certain that your uncle's system will fail and require going to backup. And basically you can assume that Microsoft's system will not fail and not need to go to backup. Both are nearly certain. That doesn't mean that you don't take backups, it just means in one case you are designed to rely on them and in the other they are truly a disaster scenario thing.
-
@BRRABill said:
- Ease of Use. Dealing with physical file storage is a thing of the past for consumers, why make their computing environment so unnecessarily complicated?
I think this is a push. Hitting save and having it go to the Document folder is pretty easy. Having to download a program, make sure it works (I've had to re-install ODfP a few times, myself) and knowing to navigate to that location seems to have more steps.
Not with end user apps. Nearly any modern app for end users, like MS Office is cloud native and local storage is far harder to use than just "saving in the app" which goes directly to the cloud. ODfB doesn't even need to be installed to store to it. Word, for example, goes there automatically.
-
@BRRABill said:
- Security. End user devices are insecure both technically and physically. They are the highest risk data leakage points. Put nothing on them and there is nothing to steal beyond the physical box. Store stuff there and they become worth more to thieves and more painful to the user to lose.
How does having it in thee cloud make it more secure? Take OneDrive for example. It downloads all the files to my local machine. Does it allow you to wipe the data in the event of a theft? (This is a real question ... I have no idea. Does changing the passowrd prevent access to the locally synced files on your PC?)
So your example of how hosted services are less secure is when you copy them locally? I think that alone explains just how secure it is, that your concern is that sometimes people might not stick to it.
Don't mix concepts like "storing with a host" with "syncing hosted files locally." Two different things. Just because you are choosing a product that syncs rather than stores it is making this confusing. Use S3 or Amazon Cloud Drive and there is no local sync and you are much more secure.
-
@BRRABill said:
- Restoreability. ALL of your discussions around recovering end user desktops exists solely because of the storage of data there. Fix that and you get cascade of fixes in other area.
Agreed, but not sure how it is any better (restorabilty wise) than to just send all the data to CrashPlan, and restore that way.
Do you need to restore at all? Yes, then it is more work because most of us can move from machine to machine without needing to restore. The very fact that you need to restore, ever, means it is dramatically more work. So much more work.
-
@scottalanmiller said:
So your example of how hosted services are less secure is when you copy them locally? I think that alone explains just how secure it is, that your concern is that sometimes people might not stick to it.
Don't mix concepts like "storing with a host" with "syncing hosted files locally." Two different things. Just because you are choosing a product that syncs rather than stores it is making this confusing. Use S3 or Amazon Cloud Drive and there is no local sync and you are much more secure.
No, I just think having the files stored locally is something user want, especially for the times you are out of Wifi range. I want this. (Though there are times when I don't want it, especially in low storage scenarios.)
Are you saying you store NO local data on your endpoints? None?
-
@BRRABill said:
Are you saying you store NO local data on your endpoints? None?
It you want to be secure, of course not. Even the most non-technical end users cannot just hope for a panacea and make no decisions and take no responsibility for decisions. They HAVE to choose what matters to them. Security, recoverability, cost, ease of use.... no one gets everything. No one. There is no single answer. There never will be.
For the average end user, you don't work out of network range. That's a business need or special case.
Don't let special cases drive the needs of the masses.
-
BTW: do you know what does happen to locaally synced OD or ODfB data if you change the password?
I know with, say, Exchange you can remotely wipe the data or device.
My answer for my own system (and which I'll get to later today in yet another thread) is a SSD with encryption. If my laptop gets stolen, it's 0 worry to me.
-
@BRRABill said:
My answer for my own system (and which I'll get to later today in yet another thread) is a SSD with encryption. If my laptop gets stolen, it's 0 worry to me.
Not really end user viable there. End users cannot handle extra layers of security like that.
-
@BRRABill said:
BTW: do you know what does happen to locaally synced OD or ODfB data if you change the password?
It's just local on the drive. It's part of NTFS. Acts like any other file. It is SYNCED.
-
@scottalanmiller said:
Not really end user viable there. End users cannot handle extra layers of security like that.
It is no extra work when set up.
The program I use (Embassy Security Center) uses the same password they log into Windows with. (Assuming they use a password, which of course everyone should be educated to do.)
The computers boots to a password screen, they enter their password, and it automatically logs them into Windows. If you change your Windows password, it syncs with the encryption password.
No extra work.
-
@scottalanmiller said:
It is SYNCED.
So is my Exchnage Online data but I can wipe that if my iPhone gets stolen.
-
@BRRABill said:
@scottalanmiller said:
Not really end user viable there. End users cannot handle extra layers of security like that.
It is no extra work when set up.
The program I use (Embassy Security Center) uses the same password they log into Windows with. (Assuming they use a password, which of course everyone should be educated to do.)
The computers boots to a password screen, they enter their password, and it automatically logs them into Windows. If you change your Windows password, it syncs with the encryption password.
No extra work.
So if they are logged in.... their data is gone. How much does that protect? Would help protect if my stuff is in my luggage and that gets stolen. But not going to protect if it gets swiped from a table at the cafe.
-
@BRRABill said:
@scottalanmiller said:
It is SYNCED.
So is my Exchnage Online data but I can wipe that if my iPhone gets stolen.
That's not exactly synced, not in the same way. It is synced to the device, yes, but not to the file system. It is held inside of the application. And you can only wipe it if the iPhone comes online - which is not how a good thief would use it. If their goal is your data, you don't have any extra protection there.
-
@scottalanmiller said:
So if they are logged in.... their data is gone. How much does that protect? Would help protect if my stuff is in my luggage and that gets stolen. But not going to protect if it gets swiped from a table at the cafe.
If your stuff is in your luggage, I am assuming it would be hibernated or at sleep? It requires a logon after any event such as that.
If it gets swiped from a table at a cafe, and they leave it on forever, then yes, your data would be compromised. But the second they stop using it or the computer gets locked, they are out of luck. You always ask me about scenarios. Under what scenario would you leave a laptop unattended in a public place? Or do you mean just straight run and swipe? What is the probability of that?
-
@scottalanmiller said:
That's not exactly synced, not in the same way. It is synced to the device, yes, but not to the file system. It is held inside of the application. And you can only wipe it if the iPhone comes online - which is not how a good thief would use it. If their goal is your data, you don't have any extra protection there.
And how is said thief going to get into my iPhone, assuming I have a password on it?
-
@BRRABill said:
If it gets swiped from a table at a cafe, and they leave it on forever, then yes, your data would be compromised. But the second they stop using it or the computer gets locked, they are out of luck. You always ask me about scenarios. Under what scenario would you leave a laptop unattended in a public place? Or do you mean just straight run and swipe? What is the probability of that?
Well we aren't talking about me, I don't store anything on my laptop. We are talking about average end users, right? Things that we can pretty much assume about end users:
- They will exert exactly zero effort to secure their data.
- They will not log out of their machines, even when they are asleep.
- They will not watch their stuff carefully while at the cafe.
- They will remain logged on for forever.
-
@BRRABill said:
And how is said thief going to get into my iPhone, assuming I have a password on it?
Same way they do on your laptop... pull the drive and slave it elsewhere.
-
@BRRABill said:
@scottalanmiller said:
That's not exactly synced, not in the same way. It is synced to the device, yes, but not to the file system. It is held inside of the application. And you can only wipe it if the iPhone comes online - which is not how a good thief would use it. If their goal is your data, you don't have any extra protection there.
And how is said thief going to get into my iPhone, assuming I have a password on it?
This assumption that you state here makes encryption and wiping pointless, right? The idea of encrypting and wiping data is purely because the assumption is that the OS can't protect you. If the OS or device were usefully safe, encryption and wiping would have no reason to exist. It is because we know that they can bypass those mechanisms if they want pretty easily that we go further and start to add additional protection to the data itself.