With the massive transition to cloud technologies as services that allow storing information in virtual systems, the threat of network disruptions is fraught with data leakages. This problem poses crucial security risks to personal and corporate data and requires adequate measures to protect digital content from intruders or inexperienced users. Cyberattacks, hardware problems, and malware are the common causes of data leakages. To avoid these challenges, relevant information security solutions have been considered, in particular, timely vulnerability assessments, the implementation of cryptographic algorithms, and control over user access. These measures are necessary to ensure comprehensive data security in cloud storage and avoid leakages.
Cloud technologies have closely entered the life of modern Internet users and are utilized not only for personal needs but also as irreplaceable data storage systems in large companies. However, despite the benefits, convenience, and functionality of such virtual platforms, cloud technologies come with potential risks. One of these threats is the leakage of data stored in the clouds, which, in turn, is fraught with severe problems for the security of personal and corporate information. This work aims to substantiate the relevance of the leakage problem in the modern digital sphere, highlight the main causes and factors that entail a security risk, as well as assess useful solutions to apply to address the threat. The identification of the most vulnerable information, the implementation of effective cryptographic algorithms, and the adequate and transparent application of cloud technology are seen as the most effective mechanisms to avoid the threat of cloud data leakages.
Relevance of the Issue
Failure to ensure the adequate security of data stored in clouds can lead to the leakage of valuable information, which, in turn, is fraught with not only financial but also personal threats. According to Kajiyama et al. (2017), in light of the increasing incidence of user data theft, privacy is no longer a guarantee. Moreover, information can be of practical value not only for one individual but also for various organizations or official boards. This increases the level of problems and may lead to colossal losses. As Tang et al. (2016) state, data leakages can affect political, medical, and financial privacies, and in all cases, those responsible are held accountable to the fullest extent for not protecting crucial information comprehensively. Cloud service providers offer basic settings and security options that may be ineffective against advanced hacker algorithms or software designed to attack vulnerable systems. As a result, addressing data leakage is a relevant issue from both a user and corporate perspective to avoid the severe problems and threat of losing any privacy.
Causes of Cloud Data Leakage
Cloud data leakage can occur for a number of reasons, which are usually associated with insufficient storage security. One of the causes is cyberattacks that, as Subramanian and Jeyaraj (2018) note, are often targeted and aimed at stealing sensitive information hosted in a vulnerable cloud. These attacks pose a threat to privacy and are often carried out to obtain data that have financial or practical value.
Another potential cause of data leakage from the cloud is malicious software that enters the network and serves as a tool to intercept the information. According to Gupta et al. (2019), some malicious entities can infect the system both locally and spread throughout the entire data transmission chain, including clients’ and providers’ digital resources. Therefore, an insufficiently protected system with weak firewalls is vulnerable and can be exposed to viruses and other malicious programs.
The physical threat leading to data loss lies in improperly or insufficiently securely connected hardware, which, in turn, poses risks to user information. Subramanian and Jeyaraj (2018) emphasize the importance of adhering to international standards when placing appropriate equipment and remark that any external threats, for instance, power failure, may cause complete or partial data loss. All the aforementioned reasons are crucial aspects to address to prevent information leakage and ensure the security of digital resources in cloud storage.
Solutions to Prevent Cloud Data Leakage
Identifying the Most Vulnerable Information
While this may be unnecessary to enforce the highest level of security everywhere at the enterprise level, companies need to secure their sensitive data. Otherwise, they run the risk of losing their intellectual property and, as a result, imposing regulatory fines. For this reason, first of all, this is crucial to determine which information is subject to protection. A comprehensive solution that can discover and protect sensitive data on a specific network, on endpoints, and in the cloud is the involvement of a third-party auditor (TPA) scheme. According to Yadav et al. (2018), this algorithm serves as a valuable framework to detect attacks and prevent data leakages. Moreover, such a solution will provide the required level of flexibility and mobility for the organization.
Modern Cryptographic Algorithms
Comprehensive file-level encryption should be the backbone of all cloud security measures. At the same time, although cloud providers encrypt data from third parties, they still have access to the keys for a specific network. For maximum protection, cloud system developers should implement modern cryptographic solutions with private keys and apply them before uploading data to the cloud. Yan et al. (2017) consider different types of cryptographic algorithms that are designed to provide direct customer access to personal or corporate content and remark that an opportunity to use unique codes minimizes the risks of leakage. In this case, privacy is comprehensively protected since this is impossible to randomly select an individual key.
Transparent Use of Cloud Data Systems
Even if the network has a corporate cloud security strategy, individual users can utilize data as they see fit, which carries risks of leakage due to errors in information management or the threat of being attacked by malware. Shadow use is fraught not only with access to new or unauthorized services from known endpoints but also with the loss of individual keys, which can lead to data theft. Since the cloud service can be accessed from any internet-connected device, uncontrolled personal technology creates a gap in any security strategy. In this regard, Han et al. (2020) suggest paying attention to the CloudDLP approach that involves the preprocessing of any digital content by special browser-based programs “to automatically sanitize sensitive data in images and documents” (p. 68449). This solution can help preserve the functionality of cloud systems while ensuring the security and transparency of all operations.
Cloud data leakage is a severe information security risk at the personal and corporate level, and to address the issue, identifying vulnerable information, implementing cryptographic tools, and ensuring transparent usage are valuable solutions. The urgency of the problem is due to the threats to intellectual property, financial losses, and privacy risks. Data leakages may be caused by the inappropriate use of cloud services, in particular, the ingress of malicious software into the system, cyberattacks, and physical threats (improper hardware maintenance).
Gupta, I., Singh, N., & Singh, A. K. (2019). Layer-based privacy and security architecture for cloud data sharing. Journal of Communications Software and Systems, 15(2), 173-185. Web.
Han, P., Liu, C., Cao, J., Duan, S., Pan, H., Cao, Z., & Fang, B. (2020). CloudDLP: Transparent and scalable data sanitization for browser-based cloud storage. IEEE Access, 8, 68449-68459. Web.
Kajiyama, T., Jennex, M., & Addo, T. (2017). To cloud or not to cloud: How risks and threats are affecting cloud adoption decisions. Information & Computer Security, 25(5), 634-659. Web.
Subramanian, N., & Jeyaraj, A. (2018). Recent security challenges in cloud computing. Computers & Electrical Engineering, 71, 28-42. Web.
Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., & Buyya, R. (2016). Ensuring security and privacy preservation for cloud data services. ACM Computing Surveys (CSUR), 49(1), 1-39. Web.
Yadav, A. K., Bharti, R. K., & Raw, R. S. (2018). Security solution to prevent data leakage over multitenant cloud infrastructure. International Journal of Pure and Applied Mathematics, 118(7), 269-276.
Yan, Z., Deng, R. H., & Varadharajan, V. (2017). Cryptography and data security in cloud computing. Information Sciences, 387, 53-55.