Skip to main content

One Step Ahead: Using Cloud Storage Services Securely

One Step Ahead logo

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy

With many of us working from home, cloud storage plays a vital role in helping us work more efficiently when we are physically away from campus.

Cloud storage stores digital data online, using a cloud service provider’s computing infrastructure. Cloud services offer an easy method to store, sync, and share files at low cost. Some well-known cloud services include Box, Google Drive, Microsoft OneDrive, Amazon Drive, Apple iCloud,  Dropbox, and Amazon Web Services.

With any cloud service you use, it is critical to pay attention to the level of security that service provides. Before considering a cloud service for housing University data:

  1. Use a University- or School-recommended cloud service. If you have questions about which services are available to you contact your local computing support.
  2. Follow University guidelines on the type of data you can safely store with these cloud services based on Penn Data Risk Classification.
  3. Select a strong password with letters, numbers, and symbols. Avoid re-using the same password over multiple platforms.
  4. For your personal use, choose a cloud platform offering two-factor authentication, and secure encryption for at-rest data, and data in transit to/from your device. Penn+Box (a Penn-specific branding of Box) and Amazon Web Services are platforms you can access using your PennKey and Penn Two-Step Verification.

Special Note: Be on the lookout for phishing scams related to cloud services. These scams may send deceptive, unsolicited email or text messages that appear as if they originated from a cloud service provider, one of your contacts, or one of Penn’s departments—but in fact carry a malicious attachment or a link. If you suspect an email is a scam, report it to your School or Center computing support staff.

References

Use of Penn+Box and Amazon Web Services at https://www.isc.upenn.edu/security/data-box-amazon
Penn Data Risk Classification at https://www.isc.upenn.edu/security/data-classification

Back to Top