Yes - Because they can provide encryption.
No - Because,we have to trust them (bad) and we have no visibility.
The linked article has some good thoughts.
SNIPPETS from the Article:-
Server-side (Cloud) security requires trying to defend everywhere user data is stored: every disk, every server, every link, every router, and every database. Security is only as good as the weakest link, so it only takes one tiny mistake, vulnerability or mishandling for there to be a data breach; the Snapchat hack earlier this year is an example of what can happen.
Client-side encryption is just like putting data in a tamper-proof box: The contents will remain protected regardless of who handles it, how the box is transported or where it is stored. The data is protected anywhere, everywhere and remains individually encrypted until the user with the key unlocks it.
It’s also important to emphasize document-level encryption, because if a person sends a file of multiple documents and there’s only one layer of client-side encryption, someone may still be able to break the cipher. Think of it as locking every room in the house rather than merely the front door. Document-level encryption and client-side key management gives users both security and privacy.
The links below has more information:
No comments:
Post a Comment