Cloud storage has become a part of everyday life. We no longer store all our data on local hard drives and servers. We’ve recognized that fire, theft, malfunction, or disaster could easily wipe out everything we store this way.
We’ve also realized what a pain it is when you can’t access a file while you’re at work or on the road because the only place it’s stored is on your home computer.
So we’ve migrated our data storage to the cloud, where we trust big companies like Amazon, Google, and Microsoft to keep copies of it. They use servers in multiple locations to provide data redundancy, to protect against the same losses we worried about with local storage. And they make our files available to us anywhere, anytime, in exchange for our login credentials and perhaps $20 per terabyte of storage space per month.
Few of us have considered that there might be an even better way. But blockchain-based cloud storage innovators have.
Cloud Storage Challenges Blockchain Can Help Solve
Anyone with a healthy skepticism of trusting their sensitive files to a third party can guess what the first challenge of cloud storage is: security. Popular cloud storage services such as Dropbox, Amazon Drive, Google Drive, Microsoft OneDrive, IBM Cloud, and others do their best to provide top-notch security to their customers, who include individuals, businesses, and government agencies.
As an example, consider some of Dropbox’s security measures: users can track changes to files and folders (including sharing and deletion) as well as receive notifications about those changes. Users also have the ability to see all the devices signed into their Dropbox account and see all the apps connected to it. They can remotely cut off access to anything that seems fishy and report unauthorized access. Two-factor authentication and recovery keys are a given. Customer data is split into blocks and encrypted both in transit and in storage, and user metadata is stored separately from users’ files. Further, the company’s bug bounty program pays people who report security flaws to help keep the service secure.
So what’s the problem? We’ve identified several.
- Governments and law enforcement agencies from all over the world sometimes seek access to users’ files. Laws do not always permit cloud storage providers to disclose information about these requests to the public or even to the user whose data has been requested.
- Even though cloud storage providers may promise to be as transparent as possible with their customers about such requests—and to resist requests that are not legally and procedurally valid—the law may at least partially tie the company’s hands. For example, from July 2018 to December 2018, Dropbox states that it “produced some information in 74.4% of legal requests” from law enforcement, which issued more than 1,000 requests over that time.
- Even after a user deletes their account, the cloud storage provider may retain the user’s data, including backups, for 30 days or longer.
- If a third-party cloud storage provider is sold to another company, that new company may automatically get users’ data without the user’s active permission.
- The company itself has the power to decrypt and view users’ files. While few company employees may be granted access rights to customer data, there’s no guarantee they won’t abuse that privilege or make a mistake that exposes customer data.
- Cloud storage customers’ personal information may be shared with “trusted third parties,” typically other companies that are involved in some aspect of providing the cloud storage services. These companies might provide customer service, technical support, and cloud services. This sharing removes another layer of privacy.
- While unlikely, there is no guarantee that encryption keys to customers’ data could not be stolen.
- Merely signing up for an account means the user must provide personally-identifying information: name, email address, billing address, and payment card information. Creating a pseudo-identity to protect one’s identity is possible, but requires several extra steps.
- Cloud storage providers track users’ account usage, IP addresses, browsers, and devices. This information can increase security by helping users track who has accessed their account and altered their files. It can help the company improve its services, too. But it can also be breached or turned over to law enforcement—possibilities that don’t exactly benefit customers.
Decentralized Clouds: The Future of Data Storage?
Decentralized cloud storage is now possible with the advent of a new protocol for the distributed web named the IPFS (InterPlanetary File System). Its goal is to compete with the current HTTP protocol we now use for the internet, which was supposed to be a decentralized network itself, but over time has been co-opted by global, centralized networks, gatekeepers, and toll collectors. This is all about to change, particularly in the cloud storage space.
Blockchain-enabled decentralized cloud storage eliminates the need for users to rely on a central authority to maintain their data, thus helping to eliminate the risks of large scale data breaches we have witnessed over the past few years, from Capital One to Yahoo, to Equifax. Blockchain-based distributed, cloud storage solutions eliminate the single attack vector hackers look for, a centralized honey pot of user’s personal non-public information.
The distributed nature of blockchain-based cloud storage means users may enjoy several advantages compared with traditional, centralized cloud storage.
Users’ files are split into numerous pieces, referred to as blocks, each block is encrypted, giving each block of data a unique hash, which is then distributing that data across multiple computers or “nodes” on the network, conceivably, all over the world, in a process called “sharding”. This arrangement provides greater privacy compared to a centralized cloud storage system subject to hackers trying to hack their way in and steal users information.
Personal, business and government users may enjoy better data privacy and security because of the way their files are uploaded and stored. Storj Labs cofounder John Quinn describes it as being “like blowing a handful of encrypted sand across a large, windswept encrypted beach…good luck finding the right grains of sand, much less putting them back together again.” He continues, “Storj’s network presents an unclear target, an unidentifiable attack surface, and unknown attack vectors. If you cannot identify the target, then you cannot hack the target.”
Users may experience increased speed when accessing their cloud-based data. Perhaps counterintuitively, it can be faster to reassemble and decrypt a file stored in tiny pieces in multiple locations than in a single location. Users may also experience decreased downtime and file loss because several copies of each file segment are stored on various nodes worldwide. Centralized cloud storage providers also employ data redundancy, of course, but data sometimes becomes lost or corrupted despite these measures.
Moreover, customers may be able to spend 50% to 90% less money to meet their storage needs. While cloud storage prices have remained flat over the last several years, hard drive storage prices have continued to go down. Decreased costs may be especially important to businesses with a large volume of data to store. And because decentralized cloud storage is in its early stages, it may become even cheaper in the future than it is today.
How It May Impact Employment
Distributed (blockchain-based) cloud storage creates opportunities for anyone with unused hard drive space and an extremely reliable network connection to earn passive income by serving as a storage node. This income may come in the form of network tokens such as the Storj coin, MaidSafe Coin, and Siacoin, which can be exchanged for other cryptocurrencies or US dollars.
As with all blockchain applications, programmers and others who understand the technology may enjoy increased demand for their services and the higher pay that often goes with it.
So far, platforms such as Sia, Filecoin, MaidSafe, Storj, and Tardigrade (the enterprise version of Storj) appear to be the leaders in blockchain-based cloud storage, and they all make intriguing promises. Because the technology is so new and has not yet become widely adopted, we may not fully understand all of its shortcomings. But the possibilities for major improvements over centralized cloud storage could revolutionize the way we store data.