It’s great that more folks are backing up their files using cloud-based services like Dropbox. While hacker and virus writers get all the headlines, I think hardware failure is really the biggest risk most consumers face. Cloud services have become such a part of the way we live, however, that we’ve gotten a little too casual about it. That’s how tax returns end up lying around in public places for all to see. You’ve set your computer to back things up automagically, and you’ve also shared some cute cat photos with friends, and all that gets conflated so anyone can Google your tax returns.
So today’s short story is this: Stop right now and think — where are the digital copies of the tax returns you filed last week? And by that, I mean all the copies. Have they been vacuumed up by some cloud service? If they have, are they at least password protected? Are you sure about that? Maybe you’d be better off printing copies and putting them in a strongbox. While there’s merit to having copies on your computer, don’t forget that any hacker who breaks into your machine from now until the end of time will almost certainly search for “1040” a moment later; it’s easy to find old tax returns on a computer. Store them there at your own risk.
This is not a drill. Graham Cluley at his excellent blog, points out that file-sharing service Intralinks was able to find a tax return on the Dropbox service this week using a trick that had been revealed more than one year ago. You could certainly call it user error. Someone had used Dropnox to share files and then placed a tax return in their cloud space, which could be found using search engines. There’s a few more details about how it works, which you can slog through if you like. (NOTE: Intralinks makes clear that this kind of vulnerability could apply to any file sharing service.)
What should you do? Cluley says it’s important to use the privacy settings that cloud services provide. Unfortunately, free Dropbox users have fewer options that consumers who pay for the upgraded product.
“If you use the free version of Dropbox, you should not use the Share Link facility as it could be leaked to a third party,” Cluley warns.
Intralinks also recommends getting into the habit of deleting old data you don’t need any more from cloud services. And here’s the best piece of advice:
“Don’t mix work and pleasure. Mixing work and personal files in a single account is, quite simply, a bad idea. Losing your personal data is serious enough, but losing company data can have severe consequences: lost reputation, reprimands and other professional consequences, regulatory and legal issues and even fines,” the firm says.
And remember, ”work” includes critical information like your tax returns. The cloud is great, but like all technology, it has a dark side, and must be used thoughtfully. Particularly at tax time.