Editing note: This blog post was first published in August 2015 and updated in September 2016. The concern about hackers is always present but there have been no major data breaches reported for any of these covered services since the date of original publication of the blog post. Meanwhile, data security technology has evolved rapidly over the past year according to many credible commenters. As a result, the consensus published opinion now is that none of these hosted services pose any data security risk for consumers or small businesses other than the background level of risk that is always present in all environments.
Should you be worried about the level of security of your cloud storage provider? How does remote data security compare with local data security for a typical? Here is a pretty good article by Davey Winder at Alphr.com (despite the glaring grammatical error in the article subtitle) published on 7/31/2015 discussing the popular choices. I learned a few things. The short answer is that there have been no problems with these services except those caused or triggered by user error.
Apparently government-backed hackers (NSA and its Chinese,Iranian, North Korean and Russian counterparts) remain the highest level of risk for all types of data systems. I commented on that issue here in a post that confirms the difficulties faced by all data services. The Wall Street Journal published an update on cyber warfare on September 22, 2016 acknowledging the problem but offering no information. We accept this as an uncontrollable background factor in this analysis that potentially affects all electronic data equally. In other words, this doesn’t seem to be an issue affecting only the consumer data services but rather an issue that affects all types of digital data stored or transmitted electronically.
The take home lesson is that a combination of local file encryption (I use built-in HP encryption) used in conjunction with these remote server services is the most reasonable approach to high level security for most of us. However, there is no factual basis to avoid using these services for data security reasons.