Cyber security Consideration in the Cloud : Mega vs Dropbox

Cybersecurity

Cybersecurity Consideration in the Cloud

Cybersecurity is the protection of internet-connected systems, including hardware, software and data, from cyberattacks.

In a computing context, security comprises cybersecurity and physical security — both are used by enterprises to protect against unauthorized access to data centers and other computerized systems. Information security, which is designed to maintain the confidentiality, integrity and availability of data, is a subset of cybersecurity.

Mega vs Dropbox, If history is something to learn from, then we know there is not enough cybersecurity to protect us 100% against security breaches or DDoS attacks. When we purchase cloud services, the concerns of doubles or triples, as we have to rely on third-party providers to offer us data safety with seamless access.

 

Cybersecurity

 

 

The Cybersecurity of Dropbox

 

Dropbox came as a revelation in the cloud service department, but few things changed over the years. The security system employed by the cloud service relies on communication protection based on the SSL protocol and encrypts the data in the servers with the AES-256.

The main reason for concern when it comes to Dropbox is still keeping the private encryption keys to all users’ accounts. Moreover, the company can access and decrypt users’ passwords, even if the system offers password encryption.

Dropbox complies with the SAFE Port Act and insists on the fact that Dropbox staff can only access users’ passwords and accounts just under exceptional conditions.

 

Dropbox’s reasons for cybersecurity concern do not stop here. You have to be aware of the following issues:

 

  • Dropbox receives your registration password (albeit sent through a TLS connection) without the password going through a hash function for instance; in other words, the servers have a clear view of your written passwords; the danger is that some can intercept this exchange of information.
  • Dropbox uses advanced programming to deal with de-duplication, but cross-user de-duplication can represent a breach in the safety of an account, allowing third-party access; lately, Dropbox updated its protocols, allowing the de-duplication only of single-user files, which enhances the security overall.
  • The file sharing in Dropbox relies on links. Individuals and businesses using the free accounts of Dropbox cannot protect these sharing links with a password or anything else.

 

Dropbox is no stranger of foul play, as Dropbox’s two significant past outages a few years back seem to have been the results of hackers and DDoS attacks.

 

Dropbox

 

 

The Cybersecurity of Mega

 

The web-based cloud service (similar to Google Drive) offers compatible versions for mobile phone users, desktop synchronization, and an API enabling the creation of non-official clients.

For its web connections, Mega uses TLS 1.2, and the AES-256 encryption in CBC mode, but the topic where Mega shines in the cybersecurity department is the privacy by design concept – Mega includes privacy and security in its design.

 

  • Mega does encrypt passwords and files when in rest and transit;
  • It also offers users the possibility to set up their encryption keys, which they control; in other words, in comparison to Dropbox, Mega’s employees have no access whatsoever to users’ passwords or accounts; these keys derived from the password the user enters in the registration process and go through JavaScript code to generate the values;
  • Mega makes third-party interventions and attacks almost impossible, as only Mega can decrypt the TLS keys that the clients have generated;
  • The user can recover the uploaded files from anywhere;
  • While there is little information on Mega’s de-duplication policy, experts deduce that Mega uses client-side single-user deduplication at a file level. Specialists received confirmation that Mega employs server-side cross-user file deduplication, once the files went through the encryption process;
  • The files receive encryption on the client’s side by using generated128-AES randomly;
  • You have three options for securely sharing your files: a link with the key, a link without the key, and direct sharing with a contact; if you share the link with the key, make sure the information does not fall in the wrong hands.

 

One of the main concerns regarding Mega’s security protocols is the use of JavaScript, as it rises controversy when it comes to cryptographic functionality. As its comparison to Dropbox, Mega does not offer compatibility or integration with personal password management systems.

 

 

Protocols

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 

 


Show Buttons
Hide Buttons