5 Types of Files You Should Never Store in the Cloud

Google Drive, Dropbox, OneDrive -- cloud storage has become an essential tool in everyday life. Access your files from anywhere, automatic backups, easy sharing. But behind this convenience lurk security risks that are easy to overlook.

Not every file belongs in the cloud. Certain types of files can pose serious security threats simply by being stored there. Here is what you need to watch out for, and how to share sensitive information safely instead.

1. Password and Credential Files

Why It Is Risky

Many people keep files named passwords.txt or accounts.xlsx in their cloud storage, containing login credentials for various services. This is essentially putting the keys to every account you own in a single, potentially vulnerable location.

Real-World Example

In 2014, roughly 7 million Dropbox credentials were leaked. Users who had stored password files in the cloud faced cascading compromises across multiple services.

Safer Alternatives

• Use a dedicated password manager (1Password, Bitwarden, etc.)
• When you need to temporarily share credentials, use a secret memo with an expiration time
• Never store credentials as plain text files anywhere

2. Financial Documents (Tax Returns, Bank Statements)

Why It Is Risky

Tax returns contain your social security number, income details, and bank account numbers all in one document. Bank statements reveal transaction histories and account balances. Together, they provide everything needed for identity theft.

Real-World Example

When cloud accounts are compromised, financial documents become the primary tool for identity theft. Millions of identity theft cases occur annually, and leaked financial documents stored in the cloud are a leading cause.

Safer Alternatives

Method	Description
Local encrypted storage	Store on an encrypted external drive
Password-protected PDF	Set a password on the document itself
Secret memo for sharing	Use expiration when sending to your accountant
Physical storage	Keep important originals in a safe

3. Medical Records

Why It Is Risky

Diagnoses, test results, prescriptions, and other medical records are among the most sensitive types of personal information. If leaked, they can lead to insurance denial, employment discrimination, and social stigma.

Real-World Example

Medical data sells for over 10 times the price of credit card information on the black market. Breaches involving medical records from personal cloud accounts and healthcare institutions are increasing every year.

Safer Alternatives

• Manage medical records through your healthcare provider's official portal
• When sharing records with another doctor, use a password-protected link
• Check your health app's cloud sync settings and disable syncing for sensitive data

4. Private Photos and Videos

Why It Is Risky

Smartphone auto-backup features often upload private photos and videos to the cloud without the user even realizing it. If the account is compromised, this intimate content can be exposed.

Real-World Example

The 2014 iCloud hack (known as "The Fappening") demonstrated just how vulnerable private photos stored in the cloud can be. Dozens of celebrities had their private images stolen and distributed publicly.

Safer Alternatives

• Review your auto-backup settings and exclude sensitive photos from backup
• When sharing private photos, use a password-protected link with an expiration time
• Encrypted local storage remains the safest option

5. Business Trade Secrets and Confidential Documents

Why It Is Risky

Business plans, client lists, product designs, and draft contracts are core business assets. Storing them on a personal cloud account bypasses corporate security policies, and leaks can lead to legal liability.

Real-World Example

Cases of former employees being sued for millions after confidential documents were found on their personal cloud accounts are numerous. Additionally, some cloud service terms of service grant the provider certain rights over uploaded data.

Safer Alternatives

• Use enterprise-grade security solutions
• When sharing documents externally, use tools with password protection and expiration
• For contracts and NDAs, use professional e-signature services

General Cloud Security Best Practices

Beyond these five categories, basic security practices apply to all cloud usage.

Essential Security Settings

Setting	Recommendation
Two-factor authentication	Always enable
Password strength	12+ characters, include special characters
Shared links	Deactivate immediately after use
Connected devices	Review and clean up regularly
Auto-backup	Selectively choose which folders to back up

File Sharing Checklist

Before sharing any file through the cloud, run through these questions.

1. Does this file truly belong in the cloud?
2. Is the sharing target precisely specified?
3. Is it shared with specific users, not "anyone with the link"?
4. Is an expiration date set?
5. Have you revoked access after sharing is no longer needed?

How to Safely Share Sensitive Files

When you need to send sensitive information that does not belong in the cloud, LOCK.PUB's secret memo is a practical solution.

Advantages of secret memos:

• Content is only accessible with the correct password
• Expiration times can be set for automatic deletion
• Data is stored encrypted on the server -- even operators cannot read it
• Recipients can view the content without creating an account

Example use cases:

• Sending tax information to your accountant
• Sharing medical records with a specialist
• Delivering sensitive contract details to a lawyer
• Passing API keys or server credentials to a teammate

Wrapping Up

Cloud storage is undeniably convenient, but not every file should be uploaded without a second thought. Password files, financial documents, medical records, private photos, and trade secrets -- these five types of files deserve careful consideration before they go anywhere near the cloud.

When you need to share sensitive information safely, try using a secret memo.

Create a Secret Memo ->