Cloud services are becoming ubiquitous, common, and more useful every day. What do I mean by cloud services? Google Apps, Dropbox, or basecamp are all cloud services. Many people (including me) use them to manage their productivity work flow. I’m a big fan of Dropbox to sync my to-do list (Things) and 1Password file between my office machine, my desktop at home, and my laptop. It just works. I also use MobileMe to take care of my calendar syncing.

But, I’m careful about what I put in my calendar, or my to-do list. Those things can tell a great deal about information that should be kept confidential – who I’m having meetings with about what can give away who our clients are and some information about them – completely unintentionally. What’s on my to-do list can give an indication of my (or my client’s) priorities.

There’s two ways of approaching the problem: control what you put into the “cloud”, or protect it before it goes into the cloud. I do a mix of both. My calendar information is limited as MobileMe won’t allow me to send an encrypted file to their caldav servers. My to-do list (and 1password file) are encrypted in an encrypted disk image in my dropbox folder. 1password does its own encryption. And if I do use dropbox to sync files, all of those files are in an encrypted disk image. I may be paranoid, but I haven’t audited these services to see what their security levels are, so I choose not to trust them. Our clients expect us to take good care of their data and protect it as well (or better) than they do, so I default to not trusting them.

Be aware of the information you are storing in the “cloud”, even if it seems silly to you. At least be aware of what data is getting pushed to someone else’s servers.