International Journal of Advanced Research in Computer and Communication Engineering

Abstract: Cloud storage has become ubiquitous, yet users remain surprisingly vulnerable despite the sophisticated security measures that major providers have put in place. Most security breaches do not occur because the technology fails; rather, they result from human error, poor choices, incorrect system configurations, or a lack of understanding of legal requirements. This study investigates why this gap persists and its implications for privacy and regulatory compliance. We examine how three types of cloud storage that are supported by all cloud providers. Those storages are block, file, and object, which affect security outcomes differently, drawing on real-world incidents rather than hypothetical scenarios. The Capital One breach, for example, illustrates how theoretical weaknesses can quickly become major disasters. By analyzing such cases alongside the technical distinctions between storage models, we identify where and why security systems most frequently fail. The findings reveal that while cloud providers have largely addressed the technical aspects of security, human and organizational factors remain problematic. This has important consequences for privacy protection and regulatory oversight in cloud environments. Our research also evaluates emerging security approaches, such as Zero Trust Architecture and confidential computing, and emphasizes practical protective measures including client-side encryption, tokenization, and multi-factor authentication. We provide detailed coverage of major compliance frameworks, including GDPR, HIPAA, and ISO/IEC 27018, offering implementable strategies for technical controls and regulatory adherence. This work aims to strengthen cloud storage security by focusing on actionable privacy safeguards, deployable technical solutions, and compliance strategies that can be realistically adopted by users. The results should prove valuable for researchers studying cloud security, IT professionals designing storage systems, and policymakers developing data protection regulations in an increasingly digital world.

Keywords: Cloud computing, data privacy, data security, cloud storage services

Downloads: | DOI: 10.17148/IJARCCE.2025.141026