However, for most people, cloud-based solutions do not seem to be a secure option. They still prefer to store signing keys using USB tokens. There are several myths about cloud-based digital signatures. Let's take a closer look at some of them.
Myth 01: Cloud-based digital signatures are not secure enough because there is a risk of cloud hacking
Special hardware provides a high degree of protection. The certificate keystore should be securely protected by tamper detection sensors, a trusted operating system, and secure audit mechanisms and connection control. User keys are stored encrypted. Believe it; nothing will happen to your digital signature and keys in the cloud.
Myth 02. A digital signature does not give documents any legal status
Electronic signatures are legally valid and evidence-based in industrialized countries around the world. Although the requirements may differ depending on the region, industry, and business process.
In most cases, for electronic signing, a simple verification of the identity is sufficient - by email, confirmation with a one-time password, etc.
Though, sometimes a more secure and advanced level of assurance is required. In this case, you need to use a digital signature.
Digital signatures are the most secure type of signatures. In the European Union, such signatures get the legal status of a handwritten signature. Since signing in the cloud is similar to a common signing process using a token, a cloud-based digital signature has the same level of legal significance.
Myth 03. Cloud-based signatures are unreliable because the server can crash at any time
The hardware used for remote operations with electronic signatures and for storing keys is highly fault-tolerant. If any component of the system fails, it is automatically replaced by a backup one, without interruptions in operation or the participation of maintenance personnel. For load balancing a server software is used. It evenly distributes requests across multiple servers.
Myth 4. Cloud signing is inconvenient because you need a constant Internet connection
That is partially true. However, the cloud-based digital signature has a lot of advantages over the digital signatures stored on tokens. USB tokens can be lost or broken. One needs a desktop computer to use them. Whereas you can sign remotely in the cloud using the digital signature. You can even sign a document from your phone, as long as there is the Internet.
Myth 05: Cloud storage is expensive
Not at all. A cloud-based qualified digital signature will cost less than a hardware token containing a digital signature certificate since there is no need to purchase a USB token driver. In addition, you can issue a conditionally unlimited number of keys and certificates while using cloud storage. If the company needs to organize an electronic workflow and provide each employee a USB token for the digital signature certificate, cloud-based service is the best option.