It is true that for several years now, we have had many solutions and services that are accessible and super practical.
Examples include ChatGPT, Google Workspace tools, and the Microsoft 365 solution.
However, it is important to be aware that using online services can be dangerous as the data is stored with an external provider, and precautions must be taken accordingly.
No serious guarantee of who is accessing the data
The first point that bothers me the most is that data placed on external services is potentially accessible by internal members of the company hosting the data.
A simple example: you ask ChatGPT to correct a revolutionary mathematical formula that only you know the secret to, and that you want to patent.
Aside from a user agreement and a data privacy policy, there is no technical guarantee that a third party will not access your chat history (and I'm not even talking about a bug).
Worse, imagine that the chat history database leaks onto the internet, it's not a sure thing.
So yes, it will always be possible to take them to court, but it will cost long hours, weeks, months or even years of fighting to prove it (and again without any guarantees).
Indeed, proving that the theft of your data comes from this is difficult, especially if you use another online service where this formula is found.
Do not transmit sensitive data or you will lose control over the restriction of distribution.
Too often data is stored in clear text
Do you think your data is automatically encrypted on external servers? Safe?
To be sure, it is necessary to carry out audits, something which costs money and achieves little.
Even though some companies guarantee it, it is still necessary to be wary, because in an era where every company is looking for profitability, things are often done too quickly.
In addition, it is important to know that in America there is the Patriot Act, which stipulates that if there is a suspicion of conspiracy or intent to harm the US government, the authorities can requisition data and apply sanctions if necessary.
Do you think the encrypted data cannot be decrypted if the American company has to provide this data? They are required to comply with the law.
This reminds me that Apple had resisted iCloud encryption issues because of European regulations, among other things.
If it's free, you're the product.
Many free online services offer usable tools.
However, it is good to know how these services are paid (although there are many that operate on the basis of donations and advertising).
However, knowing that this isn't the majority, how can they make a good profit? By selling your data, of course.
Most of the time, we talk about email addresses, addresses, or even phone numbers for canvassing, but it can go further.
If you want to convert a list of people in CSV format to SQL format, you're handing the data on a silver platter.
I'm not saying that we should stop doing anything online, but we should be interested in who is behind the service, and understand their intentions (as far as possible).
Set up your own backups
A crash at a service provider can always happen, however the backup policy varies depending on the company.
Often, companies back up customer data, but retention is often short (a few days to a few weeks).
It may be worthwhile to back up the data yourself using tools designed for this purpose and store it somewhere other than online.
Moreover, most of the time, providers do not really care about the data, and do not guarantee that all hosted files are restorable.
Internet connection becomes a lifeline
The internet is an important tool for businesses and individuals in 2025, but this is even more true when all work and business-critical files are accessible exclusively online.
So, it is always good to think about how much time you are willing to lose in the event of an internet outage, and also whether a backup connection would be worthwhile.
Even if we experience little or no internet outage, the routers that provide the global network are still electronic devices and can become unreliable.
Mechanisms exist today to circumvent the problem (thanks BGP), but there is no such thing as zero risk.
But then we shouldn't use online services?
Yes, of course you should use external services, but you should think carefully before pushing your data onto the internet.
My advice is to only post data that would not be dramatic in the event of a leak, such as procedures (without sensitive data), or even publicly accessible prospectuses and brochures.
Sensitive data should be hosted internally, or on servers over which we have 100% control, and stored encrypted.
