Secure Cloud Storage

Secure Cloud StorageAs the number of devices we use to access our files and data increases, cloud based storage is now ubiquitous and the default for many smaller devices with less storage space.

But how secure and private is our precious data?

As you might expect the usual suspects and main providers in the area have shown an inadequate level of security and even been shown to be working closely with the NSA and others when scrutinising and handing over files when pushed hard enough.

Both Microsoft and Apple actually state in the their User Agreements that they reserve the right to routinely search all files for illegal activity and Google, Amazon and Dropbox will investigate any notifications of suspected illegal activity.

The recent nude celebrity photo hack of the iCloud exposed further weakness of trusting the cloud with your most personal stuff.

But let’s face it, cloud storage is not going away and it’s too damn convenient not to use altogether so what to do?

At the very basic level everyone now should be using better passwords than ‘password’ or ‘123456’ and using a password manager such as Lastpass is a big step in the right direction.

Two-factor verification can also make it much more difficult for hackers to acquire your login credentials in the first place but even this can be vulnerable and won’t necessarily protect your data.

Encryption of cloud storage data is the key

All the main players offer encryption of your files, photos etc. but if the storage provider controls the encryption keys then they could be capable of handing over user data stored on its servers to the government, law enforcement, etc.

There are however, cloud services that automatically encrypt your files before loading them up to the Cloud. Users encrypt data on their own machines – before they send it to the company’s servers. The company therefore, keeps no readable version of users’ passwords or data and has nothing meaningful to hand over to anyone who asks.

We list below a small number of the better known of these services and will add more over the coming months.

Encrypted Cloud Services

SpiderOak is a ‘zero-knowledge’ cloud provider and never has access to your encryption key, meaning that only you can unlock your data. 2048 bit RSA and 256 bit AES to encrypt your files.

Pricing – 2GB free, $10/m 100GB

Platforms – Windows, Mac, Linux, iOS, Android

Wuala encrypts all your data locally on your device using 2048 bit RSA and 256 bit AES encryption. Encryption occurs before files leave your computer so Wuala can only see how many files you have stored and how much storage space they occupy. The files are encrypted and therefore cannot be seen by any third parties.

Pricing – 5GB free, plans from €2/m 20GB to €160/m 2TB

Platforms – Windows, Mac, Linux, iOS, Android

Peerio – Beta upload and share end-to-end encrypted files of up to 400 megabytes up to an initial storage limit of 1GB

Pricing – 1GB free

Platforms – Windows, Mac, Chrome

Local File Encrytion

Another alternative is to use a separate service that encrypts sensitive files locally on your device before before letting them sync to the Cloud so you can carry on using your favourite cloud provider.

Boxcryptor lets you encrypt your files at Dropbox, Google Drive, Microsoft SkyDrive, SugarSync, Box.net and many other storage providers.

Platforms – Windows, Mac, Linux, iOS, Android

Pricing – Basic is free but you can use for only one cloud provider. e.g. Dropbox, plans from €4/m for unlimited providers and devices.

Cloudfogger encrypts your data on the local device before it gets uploaded to the cloud. Supports Dropbox, Google drive and others.

Platforms – Windows, Mac, iOS, Android

Pricing – free

Please add your comments below or in the related discussion topic of our forum.

Updated: February 24, 2015 by PrivacyPulp

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top