Cloud storage solutions like Dropbox, Google Drive, OneDrive, etc. allow users to access their personal files from anywhere using any device. And we do usually trust these providers to keep our personal data safe and secure. But in the post Snowden era, the privacy of data in the cloud is a major concern for many people, especially in the US.
In late 2014, former CIA contractor, Edward Snowden, encouraged users to ditch Dropbox (and other similar services) as “it doesn’t support encryption, it doesn’t protect your private files.” Dropbox responded to Snowden’s comment in a blog post, mentioning that, “all files sent and retrieved from Dropbox are encrypted while traveling between you and our servers”, ”while at rest on our servers” and “while moving between our data centers”.
Additionally, Dropbox also writes that they “do certificate pinning on desktop and mobile” and “create new encryption keys every time you use Dropbox.” All these measures suggest that Dropbox protects your data from third-party snooping.
But here’s the thing; Dropbox and other similar cloud services encrypt your data in the cloud, but have access to your encryption keys. And hence, are also capable of decrypting your personal data.
Government agencies often pursue such companies to share user data for surveillance purposes. While the cause may be just for protection against criminal activity, it also puts general user privacy at risk. Much of the data that comes out during the process may contain personal data, or confidential business information, that the individual might not want to share.
Though renowned file hosting (cloud storage) services often stand by the users’ right to privacy, one can always take extra measures to protect their private data in the cloud.
There are some dedicated cloud storage services that provide complete protection of user data, by design. These services implement Zero Knowledge end to end encryption, so that no one (including the service provider) has access to any user data, except the users themselves. The data is encrypted before being uploaded to the cloud, and the uploader is the sole owner of the encryption key.
In this article, we’ll look into some Zero Knowledge storage solutions and workarounds to help you secure your data in the cloud.
SpiderOak – Secure Cloud Storage for Personal Use
SpiderOak is one of the significant companies that provide Zero Knowledge, end to end encrypted cloud storage solution. All data that you store on SpiderOak servers is first encrypted locally on your device before being uploaded. Similarly, files are decrypted locally on your device after being downloaded from SpiderOak servers. So SpiderOak has zero knowledge of the data stored on their servers.
It has a number of products for desktop, mobile as well as for enterprise users. Semaphor is an enterprise collaboration tool that helps teams to work with files and folders. SpiderOakONE is a private backup solution for individuals and businesses. SpiderOak Groups is a managed backup solution for teams and businesses. There’s also an Enterprise Backup and hosting solution as well. SpiderOak Kloak is a social network that puts your privacy first. Finally, there’s SpiderOak Encryptr, a secure password management utility accessible only to the user.
All these services are based on Zero Knowledge, which means only the users hold the encryption keys to their private data. SpiderOak has no knowledge of these keys and hence can never decrypt your files on its own. Moreover, SpiderOak doesn’t even have information on your file and folder names. All they “can see are sequentially numbered containers of encrypted data.”
SpiderOakONE Backup is available as a 60-day free trial that gives you 2 GB of secured storage. Paid storage options are also available, and costs $7 a month for 30 GB, $12 a month for 1 TB and $25 a month for 5 TB.
SpiderOak Groups can be set up for free and costs $9/user per month. A free 14-day trial is also available for Groups. There are two plans for enterprise customers. Enterprise Hosted is available for $200 Setup, followed by a fee of $5/user per month. Enterprise On Premise is available for $599 Setup, followed by a fee of $5/user per month. Kloak and Encryptr are available for free.
Tresorit – Secure Cloud Storage for Business
Tresorit is a cloud storage and collaboration service for small businesses and enterprises. Similar to SpiderOak, Tresorit is a Zero Knowledge System, with no information on the data stored on their servers. It’s also easy to use, and comes with powerful collaboration features that put users in control of their data.
For small businesses, Tresorit offers a free 30-day trial that includes 1000 GB of encrypted cloud storage per user, with access to files from desktop, mobile or web browser. Files are password protected and encrypted, even when sharing with other users (encrypted links). File and folder owners can control access permissions, and can revoke read/write access to any user if required.
Post trial period, the service costs 20€ per user per month for 2-4 users and 16€ per user per month for 5+ users. For enterprises (with 100+ users) Tresorit offers custom pricing plans.
Boxcryptor – Encryption Software to Secure Files in the Cloud
SpiderOak and Tresorit are cloud storage solutions that incorporate Zero Knowledge Encryption natively. But if you want to secure your existing Dropbox or Google Drive storage, Boxcryptor is the solution you should look for.
Boxcryptor encrypts your files before uploading them to your preferred cloud storage. It is a Zero Knowledge software, so only the user can decrypt the encrypted files. Boxcryptor is easy to use, and secures your private data in the cloud; no matter what service you’re using. It supports all major cloud storage solutions, such as Dropbox, Google Drive, Microsoft OneDrive, Box, SugarSync, iCloud Drive, etc. It also supports cloud storage solutions that use the WebDAV standard, such as Cubby, Strato HiDrive and ownCloud. The video below demonstrates the use of Boxcryptor with Dropbox.
Boxcryptor is available for all desktop and mobile platforms, and is free for personal use. The free license allows users to encrypt files on one cloud storage service and access them from up to two devices. The Unlimited Personal license is priced at $48 per year and supports encryption on unlimited cloud accounts and access from unlimited number of devices. In addition to data encryption, you can also encrypt file and folder names with this license.
For business users, Boxcryptor offers the Unlimited Business plan, which is a single user license priced at $96 per year. It includes business features such as file collaboration, group management, etc. The Company Package is a multi-user license, which offers Enterprise features for larger businesses. This is a custom-priced package with subscriptions starting from $4.44 per user per month.
Note: Being Zero Knowledge systems, these services protect your data against any act of snooping. But one should be careful to remember the password, as there’s no alternative way to retrieve the data if the password is lost or forgotten.
If you store sensitive data in the cloud, it is recommended that you encrypt your files using any of the services mentioned above. You can choose a suitable solution depending on how you wish to use them.
If you want a dedicated service for personal use, SpiderOak is convenient. If you’re looking for a business solution, Tresorit may be a suitable choice. On the other hand, if you want to continue using your current cloud storage service, but also protect your data with Zero Knowledge system, Boxcryptor is an ideal choice.
Did we miss out any popular service? If so, let us know in the comments below.