How to Encrypt Your Files in Cloud Storage
Encryption in all its forms is big business these days. With so much personal, potentially sensitive, data around, it only makes sense that we all want to protect ourselves as best as we’re able. Many of us will already be using some form of encryption, either with full mobile encryption such as that provided built-in with Android devices, or with password encryption managers, such as LastPass. But there may be a gap in our security nets that we haven’t considered: files stored in cloud storage. Should you be encrypting these files? And if so, how? That’s what we’re here to find out.
Cloud Storage and Native Encryption
Data takes up space. And if you’re a mobile user, space is at a premium. Internal storage is expensive on a phone, as illustrated by the iPhone 7, where bumping up that £599 32 GB basic model to a larger 256 GB model will cost you an extra £200. Fortunately, cloud storage solutions such as Dropbox and Google Drive are there to give you that extra storage space that you need, oftentimes for free. Many of us either physically or automatically back up files, photos and even music to cloud storage without ever wondering about how safe this data might be.
To be clear here, we’re not in any way commenting on the actual safety of either of these services, though hacks and attacks DO happen. What we’re getting at is that most of us are concerned about the privacy and security on our devices, without worrying about what happens once data leaves our devices. At this point, if you’re a big cloud storage user, you might be thinking that surely such services use their own encryption. And you’d be correct. Dropbox, for example, uses a very good encryption system for files. Why then should you be worried? Because you’re not the one encrypting, and you’re not the one that holds the decryption key. Basically, since Dropbox holds the decryption key anyone with that same key can decrypt your data, and (since that decryption happens automatically when logged into the Dropbox system) anyone who accesses your account (perhaps through hacking) can also get your now non-encrypted data.
The Pros and Cons of Encrypting Your Files
The obvious solution to this is that you encrypt your own files and data, using an encryption app, BEFORE sending them to your chosen cloud storage service. And in a few moments we’ll get to recommending a few good apps for you to do exactly this. But before we do, let’s take a quick look at the pros and cons of encryption. The obvious pro here is that your data is safe. Your data is encrypted before it even hits the cloud, and is stored in scrambled format, meaning even if someone uses the Dropbox decryption key, or manages to access your Dropbox account, all that data will still look like gobbledygook.
There are some downsides though. You won’t be able to view your data through the cloud service itself. For example, if you self encrypt your data you won’t be able to open Dropbox and simply view the file there. Nor will you be able to share your file with someone straight from Dropbox. This is because the file will first need to go through your encryption app to be decrypted before it can be viewed. For the most part this isn’t a huge problem. However, for mobile users it can be, since many encryption apps simply don’t provide great mobile support (meaning you can’t decrypt your files on your phone, you’ll need to do it on your PC). Fortunately, there are some that do, however. So which should you choose?
Boxcryptor is one of our favourite encryption apps simply because it’s so easy to use and because mobile support is excellent. On your PC, Boxcryptor will create an entirely new drive letter, and anything that you save in that drive will automatically be encrypted, and you can then simply back up that drive to your chosen cloud service. Easy, right? You don’t even have to remember to encrypt things yourself. And their mobile version supports SkyDrive, Google Drive, and Dropbox, so all the major cloud storage services, meaning that you can easily access and read your encrypted files even on mobile.
So what’s the downside here? Well, there really isn’t a huge one. Boxcryptor is free for up to 2 GB of storage, after that you’ll need to pay, which is kind of a downside. However, if you’re careful about what your encrypt (and let’s be honest, not all files/photos/data needs to be encrypted) then 2 GB should be enough for the average user.
And here’s another encryption app that gets our vote because of pure simplicity. Viivo works on a simple drag and drop principle, just like Dropbox itself. Just drag and drop the file you want to encrypt into the Viivo folder, and the app will do the rest. And Viivo supports just about every operating system (mobile and PC) and every cloud service you could think of, including private cloud servers. Oh, and it’s completely free as well.
What could possibly be a con here? Well, there is one thing. When you sign up for Viivo you must sign in with a valid email address and create a password. How secure your encrypted data is strongly depends on the password you create for the programme. So if you opt for Viivo, we recommend that you use a password creator, or a password manager such as LastPass, to ensure that your password is very, very strong.
Sookasa is very similar to the above mentioned Viivo. But since it’s designed more for business use, Sookasa offers a few more features. For example, with Sookasa you can designate expiration times for decryption keys. Once the time limit has been reached, the decryption key no longer works, and a new one must be created. This is more useful in a business situation, though we can see how it could also be used if you frequently share files with friends (maybe pictures or music tracks). Sookasa again works with all platforms, and all major cloud services.
The downside? Probably the major downside of Sookasa is that all those extra business related functions do make it a little more complex to use. Probably more complex than the average mobile user really needs. However, their personal encryption service is free, so at least you won’t be charged through the nose!
This app is a little different from the others that we’ve discussed in how it works. Basically, you download nCrypted Cloud to your PC (you’ll need the mobile app for viewing), and the app creates a special folder called nCryptedCloud. It then scans your computer to find which cloud services you utilise and automatically moves all those services and the files contained in them to that folder. Go into that folder, rightclick on any service (or any folder or file inside that service) and you’ll have the option to encrypt. So you can both encrypt and decrypt at the click of a button. This is pretty easy to use, and since you can encrypt whole files with one click, nCrypted Cloud is great for those that want to encrypt large amounts of data all at once. We also like that it creates a “cloud portal” that lets you access all your cloud services from one window (so you don’t need to open separate windows for Dropbox and Google Drive, for example).
What about the cons here? Well, nCrypted Cloud is free for personal users, so price isn’t an issue. Maybe our only real complaint is that it’s so much easier to encrypt/decrypt on your PC than it is on mobile. The mobile app basically is used for viewing encrypted files on the go, it’s not really suited to actually encrypting a file.
Finally, we come to Cryptomator. Essentially, this works the same way as other encryption apps, it creates a folder or “vault” as the program calls it, encrypts files inside that vault, and you can then move them to the cloud service of your choice. And although you can donate right now it’s technically free of charge. Encryption is pretty high level too, which is a good thing.
Unlike the other options this is open source software, which can be good or bad, depending on how you look at it. Since it’s open source you can check the app yourself to see how secure it is (if you have the technical know how to do so), and many others have checked the code and so far failed to find any holes. However, since the code is publicly available, should a particularly brilliant hacker find a hole in the code, he’ll be free to exploit it. So open source is a double edged sword…and really boils down to personal preference. There’s potentially just as much risk in entrusting your data to a closed source organisation as well. On the plus side Cryptomator does work across most popular platforms, so compatibility shouldn’t be an issue and they’ve got a Beta version of an iOS and Android App which from our testing is simple to setup: