Last year’s iCloud hack showed how vulnerable data stored in the cloud can be. In that case, it was the privacy of celebrities that was compromised. That may not mean much to a business owner who isn’t sending incriminating selfies, but it serves as a reminder that files stored in the cloud need extra layers of protection.
Having extra security for data stored in the cloud is vital, according to Gerry Grealish, Chief Marketing Officer with cloud security company Perspecsys. “There are no real boundaries in cloud computing,” he says, “and that makes everything a little more vulnerable.”
Because of the risk to data stored in the cloud, more companies and individuals are considering encryption as an option. Luckily, there are plenty of encryption tools available – many for free – for a variety of cloud storage options. However, before deciding which option is best for your needs (or business), there are several points to consider.
First, Grealish is quick to point out that just because you can encrypt your data in the cloud doesn’t mean everything needs to be encrypted. He advises that users carefully evaluate what files are put into the cloud – some information is too sensitive to risk storing off-site or has regulations restricting its storage options – and consider how often that data will be retrieved. Encryption makes most sense when the files are primarily being stored and inactive for long periods of time.
Second, you want to know the different options for encryption so you are able to choose the one that is best for you. According to Paige Leidig writing for Tech Radar, the encryption service should provide a selection of options that include “index tokens and pads, strong cryptography, and data storage life cycle management.”
Choosing the Right Encryption Tool
Third, Tom Smith, vice president of business development and strategy for CloudEntr by Gemalto, a cloud computing security company, recommends conducing a thorough evaluation process for using encryption when storing data in the cloud. The criteria for this process includes:
- Making sure the solution provider is a viable business and has the financial and operational resources and experience and an acceptable SLA, so you will always be able to retrieve your data when needed.
- Making sure that the solution provider offers customer managed keys as an option so that you can assure data is securely prepared (encrypted multiple times with multiple keys), independent from the vendor, and before it is put on the vendor’s infrastructure. This ensures that no one, including government agencies or the backup vendor themselves, can access your data without your cooperation and consent.
- Making sure the backup process offered can be fully automated and scheduled so that you limit the possibility of not having a backup of critical data.
- Making sure the encryption tools are peer reviewed and use industry approved standards to ensure the company is reliable.
Now that you know the steps to take before plunging into cloud storage encryption, here is a sample of some of the more popular encryption tools available (and one to avoid):
This encryption service covers the most popular cloud services and can be downloaded (for free) for Android, iOS, Windows, Linux, and Blackberry. Essentially, once BoxCryptor is installed, users can then create a new drive dedicated to the encryption tool. Once data is saved in that drive, it is automatically encrypted. At that point, it can then be synced with a cloud storage application like Dropbox. However, it is important to note that the free service is limited to one user and one drive. There are fees involved to add more users/drivers/options, as well as fees for commercial use. This is something to keep in mind for those who use multiple cloud applications or want to separate personal from business data on Bring Your Own Device (BYOD) computers.
According to LifeHacker, VeraCrypt was voted the favorite encryption service by users. The open source system works on Windows, OS X, and Linux operating systems, and was praised by users as an “on the fly” encryption tool. The user determines when (and which) files are encrypted, and, just as importantly, makes it easy to decrypt them but only when you need them.
The folks at Viivo describe the encryption tool this way: The tool “uses public key cryptography to secure your files before they synchronize to your cloud storage provider. Unlike other approaches to encryption, we accomplish this without breaking cloud provider workflows.” Or, as the Next of Windows website explained, if you know how to use a cloud application like Dropbox, you know how to use Viivo. The concept is similar. You have Viivo folder on your device, and an associated folder titled Viivo-Encrypted. You can then move the encrypted data into Dropbox. In addition to a Windows format, there are apps for Android and iOS. Unfortunately, Viivo doesn’t appear to support other cloud applications besides Dropbox at this time.
Compliance concerns are one of the biggest reasons many companies are hesitant about storing data in the cloud, no matter how convenient it might be. Sookasa is one of the few encryption tools that advertises itself as providing encryption services that meet compliance regulations for medical, legal, educational and financial industries. There is a minimal monthly fee for businesses with compliance considerations who would like to use an encryption tool, although it is free for personal use.
One to Avoid
TrueCrypt was one of the most popular on-the-fly, freeware encryption tools available. While it was meant primarily for disk encryption, it was being used more and more for cloud data storage. However, TrueCrypt is no longer supported by the developers, which means there have been no new security updates since May 2014 and your data could actually be at risk with continued use.