As you may have known, Dropbox had a fiasco some time back, when the contents of the Dropbox users’ files were exposed and unsecured for 4 hours. This allowed anyone to see what’s in your Dropbox account (if you are a user). In that fiasco, you just need to enter ANY password, and you would have access to a user’s files. 250,000 users were online during that time, and while measures were taken, there was definitely a window of 4 hours where your data might have been copied off, delete or viewed by unauthorised persons.
Having said that, cloud storage providers such as Dropbox, SugarSync, Box, Skydrive, Google Drive and even iCloud are useful services used to share and sync files online. So how do we ensure that sensitive information (such as personal documents, login ids and passwords, special project proposals, bank account numbers for quick reference) are safe while easy to access using the cloud storage?
Stay tuned as this page will continue to share some of the cloud content encryption services out there to add that layer of encryption, so that in case Dropbox drops its ball again and open up its files to the world, we can be sure that no one can access the content of your encrypted files, and that data remains safe and secure.
The first solution I would like to introduce is the Boxcryptor product. Boxcryptor dedicate a pre-defined folder in your dropbox for encrypted data files, and it is named as “foldername.ecc” which is, in a way, a container for encrypted files. How do you upload files into the encrypted folder? You can use the “send to” action in most mobile phones to send the file you want to store encrypted, and send it to the “Boxcryptor Classic” application. What this mobile app (available on iOS and Android) would do, is to encrypt the file and send the file to Dropbox encrypted. So in a nutshell, anything that gets “drop” into the Boxcryptor Classic is encrypted and store on Dropbox. What you see in the boxcryptor classic is the Dropbox view of files. The only instance where there could be problem, is when you bypass the boxcryptor classic app, and store the file using the regular Dropbox application – your data file is actually stored unencrypted! Hence, be very clear that encryption only happens when you actually use the boxcryptor classic application to upload. Anything uploaded via normal Dropbox application will NOT be encrypted. All in all, still, it is a very useful application for securing your files as long as you use it the correct way.
The next solution which I find to be pretty good is the Cloudfogger. What the name implies is that you fogg the data. Fogging the data = encrypting the data. So you can think of Cloudfogger as a file level encryptor versus the BoxCryptor which works at a folder level. Now, Cloudfogger is just a file encryptor and decryptor. It does not present the file listing view in Dropbox. It is a standalone application which can fogg and de-fogg file. All “fogged” files have an extension of “.fogg”. So you have a secret word document called “MySecret.docx”, it will be named “MySecret.docx.fogg”. If you have just fogged a file and want to send to Dropbox, then you just “send to” the file to the Dropbox application and it is store there as is (already encrypted earlier by the fogg program). It’s as simple as that. To view an encrypted file, you just “open in” Cloudfogger, and the file gets stored in Cloudfogger application. Once the file is in the Cloudfogger application, you just apply the defogg to decrypt the file to its original form.
I hope you will learn to leverage these two products for your data security needs, and if you have other ways to secure your cloud data, why not drop a comment?