Add Your Own Security for Online Backups

Many security-conscious computer owners question the wisdom and security of backing up files online. In my mind, this is a non-issue. Security is always under your control, if you wish. You can securely place any files on any online storage system if, and only if, you first encrypt the files before sending them from your computer. Luckily, that is easy to do.

Once your files are encrypted, nobody can read your files, not even the employees at the online service where the files are stored. Your encrypted files will be secure on any online service, regardless of that service’s security policies. There are dozens of free encryption programs to choose from for Windows, Macintosh, and Linux.

Most online backup services encrypt your files before sending them to the online service. That’s MOST, but not all. There are a few exceptions. It is possible that some online services will not automatically encrypt files. You need to read the service’s specifications closely in order to find out.

Some paranoid individuals won’t believe any company’s published specifications. Indeed, there is good reason to be doubtful. One online service published a specification claiming that nobody could read your files that had been automatically encrypted and backed up. The company’s managers later became red-faced when it was revealed that a handful of systems personnel employed by the company COULD decrypt and read those files.

NOTE: In their defense, I doubt if the senior managers of the company were aware of the fact until after they had published security claims, then the system administrators told them, “Well, actually…”

Indeed, the risk was small but any risk at all that contradicts any company’s stated policies is cause for concern. Luckily, the entire issue can easily be avoided by encrypting your own files first before backing them up to any online service. Then even the employees at the online service will not be able to view your files.

To be sure, I use an online backup service and I do not encrypt 99% of my files. After all, if some hacker wants to “crack” into my files to read my chili recipe or to view a family photograph of great-granddad taken in the 1890s, I’d say, “let them.” I don’t have many files that I worry about falling into the wrong hands.

However, perhaps 1% of my files are sensitive and I do care a lot about the security of those few files. My bank account information, credit card numbers, Social Security number, income tax information, and a handful of other files are very private and I don’t want them to fall into the wrong hands. I am guessing the sensitive files total less than 1% of all my files. All of those 1% are encrypted WHILE ON MY HARD DRIVE. After all, I don’t want anyone to read those files if my computer is stolen, much less if the files are backed up elsewhere.

I had a laptop computer stolen from the trunk of my automobile a few years ago so I worry a lot about security of files, both online and on a local hard drive. Luckily, the very few sensitive files stored on that laptop’s hard drive were encrypted. I also had an online backup of the laptop’s entire hard drive. The online backup included a mix of both encrypted and plain text (unencrypted) files. Once I obtained a new laptop, restoring the old files, both encrypted and plain text, required about an hour or so.

In order to protect against local theft, local hackers, and against remote hackers who access the online backup system that I use, those few sensitive files are encrypted while still on my hard drive. If my computer is stolen again or if a hacker manages to access my online backup account, those files will remain secure. They will be unavailable to the thief who gains physical possession of my computer as well as to the hacker who accesses my saved files online.

I believe my backup policy protects all my critical files, regardless of the security policies of any online backup service I use. I no longer am concerned with anyone being able to read my sensitive files, either online or offline. I strongly urge you to do the same. You need to protect all your files regardless of where they are stored, either locally or on some remote service. You need to protect your files against a hard disk crash and also protect them from thieves, both local and remote.

You can find dozens of free encryption programs:

Windows users should start by looking at http://goo.gl/wd7Gr.

Macintosh users should start by looking at http://goo.gl/pNXLW.

Linux users should start by looking at http://goo.gl/Xz74n.

Chromebook users should start by looking at http://goo.gl/AhUUfW. (This solution also works on Windows and Macintosh computers.)

Evernote also has the option of encrypting your notes. However, you have to enable that option on each note you wish to encrypt. The default is to not encrypt but I find it simple to encrypt the few sensitive notes I store in Evernote. The note containing my credit card numbers is encrypted. My notes containing a chili recipe or notes about an upcoming newsletter article are kept in plain text (unencrypted).

I would suggest using a program that encrypts individual files, not entire disks. For instance, Macintosh users have FileVault installed and available on their computers. However, FileVault must be enabled before it encrypts anything. Even then, FileVault encrypts the entire hard drive (or flash drive) but does not encrypt individual files that are sent to online file backup services. Everyone needs a file encryption program, not a disk encryption program.

Microsoft offers BitLocker (formerly BitLocker Drive Encryption) but only on the Ultimate and Enterprise editions of Windows Vista and Windows 7, the Pro and Enterprise editions of Windows 8 and Windows 8.1, and Windows Server 2008 and later. For some strange reason, BitLocker is not included on the on the Home Edition that us used by most consumers. BitLocker also does not encrypt individual files that are sent to online file backup services.

Again, if you encrypt your files before sending them, nobody can decrypt them unless you give those people the encryption key. Once encrypted, files can safely be stored even on unsecured storage services or sent through (public) email as attached files. Encrypted files are also safe and secure when stored on your hard drive, on a flashdrive, on a CD-ROM disk, or anyplace else.

Encryption is used daily by the military, government agencies, banks, and drug dealers worldwide to guarantee privacy. If it works for them, it should also work for you and for me.

3 thoughts on “Add Your Own Security for Online Backups

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s