Encrypt Data Securely in The Cloud

Encrypt Data Securely in The Cloud

Saving data in the cloud is very useful. On Dropbox, Google Drive, OneDrive by Microsoft & Co. can upload files to online storage with the mouse by dragging and dropping. This data is quickly available again on other devices after synchronization: no data storage for transportation, no clutter with different file versions, no limitations for PCs. All devices that support the Internet allow access to data online from anywhere.

In addition, it's easy to share and share and collaborate on shared content - some even with default Office functions that allow editing in the browser without the program being installed. After all, cloud services usually offer free storage between five and 15 GB, which is enough for many users.

Data in cloud storage was initially not encrypted

But there is also something interesting: because online data is not encrypted by default, foreigners have the potential to access it. There are various risks to be distinguished: on the one hand there is a cloud service itself, which in principle is in a position to analyze the content stored on their servers. For example, you approve unlimited storage space on Google Photos - usually unwittingly - explicitly analyze images, other providers have at least theoretical access. For example, in 2012, a year before the revelation by Edward Snowden, it was discovered that Microsoft systematically scanned user content in its cloud.

But those who are also curious are government agencies.

Applicable data protection depends directly on the location of the storage company. While US authorities in American companies - this also applies to data on German users on Dropbox, Google or Microsoft - have relatively broad powers of intervention, German data protection laws are much tougher.

Third, the risk of attacks that cannot be underestimated is hiding in private access data spies. Because in recent years, hundreds of millions of passwords have been captured by attacks on company data. Anyone who has not changed the password of the temporary affected account or even uses an identical password for different online access can be spied on in such a simple way. Finally, without two-factor authentication, anyone with your credentials can access your storage.

End-to-end encryption protects against unauthorized access

Protect yourself from such spies by encrypting your online content. Again, this is possible through various approaches. It is very difficult to use SSL or TLS transport encryption, which is usually activated by default, because it only intervenes during data transfer, but does not prevent access to the server. For the cloud also only partially suitable is encryption at the storage location itself, that is on the online service server. While this data-at-rest encryption protects against theft or loss of hard drives, SSDs, and USB sticks, because only the owner knows the access code, theoretically online service administrators also have access to storage on the Web.

Before that, it maintained end-to-end encryption, also known as end-to-end or end-to-end encryption ("E2EE"). You encrypt your data locally before transferring on your computer or mobile device. Then decoding - anywhere - is only possible with your personal password.

However, end-to-end encryption is associated with sacrificing ease of use and handling of data, depending on how it is implemented in cloud storage. For example, when encrypting with Office, PDF, or Pack tools like 7-Zip, you don't need to do simple back and forth copies with automatic encryption and decryption between local disks and cloud, and you need to change your password name to open and edit files . enter.

Cloud Encryption: combines Veracrypt and Dropbox

Encrypted drives are much more convenient, such as Microsoft's Bitlocker itself in the Pro Windows version or Truecrypt successor that Veracrypt allows. This provides easy drag-and-drop between encrypting the container automatically and the rest of the hard drive after entering the password once.

The smart trick for encryption in the cloud now is to save container files in the cloud storage synchronization folder. If you are now copying data on your PC through Windows Explorer into an encrypted container, this is not only encrypted locally, but also synchronized with Dropbox. Below we explain how the combination works.

However, before that, one important note should not be lost: Even though Dropbox clients synchronize user data little by little and therefore do not always have to re-upload the entire container, other cloud services work with different methods. Therefore the following procedure is not suitable for all online storage.

To copy data to an encrypted container, select a free drive letter on the Veracrypt interface, use "File" to load the container file that was created previously, click "Include" and enter your password. It takes a while for virtual disks to appear as ordinary drives in Windows Explorer. These "hard disks" can be used like any other, the data there - provided that the container file as described in the local Dropbox sync folder - is automatically encrypted before uploading. However, this service combination has a small limit: Before you turn off the computer, you must disconnect the virtual hard disk from Veracrypt from Windowsunmount and wait for cloud synchronization to finish. A number of disciplines are needed to avoid conflict, especially when reconciling data across devices.

Finally, a tip: How to increase Dropbox storage for free from initially only two GB almost ten times, read online.

more convenient when encrypting with GMX / Web.de and Boxcryptor

With the name "Cloud made in Germany", Internet companies 1 and 1 have offered end-to-end encryption for the cloud since the end of 2017. For the use of a free email account with GMX or Web.de enough. For free, each user initially has two GB of online storage available, but storage space can be expanded up to ten GB. Because solutions 1 and 1 are department stores, it is very easy to handle. Boxcryptor, also from Germany, is also simple. The encryption tool supports more than 20 different online stores, including Dropbox, Google Drive, Microsoft OneDrive, Amazon Cloud Drive, Strato Hidrive, and Magentacloud Telecom. In addition, Boxcryptor even resolves file version conflicts in Dropbox.

This software describes the provider on its help page in great detail: How to create your first encrypted folder, how to integrate cloud services, how to work with files online, share them with others and more - all descriptive and detailed. Just try Boxcryptor once! Our online contribution Also explains how to safely pass encrypted data in the cloud.

Relevant: Cloud made in Germany: Secure server in Europe

Note: The free version only supports one storage service at a time and is only used on two devices. This limitation falls in variants of personnel for 36 euros each year. Boxcryptor is also available as an application for Android and iOS.

Cloudevo: Central cloud storage with smart additional functions

In Cloudevo you don't have to be limited in terms of cloud services. Free tools encrypt data in more than 20 general online stores and are equipped with other benefits. This software consolidates the space of all storage providers into one Windows drive. So you can easily store even large amounts of data in the cloud with limited free variants. In addition, software breaks down data on several cloud services, so they are not fully available even when decrypting it in one of these providers - all from German companies and according to local data protection laws.

Installation, account creation, settings, and handling of Cloudevo is practically clear: In the program interface, click "Add Account" to integrate the first cloud storage, then select the online provider, continue with "Authorization", enter your respective access data and access permission by Cloudevo. That way, you can also integrate multiple Google, Microsoft, Dropbox, and other accounts so you can quickly get more than 100GB of free online storage. Even large individual files will blow up each individual service space, be distributed and store Cloudevo in fragmentation on the Web.

Note: The free version of Cloudevo limits synchronization to three devices and a maximum of 10,000 files. That's enough for most home users. The paid pro version is available for rent or purchase. Finally, you can use Cloudevo directly in the browser and also the Android application.