Let me ask you a question: How many cloud services are you currently using?
If you’re like most people you probably have files disseminated across multiple cloud providers.
Perhaps you stash your family photos with Dropbox, your work documents reside on Microsoft OneDrive (formerly SkyDrive) and your music sings on Google Drive.
Since access is password protected and none of your co-workers have complained about any data breaches lately you’ve sagaciously deduced that your data is pretty safe.
But is it?
If Dropbox was ever arraigned and tried in a United States court, it could be forced to surrender its customers private data.
Yes, it’s true that your stuff is locked with a password but the private key guarding your data still resides on the cloud providers servers. In other words, the cloud provider still has a means of viewing your data.
[Y]ou are abrogating responsibility for your data. Someone else has access to it and someone else is responsible for keeping it safe
Most people don’t realize it but whenever you sync your desktop or smartphone with the cloud you are transferring trust to a group of people who:
- Don’t always have your best interests in mind
- You’ve never met
- You don’t know where they live (where are those servers anyway?)
Furthermore, since there’s no official cloud standard for security the cloud is effectually like the wild west. Each cloud provider has the liberty to espouse its own standard of “safety” and since different providers have different goals the possibilities are endless.
The problem is exasperated by the the fact that data breaches are becoming ascendant and so are the lawsuits.
For example, how can anyone forget the catastrophic breach at Target, in December of 2013, where about 70 million individuals were affected by a credit card breach?
Furthermore, in August of that year, the Syrian Electronic Army debilitated the New York Times website and just five months earlier, 50 million Evernote users were forced to change their passwords because of suspicious activity on the Evernote network.
But that’s not all – as you know, hackers never balk at tackling the big guys.
I could go on and on and adduce examples from 2012 when 6.5 million Linkedin passwords were stolen and posted on an underground website. Or I could cite the abysmal TJX breach that exposed 45.7 million customers credit cards to the avaricious eyes of 11 heartless hackers.
Data providers can bandy excuses back and forth all day but you – as the consumer – can take some very simple steps to secure your digital assets.
Given the preponderance of data breaches these days, encrypting your files is simply the prudent thing to do.
In this article I felt it on my heart to equip you with a tool that will give you an edge up on the bad guys.
But first a little bit about the threats we’re facing…
The unholy trinity of threats
There are several threat agents in cloud computing that put your data at risk. The list is long but the top offenders are:
- Data Loss
- Account Hijacking
- Data Breaches
Data loss can result from a barrage of concerted attacks or from natural disasters such as floods or earthquakes. And although, statistically, data loss is a corollary of hardware failure rather than natural disasters, cloud providers absolutely need to manage customer backups. But managing them isn’t enough: the backups not only need to exist but need to be recent and offsite.
Backups are critical – Pixar found that out a few years ago.
Toy Story 2 almost never came into fruition because someone accidentally expunged the drive where the production elements were kept. You should watch the 3 minute explanation about what almost happened to Toy Story 2 but my point is that data loss is a real problem. Sometimes it happens by accident and other times it’s intentional but don’t think that just because your files are backed up to the cloud that you’re in the clear.
Account Hijacking happens when someone steals your username and password. Usually the attacker impersonates someone you trust and then, through an unhealthy mix of guile and chicanery, gets you to give up the goods.
As far as Data Breaches go, I touched on them in the first segment so I won’t belabor the point. The main thing I want to leave you with before I show you how to encrypt your cloud is that you should never trust that your stuff is safe on a server that isn’t your own.
It is imperative that you encrypt your data so that even if some bilious bad-guy breaks into your cloud providers networks all he’ll see are gigabytes of unintelligible garbage.
The crux of CryptSync
Let me show you the joy of encryption. CryptSync is a blessing.
It has one purpose in life:
To make your personal files virtually impervious to prying eyes.
It does this by copying files from an ordinary non-encrypted folder to a special encrypted folder in your cloud drive. If you change files in either folder the tool deftly propagates the update so both folders match.
One serendipitous side effect of using CryptSync is that it uses 7-Zip to encrypt your files so it actually compresses the files; consequently, allowing you to store more in the cloud.
Alright enough of my yapping; let’s get going here:
Open the executable and zip through the setup wizard.
The last time I checked, I didn’t see any smuggleware furtively placed in the installation wizard so you can blindly (and blythly) click through to the end.
The install completed in less time than it takes a lightning bolt to zap the earth; I was shocked.
Okay, enough of the punny jokes…
When CryptSync opens, put a check in the Start with Windows box near the bottom left of the window and then click the New Pair… button on the opposite side.
We’re going to create the original and encrypted folder pairs so CryptSync can flex its brawn.
Now here’s the fun part:
Pick the folder where your normal, unencrypted files are stored then browse to the Google Drive, OneDrive or Dropbox folder where you want the encrypted copies to live.
Enter a formidable password then click OK.
Incidentally, for the truly paranoid, you can put a check in Encrypt filenames which means that even if someone guessed your cloud password and logged in they wouldn’t know what kind of files are in the folder (images, spreadsheets, docs, textfiles, logs, who knows?) because the file name lookes like this: d4edie9490d9s90asdk2lk3k23l43k.cryptsync.
Yeah, this will really bristle the bad-guys. Can you imagine breaking into someone’s cloud account and then seeing a bunch of garbage files with esoteric names that are completely unreadable?
I love it.
Look what happened when I grabbed a random CryptSync file and attempted to read it in SublimeText:
Good luck trying to figure that out…
This is the obvious advantage of CryptSync.
The only thing I don’t know for sure is the encryption algorithm and bit strength being used to obfuscate the data. Is it AES 256bit encryption or something weaker such as DES?
If anyone knows please share in the comments.
Now you can either initiate the sync by clicking Sync files and exit or click Run in the background to force CryptSync to silently monitor the folder pairs and immediately sync any changes.
The neat thing is that you can keep adding new pairs, so in theory, you could actually encrypt all your cloud providers client-side.
The only disadvantage I’ve been able to discover is that having both an original folder and encryption folder can slurp up drive storage; however, that storage was already allocated to your unencrypted files any way so I don’t know if this is a substantive issue.
The Bottom Line
I began this article by asking you how many cloud services you use and then I adduced multiple examples of data breaches. I did this to convince you why it’s so important to encrypt your files. I finished by showing you how easy it is to setup CryptSync to scramble your files.
I hope this has been edifying and more importantly I hope I’ve moved you toward getting serious about securing your cloud files.
The convenience of the cloud exposes us to a new mix of threats that were utterly inconceivable 15 years ago.
I exhort you to start encrypting today so that when the inevitable happens and your hapless friends loss all their data, you can with great equanimity- recline in you chair, smile and say, “My stuff is safe; It’s encrypted”
Please share your thoughts in the comments.