Sadly, once you upload a file to a cloud storage service, your rights to the data are significantly diminished. Governments can access any data in cloud storage with often no judicial oversight or warrants. Further, although the company will likely encrypt the data, they will also handle the encryption keys, making it trivially easy for them to analyse your files, like in the case of Google Photos.
If we are to actually have full ownership over our data, we have to use services that operate under what is known as a Zero Knowledge System. That is, a service that does not have access to our data. Therefore, if a government were to want to access the data, they'd actually have to go to a judge to attain the encryption key from you, rather than just accessing the data directly from the company, usually with a gag order.
SpiderOak is a Dropbox competitor, that focuses on data security on privacy. The SypiderOak client is compatible for all major platforms and is similarly priced to Dropbox, with one key advantage. The SpiderOak client encrypts all data before uploading it to SypiderOak's servers. All encryption keys are handled on our devices, and SpiderOak therefore cannot access your files hosted on their servers.
BitTorrent Sync is a decentralized file synchronization system. Essentially serving the exact same purpose as SpiderOak, Sync removes the central server from the equation. Instead of uploading a file to the cloud and then downloading the file to all devices, BitTorrent Sync sends the files to the devices directly.
BitTorrent Sync uses peer to peer torrenting technology. This allows Sync to update certain parts of a file, without having to redistribute the entire updated file to all nodes on the network. Additionally, files are encrypted in transit using AES 128, whether it's across a local network, or over the internet. The client allows you to select which folders you'd like to synchronize and to what devices, and whether the device can read only or read and write to the folder.
One disadvantage to Sync is you'll have access to your data as long as one node on the network is online and has the files locally stored. For instance, you can run your own Western Digital or Synology NAS server running BitTorrent Sync and leave all your files on it. Whenever you need your data, find and open the respective file on your computer or mobile device. The file will be transferred from the NAS server to your device using P2P. Another hypothetical would be to be running BitTorrent Sync on a laptop and a phone. If the files were to be locally stored on the phone (i.e. camera backup), the laptop can only access the folders stored locally on the phone if the phone is online.
As with other traditional cloud based services, you can selectively sync that you need to save space on mobile devices, accessing them only when needed, under the proviso that another node containing the files are online.
The important difference between BitTorrent Sync and traditional cloud services, is if you are to actually have a backup of your file, you must have the file locally stored between two or more devices. Setting up an offsite backup may also be difficult comparative to traditional cloud services.
Encrypting Your Devices
It should be noted that although your data may be encrypted on SpiderOak's servers or in transit using BitTorrent Sync, that doesn't mean they are encrypted on your devices! For this system of file synchronization to be truly secure, you absolutely should encrypt all your devices that will have access to your data. Otherwise, a person who seizes your laptop will be able to access all your files without even needing a passcode.
Can I use Dropbox, Google Drive, iCloud and OneDrive Securely?
Yes. You can use a program like Veracrypt to encrypt your files manually before uploading them to Dropbox. However, file sharing cannot be done without your intended recipient having the password to decrypt the data. Additionally, they will need Veracrypt (not to mention a basic knowledge encryption) to be able to make the whole thing work.
Probably the most streamlined solution I have seen is a app called Boxcryptor. It works with the big cloud storage providers like Dropbox, Google Drive etc, and encrypts the contents of certain folders before they are uploaded to the cloud storage service. Therefore, you will need the cloud storage providers application, and Boxcryptor's. The cloud storage app uploads the contents, and Boxcryptor encrypts the contents, and allows the user to work on the encrypted data on the fly. Boxcryptor's application is 'zero knowledge' and has a free plan (limited to 1 cloud storage provider). Certainly worth a try if you are looking to add an additional layer of security to your cloud files.
SpiderOak is by far the simpler and more traditional file synchronization solution that I recommend to most people. BitTorrent Sync is a revolutionary idea that requires more setup, technical knowledge and upfront cost. However, once you have a network in place, BitTorrent Sync has no monthly fees and no file size limits. Furthre, BitTorrent Sync boasts far quicker speeds when used between devices on the same network, as the file can be transferred over the local network instead of over the internet.
Dropbox, iCloud, Google Drive, OneDrive and others are great services and should not be dismissed if you aren't hosting sensitive information on them. However, these services can be secured by using apps like Boxcryptor, which encrypt files before they are shared to the cloud storage proivder.
This guide was a part of my Ultimate Information Security & Privacy Guide. Be sure to check out any related content: