Keeping sensitive documents in the cloud -- bad idea?

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
Topic Author
pieinthesky
Posts: 57
Joined: Fri Jul 17, 2015 2:11 am
Location: Bay Area, CA

Keeping sensitive documents in the cloud -- bad idea?

Post by pieinthesky »

I'm currently making an effort to rid my office of piles of paper and have been scanning financial documents, receipts, etc. to my Dropbox. I use Dropbox a lot and have been satisfied with the service, but is there a way to make it more secure for sensitive info, like password protecting or encrypting certain folders? Or would it be wise to use another service altogether for the sensitive documents? Would appreciate recommendations, if any.
mr.ajandkj
Posts: 112
Joined: Fri Jun 05, 2009 10:55 am
Location: Oregon
Contact:

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by mr.ajandkj »

Interested in this as well.

There is software to encrypt before uploading to the cloud, which is likely the best option.
jebmke
Posts: 25476
Joined: Thu Apr 05, 2007 2:44 pm
Location: Delmarva Peninsula

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by jebmke »

For clusters of small, related documents I combine them in a 7Zip file with a long encryption key.

For a general encryption, I have used Boxcryptor with good success. It takes a bit of time to set up but once it is set up it is pretty much hands off.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
a5ehren
Posts: 76
Joined: Fri May 26, 2017 7:48 am

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by a5ehren »

The primary things are to have a long, strong password on your account and two-factor authentication enabled (https://www.dropbox.com/help/security/e ... rification).

The odds of you needing all of those old bank statements is pretty low, though.

I've personally switched everything to electronic delivery and make it USAA/Vangaurd's job to store all of my stuff for me. If a catastrophe happens to where I can't access them, then the money in those accounts is worthless anyway.
User avatar
knpstr
Posts: 2894
Joined: Thu Nov 20, 2014 7:57 pm
Location: Michigan

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by knpstr »

Perhaps some sort of identity theft coverage would be appropriate?

Not that you want to make it as easy as possible for anyone to get your info; but with size/scope of the data breaches that have already taken place it is likely someone already has all of your information anyway.
Very little is needed to make a happy life; it is all within yourself, in your way of thinking. -Marcus Aurelius
craigers
Posts: 34
Joined: Sun Apr 01, 2012 4:07 pm
Location: Vermont

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by craigers »

I use google drive and encrypt my sensitive documents with Boxcryptor. My thinking is that even if they get my Google password it won't do them much good.
User avatar
flamesabers
Posts: 1848
Joined: Fri Mar 03, 2017 11:05 am
Location: Rochester, MN

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by flamesabers »

I would suggest storing sensitive documents via offline on an external hard drive or burnable DVD and keep the item in a secured location that is separate from your home/office. This way if your dropbox account ever gets hacked or you lose access to it, you can still retrieve your sensitive documents.
a5ehren wrote: Thu Jan 11, 2018 3:46 pmI've personally switched everything to electronic delivery and make it USAA/Vangaurd's job to store all of my stuff for me. If a catastrophe happens to where I can't access them, then the money in those accounts is worthless anyway.
I don't know if it's relevant for you or not, but USAA does have a time limit as to how long they'll keep your electronic statements on file. I'm thinking it's between 7-10 years. While it's highly unlikely you'll need documentation older then that, it's something to bear in mind.

I'm not familiar with Vanguard's policy for how long they'll keep your electronic statements available.
Marylander1
Posts: 583
Joined: Sat Jan 04, 2014 2:18 pm
Location: Baltimore & DC

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Marylander1 »

Since you're a Dropbox customer, I hope you're aware their security breaches have had some doozies:

Dropbox confirms security glitch--no password required
https://www.cnet.com/news/dropbox-confi ... -required/

Hacked Dropbox login data of 68 million users is now for sale on the dark Web
https://www.washingtonpost.com/news/the ... e-dark-web

I don't store any sensitive data in the cloud, but if I did I would
  • Make sure to use a unique, complex password for the cloud site
  • Change that password periodically
  • Encrypt the data using a trustworthy tool before uploading it, and ensure the cloud server never sees the unencrypted data
Marylander1
2015
Posts: 2906
Joined: Mon Feb 10, 2014 1:32 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by 2015 »

For me it is, because I don't trust the current state of information security and I see it only getting worse. Therefore, I store nothing at all there.
TallBoy29er
Posts: 1320
Joined: Thu Jul 18, 2013 9:06 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by TallBoy29er »

craigers wrote: Thu Jan 11, 2018 3:50 pm I use google drive and encrypt my sensitive documents with Boxcryptor. My thinking is that even if they get my Google password it won't do them much good.
I do the same as craigers. I'm in the process of moving all old tax docs to the cloud encrypted. Keeping an external drive, which can die, be damaged, get stolen, etc, doesn't make any sense to me anymore.
inbox788
Posts: 8372
Joined: Thu Mar 15, 2012 5:24 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by inbox788 »

2015 wrote: Thu Jan 11, 2018 7:59 pmFor me it is, because I don't trust the current state of information security and I see it only getting worse. Therefore, I store nothing at all there.
Same boat here. I have been contemplating using a home server for a while now, but I'm also weary about that. The possibility of sensitive information remote hacked, whether it's stored in the cloud or on a home network is often not worth the convenience of access. I've gone old school and am storing sensitive information locally (flash drive and paper), and putting them in a safe or safety deposit box. Now, the information that gets this extreme treatment is very small, and with judicious pruning, you can approach a minimum of concern.
Fintechnick
Posts: 35
Joined: Fri Mar 17, 2017 9:47 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Fintechnick »

I use Tresorit for this purpose. The technology is truly excellent. Full end-to-end encryption on the cloud side yet completely transparent to the user on the device side. Excellent Mac, IOS, Windows apps. They market primarily to businesses, but if you poke around they have an individual user option which is $125 a year. From my perspective it’s money very well spent. I am able to put all of our sensitive and household documents there with full peace of mind and yet me and DW can access them all safely from any of our devices. The technology is so good that DW (who is not tech savvy) doesn’t even realize that it’s encrypted, it just works.
User avatar
pondering
Posts: 1127
Joined: Fri Jan 30, 2015 10:04 pm
Location: 412-977-3526, originally 718-273-2422
Contact:

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by pondering »

Please do not store your only copy of a document on the cloud. Everything should be backed up locally.
--Robert Sterbal | robert@sterbal.com | 412-977-3526
NYC_Guy
Posts: 429
Joined: Fri Mar 10, 2017 1:23 pm
Location: New York

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by NYC_Guy »

I have all of my sensitive info on the cloud. My time is too valuable to mess with local backups. I worry more about heart attacks and auto accidents and zombies apocalypses.
rgs92
Posts: 3436
Joined: Mon Mar 02, 2009 7:00 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by rgs92 »

What kind of sensitive documents are the issue? If someone gets a W2 or 1099 tax form, is there a real peril?
Ztx
Posts: 222
Joined: Thu Jul 21, 2016 9:54 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Ztx »

+1 for Boxcryptor. Everything is encrypted locally.
User avatar
pondering
Posts: 1127
Joined: Fri Jan 30, 2015 10:04 pm
Location: 412-977-3526, originally 718-273-2422
Contact:

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by pondering »

I'm going start polling people if their time is too valuable to take local backups. Exactly how much time is involved? Can't you do it while watching TV?
--Robert Sterbal | robert@sterbal.com | 412-977-3526
Dottie57
Posts: 12379
Joined: Thu May 19, 2016 5:43 pm
Location: Earth Northern Hemisphere

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Dottie57 »

pondering wrote: Fri Jan 12, 2018 6:13 am I'm going start polling people if their time is too valuable to take local backups. Exactly how much time is involved? Can't you do it while watching TV?
Or while sleeping at night.
orlandoman
Posts: 675
Joined: Tue Oct 19, 2010 7:27 am

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by orlandoman »

Take a look at www.fidsafe.com a free cloud storage site service from Fidelity Investments, for documents.
"Borrow money from pessimists -- they don't expect it back"
Mike Scott
Posts: 3579
Joined: Fri Jul 19, 2013 2:45 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Mike Scott »

The cloud is fine if you don't mind people having copies of all of your sensitive information and/or you not having any control over what happens to it. Paper is still the archival method of choice for a lot of good reasons.
User avatar
Pajamas
Posts: 6015
Joined: Sun Jun 03, 2012 6:32 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Pajamas »

pondering wrote: Thu Jan 11, 2018 9:50 pm Please do not store your only copy of a document on the cloud. Everything should be backed up locally.
Services like Google Docs and Dropbox do allow a copy to be kept on your computer but automatic syncing with the cloud storage could cause a problem if one or the other were deleted.
jebmke
Posts: 25476
Joined: Thu Apr 05, 2007 2:44 pm
Location: Delmarva Peninsula

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by jebmke »

Dottie57 wrote: Fri Jan 12, 2018 6:19 am
pondering wrote: Fri Jan 12, 2018 6:13 am I'm going start polling people if their time is too valuable to take local backups. Exactly how much time is involved? Can't you do it while watching TV?
Or while sleeping at night.
Yes; I have two processes that trigger after midnight. One runs a sync of my data to a mirror on my local NAS. The other runs a sync of data to a Google drive using Boxcryptor to encrypt the files.

I have used the local mirror a few times when I got a bit careless and deleted a file I needed.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
User avatar
triceratop
Posts: 5838
Joined: Tue Aug 04, 2015 8:20 pm
Location: la la land

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by triceratop »

If I were to put sensitive documents on the cloud I would keep them in a GPG-encrypted directory. Since I am a nerd as well as a Linux user I would use something like EncFS (the FUSE encryption plugin) or GnuPG + FUSE. But, I do not put sensitive documents on the cloud.

Instead, since I do not trust any of these companies I use Syncthing for synchronizing files between computers.
"To play the stock market is to play musical chairs under the chord progression of a bid-ask spread."
User avatar
Toons
Posts: 14467
Joined: Fri Nov 21, 2008 9:20 am
Location: Hills of Tennessee

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Toons »

I guess I could fret about it...
what good is it going to do me.
Everything stored In Google Drive.
:happy
"One does not accumulate but eliminate. It is not daily increase but daily decrease. The height of cultivation always runs to simplicity" –Bruce Lee
Jack FFR1846
Posts: 18502
Joined: Tue Dec 31, 2013 6:05 am
Location: 26 miles, 385 yards west of Copley Square

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Jack FFR1846 »

Flash drives.
Bogle: Smart Beta is stupid
obgraham
Posts: 1618
Joined: Mon Jan 28, 2013 6:30 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by obgraham »

I'm way to senile and dumb to figure out all this automatic synching and backup. On the other hand I'm rid of paper.

Mine stuff is all on 2 usb drives. In addition I take copies on 2 flash drives when I travel. Likelihood of both failing is low enough for me.
jebmke
Posts: 25476
Joined: Thu Apr 05, 2007 2:44 pm
Location: Delmarva Peninsula

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by jebmke »

Should still be encrypted. Flash drives are not secure. Plus they are easy to lose.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
nick evets
Posts: 311
Joined: Wed Mar 01, 2017 4:40 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by nick evets »

As with anything it's all about risk and tolerance.

If your house gets broken into, will they take your computer(s)? If your house burns down/floods, will your computer and (presumably) local backup get damaged? Could that cheap, Chinese webcam/wifi extender/etc. you've added to your home network be hacked? Are you willing to periodically update the hardware/software of your local back-up solution?

What is the likelihood unauthorized users can access files stored in your cloud account? If they're encrypted, can they decrypted? What risk does this pose?
2015
Posts: 2906
Joined: Mon Feb 10, 2014 1:32 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by 2015 »

Dottie57 wrote: Fri Jan 12, 2018 6:19 am
pondering wrote: Fri Jan 12, 2018 6:13 am I'm going start polling people if their time is too valuable to take local backups. Exactly how much time is involved? Can't you do it while watching TV?
Or while sleeping at night.
In my case, more time than most would be interested in investing. I've posted my rather elaborate system previously. Security is a trade off between convenience/security. My rationale for the additional effort is that in retirement, you only get one chance to get things right, and loss and theft are among those things which are hard to recover from after retirement. I view such loss as high impact. Therefore, I expend the extra effort. OTOH, my system is so smooth now it's not much effort at all. I also don't believe in storing personal documents in the cloud, but that's a different subject entirely.

Due to the rapidly expanding state of artificial intelligence, I don't trust cloud data to be protected by encryption, regardless of the methodology. Attempting to comprehend what's possible with limited human intelligence leaves one open to technology black swans.
DrGoogle2017
Posts: 2528
Joined: Mon Aug 14, 2017 12:31 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by DrGoogle2017 »

I never used Cloud anything, yet I was told some of my pictures were going over the limits on my iPad, they want me to pay more. I’m nervous about these things I don’t know. So I deleted them. Honestly, sometime I just want to go back to the Stone Age.
gotester2000
Posts: 620
Joined: Sun Nov 12, 2017 12:59 am

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by gotester2000 »

Similar to a few posters I store minimum personal critical data on 2 flash drives offline. Cloud is basically keeping your data on somebody else's machine(s). Why do you need to worry so much, waste time in encryption, upload,sync - constantly sync with changing formats and platforms - use paid services for these is beyond me. For me, life is more enjoyable with no clutter. If it matters I have spent a pretty long time in technology.
wfrobinette
Posts: 1879
Joined: Fri Feb 20, 2015 2:14 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by wfrobinette »

DrGoogle2017 wrote: Fri Jan 12, 2018 11:29 am I never used Cloud anything, yet I was told some of my pictures were going over the limits on my iPad, they want me to pay more. I’m nervous about these things I don’t know. So I deleted them. Honestly, sometime I just want to go back to the Stone Age.
Cloud is great for pictures. Amazon has free unlimited photo storage if you're a prime member.
ianferrel
Posts: 236
Joined: Thu May 29, 2008 5:27 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by ianferrel »

Make sure, if you are encrypting things, that you are correctly weighing the chance of different risks and carefully saving your encryption key.

1. The risk that someone else gets access to your data. Encryption makes sense here.
2. The risk that you lose your data. Encryption increases this risk, since if you lose your key, you lose your data.

It's not always clear which is a bigger risk, and it probably won't be the same for all data.
nick evets
Posts: 311
Joined: Wed Mar 01, 2017 4:40 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by nick evets »

gotester2000 wrote: Fri Jan 12, 2018 12:29 pm Cloud is basically keeping your data on somebody else's machine(s). Why do you need to worry so much, waste time in encryption, upload,sync - constantly sync with changing formats and platforms - use paid services for these is beyond me. For me, life is more enjoyable with no clutter. If it matters I have spent a pretty long time in technology.
Well....A couple reasons. First, there are some legitimate concerns re: co-locating your back-up, in terms of disaster and security. Second, many devices already leverage 'cloud' storage (smartphones, tablets, etc., etc.) so you're not adding complexity -- you're removing it. It's also extremely handy to have shared file-space with one's spouse/partner, so files either of us might need are always available when we have internet access.

Finally, I don't need to worry about encryption, sync and back-up schedules, changing formats and platforms -- that's the entire point of offloading the storage to a cloud provider. Make sense?
User avatar
oldcomputerguy
Moderator
Posts: 17934
Joined: Sun Nov 22, 2015 5:50 am
Location: Tennessee

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by oldcomputerguy »

rgs92 wrote: Thu Jan 11, 2018 10:59 pm What kind of sensitive documents are the issue? If someone gets a W2 or 1099 tax form, is there a real peril?
W-2 forms contain one's Social Security number in box "a". While it may be academic after the Equifax breach, why make it easier for the Bad Guys?
There is only one success - to be able to spend your life in your own way. (Christopher Morley)
lightheir
Posts: 2684
Joined: Mon Oct 03, 2011 11:43 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by lightheir »

There's a lot of panaroia and nuts about computer security. Sure, you have to take precautions, but be reasonable about it.

The odds of someone successfully impersonating you do to a sophisticated hack into your accounts is farrrrrrr lower than the criminals going after the credit card repository of a small business. You are only one individual, so unless you're a celebrity, or you leave your account totally vulnerable, it's not worth the time to break into your stuff to steal your W-2s and tax returns. Seriously, how often does this form of cyberimpersonation come up in the news?

Encrypt your stuff with a good password, use reliable vendors, and you're pretty good, unless you're super wealthy, celebrity, or have stuff like lists of cc numbers that thieves could use. Else, contrary to your belief, your files are super-low in terms of targeting for criminals. It's a lot easier to hit a small business where there are many more weakness points and much more usable data.
User avatar
oldcomputerguy
Moderator
Posts: 17934
Joined: Sun Nov 22, 2015 5:50 am
Location: Tennessee

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by oldcomputerguy »

pieinthesky wrote: Thu Jan 11, 2018 3:41 pm I'm currently making an effort to rid my office of piles of paper and have been scanning financial documents, receipts, etc. to my Dropbox. I use Dropbox a lot and have been satisfied with the service, but is there a way to make it more secure for sensitive info, like password protecting or encrypting certain folders? Or would it be wise to use another service altogether for the sensitive documents? Would appreciate recommendations, if any.
Is there a real reason for putting this information in the cloud particularly, or is it just that Dropbox is what storage you have? If the latter, why not go get a portable USB drive and use that instead? Dropbox Basic limits you to 2 GB of space, while Dropbox Plus and Professional each have a 1 terabyte limit. You can get a Western Digital 4 terabyte external USB hard drive for around $110.
There is only one success - to be able to spend your life in your own way. (Christopher Morley)
rav2fi
Posts: 39
Joined: Fri Jan 02, 2015 10:15 am

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by rav2fi »

But can you access these files from the browser from a different computer?
jebmke wrote: Thu Jan 11, 2018 3:44 pm For clusters of small, related documents I combine them in a 7Zip file with a long encryption key.

For a general encryption, I have used Boxcryptor with good success. It takes a bit of time to set up but once it is set up it is pretty much hands off.
jebmke
Posts: 25476
Joined: Thu Apr 05, 2007 2:44 pm
Location: Delmarva Peninsula

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by jebmke »

rav2fi wrote: Fri Jan 12, 2018 2:34 pm But can you access these files from the browser from a different computer?
jebmke wrote: Thu Jan 11, 2018 3:44 pm For clusters of small, related documents I combine them in a 7Zip file with a long encryption key.

For a general encryption, I have used Boxcryptor with good success. It takes a bit of time to set up but once it is set up it is pretty much hands off.
In the first case, if I have a different computer that has 7Zip or another program that can read 7Zip files, all I need is the key to open them up and look at them.

In the second case, I would need Boxcryptor to be running on the second computer. I have tested this with a virtual machine and it works fine. I can store and encrypt documents in the cloud or my NAS and access them from another machine.
Don't trust me, look it up. https://www.irs.gov/forms-instructions-and-publications
H-Town
Posts: 5911
Joined: Sun Feb 26, 2017 1:08 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by H-Town »

lightheir wrote: Fri Jan 12, 2018 2:04 pm There's a lot of panaroia and nuts about computer security. Sure, you have to take precautions, but be reasonable about it.

The odds of someone successfully impersonating you do to a sophisticated hack into your accounts is farrrrrrr lower than the criminals going after the credit card repository of a small business. You are only one individual, so unless you're a celebrity, or you leave your account totally vulnerable, it's not worth the time to break into your stuff to steal your W-2s and tax returns. Seriously, how often does this form of cyberimpersonation come up in the news?

Encrypt your stuff with a good password, use reliable vendors, and you're pretty good, unless you're super wealthy, celebrity, or have stuff like lists of cc numbers that thieves could use. Else, contrary to your belief, your files are super-low in terms of targeting for criminals. It's a lot easier to hit a small business where there are many more weakness points and much more usable data.
^ I agree with this.

Bad guys want to come after me? Come and take it.

Just don't use public wifi to upload/email sensitive documents. Don't use public wifi at all if you wants to access bank or investment accounts.
Time is the ultimate currency.
DrGoogle2017
Posts: 2528
Joined: Mon Aug 14, 2017 12:31 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by DrGoogle2017 »

wfrobinette wrote: Fri Jan 12, 2018 12:44 pm
DrGoogle2017 wrote: Fri Jan 12, 2018 11:29 am I never used Cloud anything, yet I was told some of my pictures were going over the limits on my iPad, they want me to pay more. I’m nervous about these things I don’t know. So I deleted them. Honestly, sometime I just want to go back to the Stone Age.
Cloud is great for pictures. Amazon has free unlimited photo storage if you're a prime member.
I’m but I don’t care. I might get rid of prime someday. Honestly, I don’t know how I was a prime member in the first place.
2015
Posts: 2906
Joined: Mon Feb 10, 2014 1:32 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by 2015 »

Making an assessment by using a word such as "paranoia" does not change reality, even were it possible to know the extent of that reality as it relates to the state of cloud security (on a number of levels), which it is not.

OTOH, do what's most comfortable and what works for you.
inbox788
Posts: 8372
Joined: Thu Mar 15, 2012 5:24 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by inbox788 »

jebmke wrote: Fri Jan 12, 2018 2:38 pmIn the second case, I would need Boxcryptor to be running on the second computer. I have tested this with a virtual machine and it works fine. I can store and encrypt documents in the cloud or my NAS and access them from another machine.
I'm not sure why Boxcryptor is any more secure, especially if you knew it was made and run by the BND (Bundesnachrichtendienst). Are you seriously going to trust your data to a company with Stefan and Boris? (sounds like made up names like John and Jane Doe) Would you have as much trust if the developers were in Russia or China? At least with open source apps like Cryptomator, you have a chance to find backdoors and vulnerabilities, but there are weaknesses there as well.

https://www.boxcryptor.com/en/who-we-are/
http://www.backupreview.com/cryptomator ... oud-files/
Jeff Albertson
Posts: 904
Joined: Sat Apr 06, 2013 7:11 pm
Location: Springfield

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by Jeff Albertson »

Dropbox and Google Drive encrypt your data both on their servers and also when the data is in transit. For very sensitive data, extra measures probably make sense, but for the typical user, I don't know.
Dropbox https://www.dropbox.com/security
compare https://www.virtru.com/blog/dropbox-encryption/
inbox788
Posts: 8372
Joined: Thu Mar 15, 2012 5:24 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by inbox788 »

Jeff Albertson wrote: Sat Jan 13, 2018 7:03 pm Dropbox and Google Drive encrypt your data both on their servers and also when the data is in transit. For very sensitive data, extra measures probably make sense, but for the typical user, I don't know.
Dropbox https://www.dropbox.com/security
compare https://www.virtru.com/blog/dropbox-encryption/
Where are the keys stored, and how was "the man in the cloud" able to get to them? Looks like they somehow bypass that.

https://www.darkreading.com/cloud/man-i ... id/1321501

Encryption of all data before it's uploaded seems to be the only solution.
tranquility
Posts: 45
Joined: Sun Oct 18, 2015 9:48 pm

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by tranquility »

Crashplan enterprise has a slightly better security model; the encryption key remains local;plus they offer unlimited storage.
gotester2000
Posts: 620
Joined: Sun Nov 12, 2017 12:59 am

Re: Keeping sensitive documents in the cloud -- bad idea?

Post by gotester2000 »

nick evets wrote: Fri Jan 12, 2018 1:30 pm
gotester2000 wrote: Fri Jan 12, 2018 12:29 pm Cloud is basically keeping your data on somebody else's machine(s). Why do you need to worry so much, waste time in encryption, upload,sync - constantly sync with changing formats and platforms - use paid services for these is beyond me. For me, life is more enjoyable with no clutter. If it matters I have spent a pretty long time in technology.
Well....A couple reasons. First, there are some legitimate concerns re: co-locating your back-up, in terms of disaster and security. Second, many devices already leverage 'cloud' storage (smartphones, tablets, etc., etc.) so you're not adding complexity -- you're removing it. It's also extremely handy to have shared file-space with one's spouse/partner, so files either of us might need are always available when we have internet access.

Finally, I don't need to worry about encryption, sync and back-up schedules, changing formats and platforms -- that's the entire point of offloading the storage to a cloud provider. Make sense?
I think the point related to encryption was related while storing data in the cloud. If the documents are really sensitive I do not store them in the cloud - I dont even know how many copies/different locations/machines my data will be distributed.
I find it sufficient to hold my minimal important data in a storage device offline and I purge it periodically as I do my other physical things. I think the whole data thing is blown out of proportion to create the need of availing such services.
Majority of people will not agree to this approach but I feel having less clutter means I can focus more on living my life.
Post Reply