Chances are you probably use a cloud service to store at least a portion of your files.
Dropbox. iCloud. Microsoft’s OneDrive. Mega. Box.
There’s so many of them these days. And a few of them, like Switzerland-based Tresorit, focus heavily on privacy and security to keep your data safe.
But let’s be honest– privacy is definitely not a top priority among most of the top cloud providers.
Dropbox states right on its own website that the company has direct access to your files.
Sensitive company data. Financial records. Intimate photos. Personal information. Password files. Cryptocurrency keys.
And even if you delete the files, the backup copies are STILL stored on Dropbox’s servers.
(It’s not just Dropbox– most of the major cloud services operate this way.)
This presents a significant amount of risk from multiple fronts.
Hacker threats are nearly ubiquitous these days.
Hardly a month goes by without another announcement of some major data breach… and we only hear about the big ones in which millions of people are affected.
One of the latest hacker trends is when attackers gain control of your mobile devices by calling up your mobile carrier and convincing them that they’re you.
This allows them to reset passwords and easily gain access to your emails and files.
Then of course there are legal risks.
If you’ve never been sued, congratulations. Let’s hope it stays that way.
If you have been sued, congratulations. It means that at least someone thinks you’re successful. Broke people typically don’t get sued.
Bear in mind that the ‘justice’ system today has very little to do with justice.
It’s about government prosecutors or some twisted, amoral, money-hungry lawyer convincing 12 strangers on a jury that you’re a terrible person.
And during the discovery process of a lawsuit, EVERYTHING is up for grabs. A court can literally subpoena your entire life, including your emails, files, financial records, etc.
Chances are they can find something in all that data to make you look bad.
Then there’s the other never-ending issue of government spying and the NSA archiving every kilobyte of data that passes across the Internet.
It might be easier to simply CC the government on every email you send and add their email address as an authorized user of your Dropbox account.
Despite all these known risks, though, and the constant stream of stories about hackers and government spying, few people take steps to safeguard their data.
(As an example, according to a study by Keeper Security, the most common password is 123456. Not exactly hacker-proof.)
But there are some very simple tools available that can help.
One of them is called Cryptomator, which came to my attention from a close friend of mine who works in the US Army’s cyberwarfare divison, which was established to defend government systems against foreign hackers.
Cryptomator is free, simple program which encrypts every single file you store on a cloud server.
Let’s say you use Dropbox to sync files between your laptop and the cloud.
Ordinarily, your files are stored unencrypted on your laptop, and they’re accessible by certain Dropbox staff through the cloud servers.
Cryptomator encrypts the files on BOTH ends, i.e. the file that’s stored on the Dropbox servers is encrypted, AND the file stored locally on your laptop is encrypted.
Dropbox employees who try to access your data would see nothing but gibberish.
And anyone who gains physical access to your laptop would see nothing but gibberish.
Only you have the ability to unlock the files.
Now, this sounds like a cumbersome process… having to constantly encrypt and decrypt files, enter passwords, etc.
But it’s not. Cryptomator has created a streamlined platform where you can group files together in ‘vaults’.
Then you can decrypt an entire vault, attach it to your file system, and easily re-encrypt it when you’re finished.
You can see an example in this video.
Try it out if you’re interested; the software is free, available on Mac OS, Windows, Linux, Android, and iPhone.
Plus it’s open-source, meaning that anyone who knows the Java programming language can download the source code and verify that the software contains no backdoors or malware.