Encrypting the cloud.

Mattis
Mattis
Community Member

Good afternoon everybody,

I really love 1Password for password management. It works very great & simple. 1Password is a password management software, and now I am asking me the question? How can I secure my Cloud? I use very, very popular Clouds like iCloud, OneDrive and Google Drive.

I saw a software which is Made in Germany called "Boxcryptor" and I try it out. Now the question is: how secure is "Boxcryptor" does anyone here have any experiences with it?

And how about saving the encryption key in 1Password? Is this a good idea - or should I save the key another way?

I hope I didn't violate the forum rules with this post. I don't want to advertise any service or any software.

Stay safe and healthy!

Thanks for reading!

Mattis


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Mattis
    Mattis
    Community Member

    The reasons why I want to encrypt the cloud is simple. Because of privacy & data protection. In some countries, the laws are even such that the cloud providers have to hand over the data upon request of the authorities - even if there is no court order.

  • DenalB
    DenalB
    Community Member

    Hi @Mattis !

    Did I understand correctly? Do you want to save your local 1Password vault as an encrypted file in the cloud? Or is it a general question for saving files as encrypted files into the cloud? If you want to save your local vault encrypted in the cloud how would you be able to access your vault in maybe iOS app?

    I don't use "Boxcryptor". I'm using "Arq Backup" to encrypt all of my files and save them as backup into the cloud. In my case I'm using Microsoft OneDrive to store my backups. But for privacy concerns I want to have all of my files encrypted there. ;)

  • Mattis
    Mattis
    Community Member

    Hi @DenalB! :)

    Thank you for your answer. No, It's a general question for saving files as encrypted files in the cloud. For 1Password I am using an 1Password account. I am not storing my vault locally. It was about - it is a good idea to store the key which Boxcryptor uses to encrypt / decrypt my data to the cloud in 1Password.

    At your last point: That's exactly my concern - I also use Microsoft OneDrive because of Microsoft365 which includes 1 TB of cloud storage.

    I don't trust Microsoft or Google because the companies are to be able to decrypt the data, when I upload my data unencrypted. I believe the data is in both cases encrypted on the server, but the companies does own a key to decrypt. :|

  • DenalB
    DenalB
    Community Member

    Hey @Mattis !

    I don't trust Microsoft or Google because the companies are to be able to decrypt the data, when I upload my data unencrypted.

    These are exactly my thoughts. Although I think that our data is not worth being spied on by Microsoft. There are a lot of bigger targets to spy on like global firms... But, prevention is better than aftercare. ;)

    I'm using "Arq Backup" because I don't have to double my files in the OneDrive folder on my computer. I don't need OneDrive to be installed at all. "Arq Backup" is able to back up the files directly into OneDrive (and other clouds). I don't know how "Boxcryptor" is working. But I think that using "Boxcryptor" you have to copy all of your files and folders into the special Boxcryptor folder and then it will be uploaded into your cloud provider.

  • Mattis
    Mattis
    Community Member

    Hi @DenalB !

    You're absolutely right. There are bigger targets than any private person, but I am uncomfortable when I think about that any government could theoretically access my data. In the U. S. for example the authorities could get access to the cloud, even without a judge's order. I believe that's not good because this requires to have a master key. Microsoft or any other company which this law applies - needs to have this kind of key, when they don't encrypt the data-end-to-end. So, this kind of key would be a very nice target for criminals or hackers. Just think what could happen, when someone gets the Dropbox master key. I don't want to think about this. It's a worst-case scenario.

    But I believe the Cloud is not just something in the sky, when I put data into the Cloud I don't just want to see out my window to look for the data which flies in the Sky. I want to keep my data mine. I don't want that any company could access my personal information. Any government should require end-to-end-encryption by law.

    Of course, law enforcement is really important, but I don't think that any authority has the right to access data without any order by a court.

    To come back to your point with Boxcryptor: You're right. Boxcryptor does create a folder, which includes a folder with your Cloud services you use. You just drag and drop your files you want to secure into the Boxcryptor folder and then Boxcryptor will encrypt these files and the cloud service will upload the encrypted files into the Sky. The cloud service provider doesn't know what's going on. :+1:

    For me, It works fantastic! :)

    Mattis

  • DenalB
    DenalB
    Community Member

    For me, It works fantastic!

    And that's the point! If you are happy and comfortable with this solution, you are absolutely right! :+1:

This discussion has been closed.