A Defensive Computing Checklist    by Michael Horowitz
NOTE: I gave a presentation on Defensive Computing at the HOPE conference in July 2022
HOME | Full Site Index | Domain Names | VPNs | iOS | Android | About | Rules of the Road | DC Presentation |

SECURE FILE SHARING AND STORAGE

To me, the one thing makes a file storage and file sharing system secure, is whether the employees of the company providing the service can read your files.

The official buzzword that indicates secure file storage is end-to-end encryption.

These file storage companies can read your files

  1. Google Drive
  2. Microsoft OneDrive
  3. Dropbox
  4. Apple iCloud (Note this is changing in iOS 16.3

These file storage companies can not read your files

  1. Spider Oak
  2. Tresorit
  3. sync.com
    • Steven Gibson uses sync.com and is happy with it
    • A free account comes with 5GB of storage. The cheapest paid account offers 200GB for $5/month
    • Yes, of course, they sync your files across multiple devices but they also have a Vault feature which does not sync. That is, the Vault is just for backup.
    • Sync.com review: Superb, simple online device sync and backup by Jon Jacobi for PC World March 2, 2023. Surprisingly, this review says nothing about the end-to-end encryption.
  4. Proton Drive As of March 2023, the free tier offer 1GB of storage. The cheapest paid option is $4 US/month for 200GB of storage. Pricing can be confusing because Proton offers many different services and they bundle them.
  5. Skiff Drive As of March 2023, the free tier offers 10GB of storage. The cheapest paid option is $8 US/month for 100GB of storage. Their software runs on Android, iOS and macOS. Not Windows. They say nothing about whether their system works in a browser.
  6. Mega As of March 2023, the free tier offers 20GB of storage. The cheapest paid option is $10.65 US/month for 2 Terrabytes of storage.

Backblaze is a major player in the field, with many options, including end-to-end encryption. If you want the best security with Backblaze, you have to pay attention and enable that feature. Their terminology for end-to-end encryption is sloppy. I have seen them call it "Private Key" and "Private Encryption Key" and "user-selected passphrase". Ugh. See their page on encryption and this other page of theirs: Why does the Backblaze website need my private encryption key to restore? (May 2, 2022)

 

 This page: 7 views per day (over 50 days)   Total views: 325   Created: January 31, 2023
This Page
Last Updated

March 12, 2023
Site Page
Views TOTAL

 569,689
Site Page
Views TODAY

  237
Previous
Website View

2.6 minutes ago
Website by
Michael Horowitz
@defensivecomput
top
Copyright 2019 - 2023