General discussion

Cloud Encryption

By udlondy ·
I chatted with a staff from Google, about the encryption systems that Google applies to customer data. I was amazed that the personnel said Google does not apply any encryption methods to user data. Data is saved as it were on Google drive.

I went on to check on Onedrive, and realized also that Microsoft does not have an encryption system applied to cloud stored data on Onedrive.

Then, Dropbox is the one who applies encryption to data. However, Dropbox keeps the decryption key within the server and does the decryption by themselves when a user downloads their data.

Please can someone throw more light as to why all these? I thought the cloud providers were supposed to encrypt all data stored on their servers? And, for any access to the encrypted file, a decryption key is applied?

Thread display: Collapse - | Expand +

All Comments

Collapse -

Why woud you think that these places encrypt data?

by OH Smeg Moderator In reply to Cloud Encryption

They just store it and it is the owners who are responsible for whatever they put into that part of the Cloud and how they keep it safe.

All of the listed places allow unencrypted Data to be sent to them and when it is requested back it goes through as Unencrypted end of story.

So there is no security to sending or receiving data from these Cloud Backup Places and I do not believe that any have ever claimed that the data was secure just that others will find it very difictult to read the data on their servers without the User Name and Password.

Collapse -

Because the user has entrusted them with their sensitive Data!

by udlondy In reply to Why woud you think that t ...

Thank you Smeg!

Now, what would you advice a user on the most appropriate security measure to safeguard their data in the cloud?

Collapse -

pply thieir own encryption

by OH Smeg Moderator In reply to Because the user has entr ...

At the HDD Level and not think that anyone else will do it for you.

They simply can not and will not.

Collapse -

Apply their own encryption

by udlondy In reply to pply thieir own encryptio ...

Please can you guide me on how I can apply encryption at HDD level?

Collapse -

Just Google Full Disc Encryption

by OH Smeg Moderator In reply to Apply their own encryptio ...

It will tell you everything you need to know.

Collapse -

Consider End-to-end Encryption

by RBPV In reply to Cloud Encryption

All these cloud services can see your data. And that's dangerous. If their servers are breached, or your or their admins are attacked, all bets are off. Look at CapitalOne -- an AWS admin found a misconfigured firewall and got to lots of plaintext data.

The solution is end-to-end encryption, where the server is simply a repository for encrypted data. Information is encrypted/decrypted in the client, not the server. So that only you and your recipients -- never the cloud provider -- can see the data. There are not many of these, but they are available. I frankly believe we'll see much more in the way of E2EE services going forward.

Collapse -

End-to-End Encryption

by udlondy In reply to Consider End-to-end Encry ...

Thank you RBPV.

Those end-to-end encryption e.g Cryptomator, its not clear if actually the client or the user is in charge of the security. All the user have is a password into the application, and then you encrypt your data with the application and store to the cloud. How do you verify absence of backdoor? Or, that they actually zero knowledge?

Related Discussions

Related Forums