With advent of users having multiple devices and the need to consolidate data in a single place for it to be available on all those devices, online cloud storage services like Dropbox, Wuala, Google Drive, Skydrive, Box, etc have come up. I have only considered the free services.
Each of these services has their own advantages and disadvantages. From my experiments on which is mostuseful, I have found that these services are very convenient, robust and have encryption for data transmitted to them. You can compare them for key features listed in the table below.
Before selecting a service, put your thoughts behind the following key objectives to achieve:
|#||Objective||Questions to ask yourself|
|1||Availability>||Is it available on multiple devices? What if I am travelling and have access only to a cell phone? Does the service provider have client software for all the device platforms that I use? For example, is there a client for android, windows, linux?|
|2||Data secure during transmission||Is the data you send to the storage service encrypted while it is transmitted from your device?|
|3||Data secure at rest||Is the data you store on the storage service, encrypted and secure at rest? What do I need to additionally do, to ensure that it is secured from the prying eyes of the storage service?|
|4||Data Sharing||Can the data be shared by more than one individual without sharing your password? This is intended to help you in dire situations like you do not have access, but your trusted family member can have access to the data if you are not available.|
|5||Application Access||Can an application access the data? Services like Google Drive or Dropbox have APIs that faclitate that.|
|6||Use your own layer of encryption||Can you use another layer of encryption with utilities like truecrypt, encfs to enable encryption?|
|7||Space offered||How much space can you get? Do you get enough space to meet your needs for the time horizon you need?|
Based on the above parameters, I drew up the table below to summarize the key findings:
|Encrypted at rest||✔||✘||✔||✔||✔|
|Encrypted in transit||✔||✔||✔||✔||✔|
|Application Access||✔||✔||✘||✘||✘ #|
|Need own layer of encryption||✔||✔||✔||✔||✔|
|Space offered in GB||2 GB||15 GB||5 GB||2 GB||10 GB|
|Score(1=Best, 2, 3)||2||3||1||2||3|
* Linux does not have a GUI based client. It shows your online folder in the file manager.
# Box allows applications API for their non-free version.
Of all the above, I was most happy with Wuala. Wuala is owned by Lacie (the storage device company), and they state clearly that the data they store leaves your computer or device after it has been encrypted by you. They do not have the ability to read it, as you already encrypted it when it left your device. Another major advantage for Wuala was that your privacy is paramount. Compared to Google Drive, this was too good, and it is worthwhile to settle for 5 GB in place of 15 GB for that advantage over Google Drive. A similar claim was made by Spideroak. However, you can use it if they have fixed their Android application. A server outside the US is a plus for Wuala.
Additional Layer of Encryption
Even though we are good with the services, we still get that niggling doubt that we need an additional safeguard to protect our data from storage service providers. The best method to do that is to add one more layer of encryption that you require as per your need before you store the data on the online repository. To do that, I use:
3. Gnu Privacy Guard
Each of the above presents their own level of safeguard. Gnu Privacy Guard would be the best as it supports a public & private key mechanism without requiring a 3rd party to issue you your private key. Use this for the most sensitive of your documents. However, make sure you understand it well.
TrueCrypt sets up a container file hat can contain all files or folders you encrypted with TrueCrypt. The container must be decrypted only on your device. Not on the cloud.
EncFS is another interesting software that encrypts the data, but it encrypts each file and folder separately. It stores them in an encrypted folder. Those folders are visible to everyone, but they cannot read the data or guage the contents. It does encryption on the fly.
A Word About Privacy Concerns
Google Drive was the best on space – 15 GB for free. However, Google takes an exclusive right on your content whereby, your content can be used by Google to create derivative works for free. Not a good sign for those who write books and use the service to store such works on Google Drive. No wonder 15 GB is free! You give up your creations to Google for free!
It is important to note that you try to ensure that decrypted data is available only your device and is not decrypted on an online folder. If that happens, you do not get the protection you require.
When you use Google Drive, tools such as google-drive-ocaml on Linux, serve up the files on Google Drive as links on your computer. In case of Wuala, Dropbox or Spideroak, those files are synchronized to your device into a designated folder. Put in another layer of encrypted using software like EncFS, TrueCrypt or Gnu Privacy Guard for peace of mind solution.
In terms of performance, Google Drive was the slowest from any device. Possibly, due to the millions of users it has. The others beat it pants down lol.
In future posts, I will show you how to implement the above directions for Google, Wuala using EncFS for added protection.