I have written a number of times about security and online data and similar topics. Many people do not trust the various online backup services. Indeed, I don't trust them either. However, that doesn't mean that I won't use them. By using just a little bit of caution, you and I can safely back up our most sensitive information anyplace without risk of exposing our "secrets" to others.
In fact, in my mind, the biggest risk is not online. I don't have access to any meaningful statistics, but I suspect that more data gets stolen from PCs installed in the home than from any other single source. If you make your data at home secure, you can then safely and securely save it on the Internet as well.
I have NOTHING stored in plain text on my own computer's hard drive that is super sensitive. Everything that I want to keep private, such as credit card numbers, bank account information, and similar information, is already encrypted while stored on my own computer's hard drive. While I do trust my family members, I do not trust their friends who visit the house nor do I trust the various plumbers, carpenters, electricians, and occasional salespeople who are in the house, sometimes when I am not at home. I especially do not trust babysitters. I also do not trust hackers in this world who try to connect to home computers via the Internet and hack into home PCs, which happens often. (See the note about remote hackers at the end of this article.)
I encrypt all my sensitive information BEFORE STORING IT ON MY OWN HARD DRIVE. When those files get backed up by any online service, they remain encrypted with AES-256 security. Not even the backup service's employees can crack into them.
The information I encrypt includes anything with credit card numbers, bank account information, and even a few email messages. I probably encrypt less than 1% of my files. For the other 99% of my files, I don't care if some would-be criminal decodes them. If the hacker wants my chili recipe or my calendar for the coming year or my newsletter articles (which are already available online), let them have fun decoding them.
If I use an online backup service (Mozy, Backblaze, CrashPlan, DropBox, SugarSync, Apple's iDisk, Amazon Cloud, or any other, similar service), the sensitive files being copied are already encrypted BEFORE they are sent to the online service. With most services, they are encrypted a second time but I do not rely solely on that second encryption. If a hacker intercepts those files or later manages to access the online files stored on some remote server, there is almost no risk. The files are already encrypted and, if I did everything properly, there is very little risk of a hacker decoding them.
Is this a perfect solution? No. Absolutely not. Nothing is ever perfect. There is always a remote chance of someone finding a new security hole. However, I still use online backup services every day and I am quite certain nobody can decode any of my (few) secrets. It certainly is much safer than storing unencrypted data on my own hard drive on the computer in my home.
Do you have sensitive information stored on your hard drive at home?
Luckily, encrypting files is easy to do and there are dozens of encryption/decryption programs to choose from. Most of them are available free of charge. Here is a sample list although you can find more:
Macintosh
Crypt at http://goo.gl/zjK7W is a native Mac OS X application for encrypting and decrypting files or folders with a password of your choice. Crypt uses 256bit AES encryption in cipher-block chaining mode. The encryption format is open and can be decrypted on any platform that has openssl, tar and zip. It also supports securely erasing the original unencrypted files and folders.
Mac GNU Privacy Guard (Mac GPG for short) at http://goo.gl/8g8g3 is a free Mac OS X port of GnuPG, licensed under the GNU GPL. It is easy to install and use.
iProtector at http://goo.gl/clYrB protects sensitive documents, database, excel, PDF, pictures and sound files stored on your hard drive. iProtector can lock and unlock files and folders in over 20 different powerful encryption formats. Shareware for $9.99.
AutoCrypt is available in the Mac App Store for $6.99.
Windows
Crypt at http://goo.gl/jSNco is the Windows version of the program of the same name mentioned earlier. It is free and very secure.
AES Crypt at http://goo.gl/PcY2T is a free file encryption software product available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) 256-bit encryption algorithm to easily and securely encrypt files.
AxCrypt at http://goo.gl/uIXUM is a free personal privacy and security program with AES-128 file encryption and compression for Windows 2000/2003/XP/Vista/2008/7.
USB Secure at http://goo.gl/dmAXS will secure your files in portable drives and also password protect USB drives and external drives. It costs $29.95.
NOTE: The Windows operating system can use Microsoft's Encrypting File System (EFS) to encrypt files stored on your computer's hard drive. It is a very heavy-duty encryption method. However, it also blocks encrypted files from being copied elsewhere. Most backup programs will not copy files protected with Microsoft's Encrypting File System.
NOTE #2: BitLocker Drive Encryption is a newer method supplied by Microsoft to encrypt entire disk drives. While powerful and secure, it is not a method of encrypting individual files for backup purposes.
NOTE #3: The WinZIP, PKZIP, and several other ZIP file compression programs have an option to "scramble" files. This is not as secure as a heavy-duty encryption program but probably will suffice for keeping 99% of the hackers from viewing your files. Don't use it for anything that is extremely sensitive, however.
Encrypting individual files serves multiple purposes: it protects your sensitive information at home as well as when using any sort of file backup service online.
A NOTE About Hackers Connecting to Your Computer at Home: You can obtain any of several firewall programs that will report connection attempts by other systems to your computer. Just for your own information, install one of those in your home computer and then connect it to the Internet without any firewall or router in between. Connect the computer directly to the Internet. I suggest you do this only with an older computer that contains a newly-reformatted hard drive, one that contains absolutely no information about yourself. If you watch the log file of attempted connections, you will see dozens of connection attempts, most of them from third-world countries, such as Pakistan, Uzbekistan, Moldavia, Bangladesh, the Philippines, and similar countries.
In most cases, these are not individuals attempting to connect to you manually. Instead, someone is running an automated script that scans the networks, looking for "open computers" that can be compromised. If a connection attempt succeeds, a human will later manually visit your computer remotely and look for "interesting" information. Luckily, such connection attempts can easily be thwarted by any good firewall or most all routers, such as the one that may already be installed on your DSL, cable modem, or Internet fiber optic connection. Software firewalls used to be popular but have declined in usage as hardware firewalls built into routers have improved.
If you enjoyed this article, Tweet it, share it on Facebook or on your preferred social network. Republishing of this article in newsletters, blogs, and elsewhere is allowed and encouraged. Details may be found at http://goo.gl/hoHH1.
Of course, if you haven’t done so already, you should join my email newsletter mailing list to stay current on my latest articles and announcements. You can also cancel at any time within seconds. I promise to never, ever send you any unrequested e-mail, other than newsletter updates.
