By Rebecca Sommer | Cyber Security Writer
Zero knowledge encryption is the most secure way to use a public cloud. There have been many incidents in the past that show how important it is to protect your data in the cloud. While the top cloud storage providers do their best to ensure you that your data is safe – they do not provide a hundred percent data security – for legal or technical reasons, or for reasons that reflect their own interest. We explain what a zero knowledge cloud is and how you can turn Dropbox, OneDrive, Google Drive, or many other clouds, into one.
Problems with the cloud in terms of privacy
Many among us hesitate to use the cloud. The main reason often is that they do not want to give up control over their data. Password leaks and security issues of the last couple of years do not really help strengthen the trust that people have in the cloud. Additionally, most of the clouds are based in the US and therefore, the cloud providers have to comply with the CLOUD Act. Cloud providers have to give out your data when the authorities come knocking. Big cloud providers – in this case Microsoft – openly state that they scan, and in some cases access data:
We will access, disclose and preserve personal data, including your content (such as the content … in private folders on OneDrive), when we have a good faith belief that doing so is necessary to … comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
This shows beyond doubt that Microsoft, Google and the others are able to access your data, if they want to. Theoretically, at least some employees of cloud providers are able to access your data if they want to. This happened, for example, in the Capital One Breach, where a former AWS employee gained access to sensitive information about hundreds of thousands of customers. If you want to stay in control, the answer is zero knowledge. Boxcryptor, a software Made in Germany, can help you transform your current cloud storage solution into a zero knowledge cloud.
What is zero knowledge?
Zero knowledge became a part of common knowledge when Edward Snowden dismissed Dropbox and recommended zero knowledge clouds, such as SpiderOak, because the big cloud providers would not protect, or respect the client’s privacy. (One disadvantage with SpiderOak is, though, that complete zero knowledge cannot be provided on mobile devices).
Zero knowledge means that even the company providing you with this zero knowledge cloud or encryption is not able to access your data, because as soon as your password reaches their servers, it is encrypted. With Boxcryptor, for example, your password is hashed before it is sent. This means we have no information that would allow us to find out your password. Only if you use a very short and simple password, for example consisting of only two digits, we would theoretically be able to guess your password, and check it with the hash. With a strong, longer password this is not possible. With zero knowledge standard we identify you and verify your credentials when you log in, without ever knowing your password.
Additionally, nobody but you can access your data because only you hold the keys to decrypt it. Before you upload any data to the cloud, it is encrypted on client side. Your data never leaves your computer, laptop, or smartphone in plain text.
Advantages of an additional zero knowledge cloud solution:
- Highest possible control over your data
- The ability to use the most convenient and user-friendly clouds with highest security
- No need to “trust” your cloud provider
- Divided areas of expertise: The cloud provider is responsible for the physical safety and storage of your data, the encryption solution provides safety from data breaches and data privacy.
- Use your zero knowledge cloud storage for cheap, convenient and secure backup hosting
A harmful data breach becomes near impossible: Both the cloud provider and your encryption solution would have to be compromised at the same time. Since all your information is only available in encrypted mode at the encryption solution provider, the chances of that are non-existent.
Disadvantages of zero knowledge:
If you forget your password (in the case of companies your master password), all your data is lost
Cloud security is your responsibility – but easy to accomplish and we can help
The privacy of your data is your responsibility, since you are in control of the decision, where and how to store your data.
The good news is: It is very easy to accomplish data privacy in the cloud. It will be even more secure than your external hard drive (these things tend to break down or get lost while travelling. Or is that just me?) or the NAS in your company’s basement.
Zero Knowledge encryption software, such as Boxcryptor, turns your cloud into a fortress of privacy. Turn the most user-friendly clouds, such as Dropbox, Google Drive, OneDrive, or any other cloud, into a zero knowledge cloud to protect your data in the best way possible.