Carbonite

Bottom line: Excellent and comprehensive online backup with easy remote file access, exclusive discount
MyPCBackup

Bottom line: Unique combination of unlimited backup, file syncing across computers, cloud storage and external drive backup
Mozy

Bottom line: Great low-cost online backup with exclusive discount; can back up external drives
LiveDrive Backup

Bottom line: Simple and cheap backup that lets you use unlimited storage space for one computer; nice service for backing things up on the go
SugarSync

Bottom line: Best combination of online backup, cloud storage and multi-device sync; free 30-day trial
JustCloud

Bottom line: Easy to use unlimited backup for one computer, external drive backup and multiple-system syncing abilities
SpiderOak

Bottom line: Most secure, customizable, streamlined file backup for advanced users
SOS Online Backup

Bottom line: Packed with new features, includes 5 computers and local backup; nice interface, savvy mobile apps, and social media backup
IDrive

Bottom line: Solid backup with a lot of configurability; no mobile app access or file sharing
ElephantDrive

Bottom line: Solid online backup with file sharing and the ability to back up to 3 computers, though the interface is not the best
Norton Online Backup

Bottom line: Fast and transparent browser-based backup with file sharing; infrequent backup schedule
IBackup

Bottom line: Geared towards businesses; Exchange and SQL backups; compliance for financial, medical companies
Dropbox

Bottom line: Well-priced solution for file sharing and collaborative work; not true automated backup solution

Enter your email address to receive NextAdvisor.com Daily Blog updates:

Categories


Blog Archives


Should you manage your own online backup encryption key?

November 12th, 2009 - Posted by Kent

When you use an online backup service like Mozy or Carbonite, your data is encrypted before it leaves your computer. This makes your data essentially indecipherable to hackers, should they somehow be monitoring your Internet connection. The software itself manages the encryption and the service will have your encryption key. Now according to Carbonite's Help section they keep: "your encryption key in a database that is itself encrypted, isolated, and accessible only to a handful of trusted employees."

If you don't like that idea, there is another option: your own private encryption key. You create it, you maintain it, you keep it. This is different from a password; it's the virtual 'secret decoder ring' that turns the encrypted gobbledygook into readable data. While this sounds more secure, and really it is, there are disadvantages. The first one being the line above: "You create it, you maintain it, you keep it." In other words: if you lose it, you're sunk. Really sunk. Irrecoverably so. There's no option to have the key reset or sent to you. No one has it but you.

This is why Carbonite recommends against it for most users, and why they say that if you do want to manage your own key you should "store at least two separate copies of the key on removable media, and store at least one copy of the key in a separate physical location, such as a safe deposit box."

Another disadvantage is that it can limit your ability to access your files remotely from a web browser.

Of course there could be legal reasons why you need your own encryption key. Perhaps you backup sensitive customer data for your business such as medical records or credit card numbers (in which you case, you might want to look at IBackup). Or maybe you're an international secret agent. Or a criminal. People have their reasons. We don't ask.

Still, for most people the trouble of creating the key, and risks of losing it, probably outweigh the advantages. So when you're installing your online backup service, chose to let the service manage the key for you. Of course you can always change your mind later (though you'll have to run your entire backup again).

6 Responses to “Should you manage your own online backup encryption key?”

  1. Nadya Says:

    I am wondering if you would be interested in reviewing a new CloudBerry Online Backup powered by Amazon S3 with strong data encryption, friendly user interface and scheduling capabilities. You can download it at http://cloudberrydrive.com/

    Nadya,
    CloudBerry Lab team

  2. Brent Says:

    Does sugarsync like carbonite and mozy encrypt your data before it leaves your computer?

  3. Are the backup services vulnerable to hackers? - NextAdvisor Daily Says:

    [...] Those who are particularly concerned about their data being unencrypted can choose their own encryption key. We talked about that a bit in an earlier blog post. [...]

  4. Concerns raised about Amazon’s Cloud Drive and privacy - NextAdvisor Daily Says:

    [...] But let's take a step back. In the end, much of it comes down to user responsibility. Everyone should know by now that copyright violation is illegal. Amazon's Cloud Drive is primarily meant as storage for MP3s legally purchased or ripped from CDs owned by the account holder. Stick to that, and you'll be fine. Cloud Drive is not a great online backup service for other files because it's not automatic. Those worried about Amazon sniffing through their personal files would be better off going through a service like Carbonite, Mozy or IDrive which handles automatic backup and lets you manage your own personal encryption key. That way no one but you can read your files—just don't lose your encryption key. [...]

  5. amazon mobiles online Says:

    I will right away take hold of your rss as I can not in finding your email subscription hyperlink or newsletter service. Do you have any? Please let me realize so that I may just subscribe. Thanks.

  6. Quinton Steinbrecher Says:

    You made some clear points there. I did a search on the issue and found most individuals will consent with your website.

Leave a Reply

Recent Comments



Disclosure: NextAdvisor.com is a consumer information site that offers free, independent reviews and ratings of online services. We receive advertising revenue from most of the services we review. Our editors thoroughly research and whenever possible test each service we review and offer their honest opinions about each one. We are independently owned and operated and all opinions expressed on this site are our own.