Categories
Blog Archives
Should you manage your own online backup encryption key?
November 12th, 2009 - Posted by Kent
When you use an online backup service like Mozy or Carbonite, your data is encrypted before it leaves your computer. This makes your data essentially indecipherable to hackers, should they somehow be monitoring your Internet connection. The software itself manages the encryption and the service will have your encryption key. Now according to Carbonite's Help section they keep: "your encryption key in a database that is itself encrypted, isolated, and accessible only to a handful of trusted employees."
If you don't like that idea, there is another option: your own private encryption key. You create it, you maintain it, you keep it. This is different from a password; it's the virtual 'secret decoder ring' that turns the encrypted gobbledygook into readable data. While this sounds more secure, and really it is, there are disadvantages. The first one being the line above: "You create it, you maintain it, you keep it." In other words: if you lose it, you're sunk. Really sunk. Irrecoverably so. There's no option to have the key reset or sent to you. No one has it but you.
This is why Carbonite recommends against it for most users, and why they say that if you do want to manage your own key you should "store at least two separate copies of the key on removable media, and store at least one copy of the key in a separate physical location, such as a safe deposit box."
Another disadvantage is that it can limit your ability to access your files remotely from a web browser.
Of course there could be legal reasons why you need your own encryption key. Perhaps you backup sensitive customer data for your business such as medical records or credit card numbers (in which you case, you might want to look at IBackup). Or maybe you're an international secret agent. Or a criminal. People have their reasons. We don't ask.
Still, for most people the trouble of creating the key, and risks of losing it, probably outweigh the advantages. So when you're installing your online backup service, chose to let the service manage the key for you. Of course you can always change your mind later (though you'll have to run your entire backup again).
6 Responses to “Should you manage your own online backup encryption key?”
Leave a Reply
Popular Services Reviewed:
Credit Monitoring Services |
Find Us On:
Copyright© 2006 - 2012 NextAdvisor.com - All rights reserved.
Disclosure: NextAdvisor.com is a consumer information site that offers free, independent reviews and ratings of online services. We receive advertising revenue from most of the services we review. Our editors thoroughly research and whenever possible test each service we review and offer their honest opinions about each one. We are independently owned and operated and all opinions expressed on this site are our own.
November 13th, 2009 at 2:59 pm
I am wondering if you would be interested in reviewing a new CloudBerry Online Backup powered by Amazon S3 with strong data encryption, friendly user interface and scheduling capabilities. You can download it at http://cloudberrydrive.com/
Nadya,
CloudBerry Lab team
December 30th, 2009 at 10:18 pm
Does sugarsync like carbonite and mozy encrypt your data before it leaves your computer?
January 5th, 2010 at 10:57 am
[...] Those who are particularly concerned about their data being unencrypted can choose their own encryption key. We talked about that a bit in an earlier blog post. [...]
March 31st, 2011 at 11:20 am
[...] But let's take a step back. In the end, much of it comes down to user responsibility. Everyone should know by now that copyright violation is illegal. Amazon's Cloud Drive is primarily meant as storage for MP3s legally purchased or ripped from CDs owned by the account holder. Stick to that, and you'll be fine. Cloud Drive is not a great online backup service for other files because it's not automatic. Those worried about Amazon sniffing through their personal files would be better off going through a service like Carbonite, Mozy or IDrive which handles automatic backup and lets you manage your own personal encryption key. That way no one but you can read your files—just don't lose your encryption key. [...]
April 25th, 2011 at 3:59 pm
I will right away take hold of your rss as I can not in finding your email subscription hyperlink or newsletter service. Do you have any? Please let me realize so that I may just subscribe. Thanks.
January 7th, 2012 at 2:02 am
You made some clear points there. I did a search on the issue and found most individuals will consent with your website.