Carbonite
Rating:

Mozy
Rating:

SugarSync
Rating:

IDrive
Rating:

Norton Online Backup
Rating:

IBackup
Rating:

Box.net
Rating:

Enter your email address to receive NextAdvisor.com Daily Blog updates

Categories

Blog Archives

Should you manage your own online backup encryption key?

Posted by kent on November 12th, 2009

When you use an online backup service like Mozy or Carbonite, your data is encrypted before it leaves your computer. This makes your data essentially indecipherable to hackers, should they somehow be monitoring your Internet connection. The software itself manages the encryption and the service will have your encryption key. Now according to Carbonite's Help section they keep: "your encryption key in a database that is itself encrypted, isolated, and accessible only to a handful of trusted employees."

If you don't like that idea, there is another option: your own private encryption key. You create it, you maintain it, you keep it. This is different from a password; it's the virtual 'secret decoder ring' that turns the encrypted gobbledygook into readable data. While this sounds more secure, and really it is, there are disadvantages. The first one being the line above: "You create it, you maintain it, you keep it." In other words: if you lose it, you're sunk. Really sunk. Irrecoverably so. There's no option to have the key reset or sent to you. No one has it but you.

This is why Carbonite recommends against it for most users, and why they say that if you do want to manage your own key you should "store at least two separate copies of the key on removable media, and store at least one copy of the key in a separate physical location, such as a safe deposit box."

Another disadvantage is that it can limit your ability to access your files remotely from a web browser.

Of course there could be legal reasons why you need your own encryption key. Perhaps you backup sensitive customer data for your business such as medical records or credit card numbers (in which you case, you might want to look at IBackup). Or maybe you're an international secret agent. Or a criminal. People have their reasons. We don't ask.

Still, for most people the trouble of creating the key, and risks of losing it, probably outweigh the advantages. So when you're installing your online backup service, chose to let the service manage the key for you. Of course you can always change your mind later (though you'll have to run your entire backup again).

3 Responses to “Should you manage your own online backup encryption key?”

  1. Nadya Says:

    I am wondering if you would be interested in reviewing a new CloudBerry Online Backup powered by Amazon S3 with strong data encryption, friendly user interface and scheduling capabilities. You can download it at http://cloudberrydrive.com/

    Nadya,
    CloudBerry Lab team

  2. Brent Says:

    Does sugarsync like carbonite and mozy encrypt your data before it leaves your computer?

  3. Are the backup services vulnerable to hackers? - NextAdvisor Daily Says:

    [...] Those who are particularly concerned about their data being unencrypted can choose their own encryption key. We talked about that a bit in an earlier blog post. [...]

Leave a Reply

Recent Comments

  • will: our school woonsocket heigh has us blocked out of the web si...
  • ???? ?????: I work for a computer repair firm and we use AVG on all of o...
  • cheap international phone calls: Got the MagicJack here already. I still have to figure out...
  • bandsxbands: It's interesting to see just how permeant digital memory has...
  • Leland Canedo: I was searching for repairing my xbox when I found your site...

About Us Blog Contact UsTerms & Privacy PolicyAffiliate ProgramSite map