Zero Knowledge Cloud: How to Keep Your Data Safe and Private
This article has been updated
Summary: In this article we explain how zero knowledge encryption can protect your data the best way possible and how you can also use this technology to turn Dropbox, Google Drive, OneDrive, and other cloud storage providers into a zero knowledge cloud.
Zero knowledge encryption is the most secure way to use a public cloud. There have been many incidents in the past that show how important it is to protect your data in the cloud. Although providers of the numerous cloud storage facilities repeatedly assure customers that their data is protected. Due to mostly legal reasons, a one hundred per cent security cannot be guaranteed.
Problems with the cloud in terms of privacy
Many among us hesitate to store data in the cloud. The main reason often is that they do not want to give up control over their data. Password leaks and security issues of the last couple of years do not really help strengthen the trust that people have in the cloud. Additionally, most of the clouds are based in the US and therefore, the cloud providers have to comply with the CLOUD Act. Cloud providers have to give out your data when the authorities come knocking.
Big cloud providers – in this case Microsoft – openly state that they scan, and in some cases access data:
We will retain, access, transfer, disclose, and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders on OneDrive), when we have a good faith belief that doing so is necessary to do any of the following: e.g. Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
This shows beyond doubt that Microsoft, Google and other large providers are able and willing to access data users save in their clouds. Theoretically, at least some employees of cloud providers can access your data if they want to, as happened, (for example, with Capital One and AWS). If you want to stay in control, the answer is zero knowledge encryption. Boxcryptor, a software Made in Germany, can help you transform close to all cloud storages into a zero knowledge cloud and can also be used for NAS and fileservers.
What is zero knowledge?
Zero knowledge became a part of common knowledge when Edward Snowden dismissed Dropbox and recommended zero knowledge clouds, such as SpiderOak. His reasoning: Big cloud providers would neither protect, nor respect the client’s privacy. (One disadvantage with SpiderOak is, though, that complete zero knowledge cannot be provided on mobile devices).
Zero knowledge means that even the company providing you with this zero knowledge cloud storage or encryption is not able to access your data. With Boxcryptor, for example, your password is hashed before it is sent. This means we have no information that would allow us to find out your password. With zero knowledge standard we identify you and verify your credentials when you log in, without ever knowing your password. This is the safest method of authentication and subsequent key transfer.
_Additionally, nobody but you can access your data because only you hold the keys to decrypt it. with Boxcryptor, your data never leaves your computer, laptop, or smartphone unencrypted.
Advantages of an additional zero knowledge cloud solution:
- Highest possible control over your data -The ability to use the most convenient and user-friendly clouds with highest security
- No need to “trust” your cloud provider
- Divided areas of expertise: The cloud provider is responsible for the physical safety and storage of your data, the encryption solution provides safety from data breaches and data privacy.
- Use your zero knowledge cloud storage for cheap, convenient and secure backup hosting
A harmful data breach becomes near impossible: Both the cloud provider and your encryption solution would have to be compromised at the same time. Since all your information is only available in encrypted mode at the encryption solution provider, the chances of a data breach are non-existent.
Disadvantages of zero knowledge:
If you forget your password (in the case of companies your master password), all your data is lost, as it is forever encrypted and therefore useless. Therefore, Boxcryptor offers companies the possibility to export their master key. It should be stored in a safe place to ensure continuous business.
Cloud security is your responsibility
The privacy of your data is your responsibility, since you are in control of the decision, where and how to store your data.
The good news is: It is very easy to accomplish data privacy in the cloud. It will be even more secure than your external hard drive (these things tend to break down or get lost while travelling) or the NAS in your company’s basement.
Zero Knowledge encryption software, such as Boxcryptor, turns your cloud into a fortress of privacy no matter from what device you access it. Turn the most user-friendly clouds, such as Dropbox, Google Drive, OneDrive, or any other cloud, into a zero knowledge cloud to protect your data in the best way possible.