Secure Cloud Storage

Despite the convenience of online storage services, never lose sight of the fact that the security of your data is essential. You’ve decided to entrust your personal or business data to an external storage service, and you have to ask yourself: Is my data safe? In this article, we take a look at what secure cloud storage is, and how to choose the most secure cloud for your data.

Whether it’s corporate data or storing and sharing your personal data, ask yourself these few questions:

  • Is my data safe in case the servers get hacked?
  • Am I really the only one who can see my data?
  • What happens if my password is stolen?

This article details the essential security features, and how the best cloud storage services address them.

What are the best secure cloud storages?

If you’re looking for secure cloud storage, the best solution for you will differ from another user.

For example, some will highlight the need for a service that guarantees the privacy of hosted files. A private encryption feature (continue this article to learn more about this topic) will be essential, as it will ensure that your files are only read by you.

Others will prefer a service that will host the files in a country considered safe for its privacy policy. Still others may prefer a service that does everything possible to avoid data loss (for example, by replicating the data stored in several different locations).

So here’s a list of the best secure online storage depending on the scenario you’re interested in.

1. pCloud: the best cloud storage with all the desired security options

Logo de pCloud

ADVANTAGES

  • Swiss company that takes advantage of strict Swiss privacy laws
  • Data hosted in Europe (Luxembourg) or the United States of your choice
  • pCloud Crypto is a digital safe that allows you to store the most confidential documents.
  • Satisfied or refunded for 10 days
  • Two-factor authentication

DISADVANTAGES

  • PCloud Crypto private encryption as an optional extra
  • Only the files in the Crypto folder are fully confidential

pCloud is the best online storage service in our comparison. There are many reasons for this: the service offers many useful and powerful features. But the security offered by pCloud is also a strong argument.

The most important point to consider when deciding whether pCloud is right for you is data privacy. Private encryption is necessary to ensure that even pCloud and the people working for pCloud cannot access it.

At pCloud, there is a paid pCloud Crypto option that allows you to place your most secret files in a special folder. They will be protected by private encryption, i.e. these files will be encrypted with a key that only you have. Thus, even pCloud will not be able to decrypt this data.

If you like this way of working, then pCloud is perfect for you. However, if you absolutely want all your files to be encrypted and unreadable by the storage provider, you’ll have to choose a solution like Sync.com, which protects all your data in this way and which we present below.

pCloud has several offerings available, suitable for most cases:

2. Sync.com guarantees privacy for all your files

You’ll prefer Sync.com if you want absolute and guaranteed privacy on all your files.

Logo de Sync.com

ADVANTAGES

  • Very good security and privacy (private encryption included)
  • Service and data hosted in Canada, more privacy friendly than the US
  • Satisfied or refunded for 30 days
  • Unlimited file versions and recycle garbage can
  • Two-factor authentication

DISADVANTAGES

  • English site and applications only
  • Slightly less complete than pCloud in terms of features

Sync.com is a serious Canadian online storage service with an emphasis on the security and privacy of hosted data.

Canada has a much more protective data privacy policy than the US. So from this point of view, this country is more interesting than many other countries from the point of view of data security.

But the most important data security feature of Sync.com is the Zero-Knowledge private encryption that is applied to all your files. In other words, the data is encrypted before it is sent to Sync.com, with an encryption key that only you have. Thus, none of the files hosted on Sync.com’s servers can be read by anyone but you. This is a technical guarantee of the confidentiality of the data you entrust to a cloud storage service.

The major difference with pCloud is that Sync.com applies this confidentiality treatment to all your data. pCloud, on the other hand, only applies it to the contents of the secret folder available via the paid option pCloud Crypto.

Sync.com offers a range of services perfectly suited to individuals and businesses.

Encryption: why, when and how?

When it comes to exchanging data over the Internet, encryption is one of the most useful protection mechanisms.

Cloud Storage in a Safe

What is data encryption?

The general purpose of encryption is to transform your data in a way that will make it unreadable to anyone who is not authorized to access it.

Specifically, in the case of online data storage, a key is used to encrypt and decrypt the data. Only those who have this key can decrypt and thus access the data.

There are many encryption algorithms, but the one most commonly used among cloud storage providers is called Advanced Encryption Standard (AES). Without going into the details of the method used by AES encryption, remember that the most important information is the size of the key associated with the encryption. It is measured in bits and has three commonly encountered values: 128, 192, and 256 bits.

The larger the size of the key used, the more difficult it will be to find by a brute force attack (which roughly consists in testing a large number of possible combinations to finally find the key).

Today, it is preferable to focus on encryption using 256-bit keys. These tend to become the rule.

When does encryption take place?

For online storage, it is important to understand that encryption can occur at two different times:

  • during data transfer between you and the storage server,
  • before storing the data on your storage provider’s servers.
Encryption for data transfer

Encryption during data transfer is essential to ensure that no one outside of you can read your data as it travels between you and the storage servers. This measure prevents many hacking attempts.

Briefly, data encryption takes place before the data leaves your device (computer, phone, etc.). The data is then decrypted when it reaches the servers for storage.

This is of course a must, and any provider that doesn’t adopt it is to be avoided! Fortunately, all major cloud storage services have adopted this method.

Encryption for data storage

Encrypting your data is also important when storing it. The idea is to save the data in an encrypted form. The goal this time is to make the data unreadable to anyone who manages to break into the servers.

Again, this measure is absolutely essential, and most cloud storage services have understood this.

Private encryption, client-side encryption, Zero-Knowledge: who can see my data?

Private encryption provides you with the guarantee that no one but you (including the administrators of the storage service that stores your data) can access your data! In fact, with private encryption, you are the sole owner of the key to decrypt your data.

This is sometimes referred to as client-side encryption (which means that the data is encrypted on your device before it leaves it), or as the Zero-Knowledge principle to mean that the storage service provider cannot know what data it is processing.

Depending on the data you want to store, we recommend that you carefully consider the importance of private encryption. Although it is not well known and ignored by the most popular services (Dropbox, Google Drive, etc.), it is the best guarantee that your data will remain private! Its absence is one of the major reasons why you should avoid the most famous cloud storage like Dropbox, Google Drive, iCloud, OneDrive, etc.

The principle of private encryption is an assurance that your data remains private. However, it comes with a few drawbacks to keep in mind:

  • your password is yours, and if you lose it, your data will be lost as well,
  • private encryption often involves some inconvenience in use: for example, it makes it difficult to preview files (images, videos, etc.).

Outsource private encryption when the online storage provider does not offer it

It is unfortunate that many of the most common storage services (Google Drive, Dropbox, etc.) do not offer private encryption.

So what should you do if you want to protect data hosted on this type of cloud? An interesting option is to use a solution such as Boxcryptor (more details on Boxcryptor). This solution adds private encryption that is compatible with more than 30 cloud storage services. A free version exists for simple use.

Double-authentication: What if my password is stolen?

Even with a zero-knowledge solution, your data remains vulnerable because it is still linked to your password. If your password is weak or used on several sites, then your account security is vulnerable.

To limit the risks, double authentication (also called two-factor authentication ) comes into play! This means that you are asked for two proofs of your identity when you authenticate:

  • your password,
  • another proof that will vary depending on the service (for example, a unique code sent by SMS or email).

Although double authentication requires a little extra effort when logging into your account, consider the fact that it makes it considerably more difficult to hack into your account!

Conclusion

The security of your data is a primary consideration when choosing a cloud storage service. Specifically, we would like to stress the importance of private encryption of your data (zero-knowledge)! To this end, both pCloud and Sync.com offer satisfaction. The difference is that pCloud offers private encryption only in a dedicated folder (a digital safe) whereas Sync.com will encrypt all your data (but with a slight loss in synchronization performance and functionality).

Both services have a free plan (10 GB for pCloud, 5 GB for Sync.com) or a money-back guarantee to test them serenely (10 days for pCloud, 30 days for Sync.com).

Logo de pCloud

ADVANTAGES

  • Swiss company that takes advantage of strict Swiss privacy laws
  • Data hosted in Europe (Luxembourg) or the United States of your choice
  • pCloud Crypto is a digital safe that allows you to store the most confidential documents.
  • Satisfied or refunded for 10 days
  • Two-factor authentication

DISADVANTAGES

  • PCloud Crypto private encryption is an optional extra
  • Only the files in the Crypto folder are fully confidential

Logo de Sync.com

ADVANTAGES

  • Very good security and privacy (private encryption included)
  • Service and data hosted in Canada, more privacy friendly than the US
  • Satisfied or refunded for 30 days
  • Unlimited file versions and recycle garbage can
  • Two-factor authentication

DISADVANTAGES

  • English site and applications only
  • Slightly less complete than pCloud in terms of features

If you are looking for other criteria than security to choose your storage service, check our comparison of the best online storage services.