Data Security

You might have read about data security (or the lack of) because of snooping by the NSA and GCHQ; multi-nationals being hacked and embarrassed on a global scale; or whistleblowing by the likes of Edward Snowden. Data security is an understandable concern for individuals, businesses and charities.

Following the 2014 iCloud hack, a positive outcome was to focus the mainstream media’s attention on data security and ask who is responsible for protecting the data. The owner of the data (not the cloud storage provider) is responsible. Our advice:

Password-protect documents that have sensitive information.
Use a password manager to manage account passwords. You only need remember the password for the password manager. DO NOT forget it or you’ll lose all saved passwords.
Use two-factor authentication (2FA). Potential hackers must know something (password) and have something (e.g. phone) to gain access to your account/s. We use Authy because it makes encrypted cloud backups.

Encryption securely protects data saved to cloud-storage that doesn’t automatically encrypt data before syncing. Encrypted data remains safe from hackers and unethical cloud storage employees. However, if you forget the encryption password, you’ll be unable to decrypt your data, so be careful. After Boxcryptor sold out to Dropbox, we used Cryptomator.

Instead of using cloud storage plus an encryption solution, an alternative is to use encrypted cloud storage. Sync (5GB for free) protects privacy with end-to-end encryption; ensuring your data in the cloud is secure and 100% private. If you lose your password, there will be no way to recover it because Sync keeps no record (aka zero-knowledge). Filen (10GB free) is an excellent encrypted cloud storage option.

End-to-end encryption (E2EE)

Securely encrypts data at its origin and decrypts it at its destination, making it unreadable to anyone in between. This is important because:

Privacy Protection: E2EE safeguards information from unauthorised access. In an era where digital communication is ubiquitous, securing messages is paramount to maintaining privacy.
Security against Eavesdropping: E2E encrypted data is protected against interception during transmission by hackers. This protects against cyber threats, including eavesdropping and data breaches.
Trust in Digital Communication: Knowing that messages, calls and files are E2EE builds trust in platforms. Users can communicate freely, knowing information is securely encrypted from prying eyes.
Compliance & Ethical Standards: For businesses, E2EE helps comply with data protection laws, such as GDPR (EU), demonstrating a commitment to data security and privacy, and building trust with users.
Protection against Data Manipulation: E2EE not only prevents unauthorised access but also protects against the alteration of data, ensuring the integrity of the information i.e. financial, medical, and legal.

In summary, end-to-end encryption is a cornerstone of modern digital security. It enables individuals and businesses to communicate and share data securely, fostering a safer and more trustworthy digital environment.

For information about how we can help your business, contact us.

Read how we protect our data and our clients’ data in our GDPR Policy.