Data Security

You might have read about data security (or the lack of) because of snooping by the NSA and GCHQ; multi-nationals being hacked and embarrassed on a global scale; or whistleblowing by the likes of Edward Snowden. Data security is an understandable concern for individuals, businesses and charities.

Following the 2014 iCloud hack, a positive outcome was to focus the mainstream media’s attention on data security and ask who is responsible for protecting the data. The owner of the data (not the cloud storage provider) is responsible. Our advice is:

Password-protect documents that have sensitive information.

Use a password manager to manage account passwords. You only need remember the password for the password manager. DO NOT forget it or you’ll lose all saved passwords.

Use two-factor authentication (2FA). Potential hackers must know something (password) and have something (e.g. phone) to gain access to your account/s. We use Authy because it makes encrypted backups to the cloud.

Play Video about Authy

Encryption is the most secure technique to protect data saved to cloud-storage that doesn’t automatically encrypt data. Encrypted data remains safe from hackers and unethical employees. However, if you forget the encryption password, you’ll be unable to decrypt your data, so be careful. After Boxcryptor sold out to Dropbox, we used Cryptomator.

Play Video about cryptomator

Play Video about Sync

Instead of using cloud storage plus an encryption solution, an alternative is to use encrypted cloud storage. Sync (5GB for free) protects privacy with end-to-end encryption; ensuring your data in the cloud is secure and 100% private. If you lose your password, there will be no way to recover it because Sync keeps no record (known as zero-knowledge). We also use Filen (10GB for free).

End-to-end encryption (E2EE)

E2EE is a security measure that scrambles data at its origin and decrypts it at its destination, making it unreadable to anyone in between. This is important because:

Privacy Protection: End-to-end encryption safeguards personal and sensitive information from unauthorised access. In an era where digital communication is ubiquitous, protecting the content of messages, whether personal or business-related communications, is paramount to maintaining privacy.
Security Against Eavesdropping: With end-to-end encryption, encrypted data is protected against interception during transmission by hackers. This protects against cyber threats, including eavesdropping and data breaches.
Trust in Digital Communication: Knowing that messages, calls and files are end-to-end encrypted builds trust in platforms. Users can communicate freely, knowing information is secure, which is essential for the digital economy.
Compliance & Ethical Standards: For businesses, E2EE helps comply with data protection laws, such as GDPR (EU). It demonstrates a commitment to data security and privacy, building trust with customers and partners.
Protection Against Data Manipulation: End-to-end encryption not only prevents unauthorized access but also protects against the alteration of data. This ensures the integrity of the information being communicated, which is critical in fields like finance, healthcare, and legal services.

In summary, end-to-end encryption is a cornerstone of modern digital security. It enables individuals and businesses to communicate and share data securely, fostering a safer and more trustworthy digital environment.

For information about how we can help your business, contact us.

Read how we protect our data and our clients’ data in our GDPR Policy.