I use Dropbox to sync lots of files across multiple platforms (Windows, OS X, iOS), including some files that contain personal information. I am aware of the risks of placing personal information in the cloud, but for me the convenience is worth the risk. That said, I want to take reasonable precautions to keep my data as safe as practicable. Until recently, I relied on Dropbox's file encryption to keep my files safe. I'm no encryption expert, but as I understand it, Dropbox keeps the encryption keys, so it is theoretically possible (albeit unlikely) that my data could be decrypted by the folks at Dropbox without my knowledge or consent. To mitigate this risk, I decided to begin encrypting my sensitive data prior to uploading it to the cloud. For the moment, I'm using Boxcryptor for this purpose. I like the fact that it uses 256-bit AES encryption and that the encryption key never leaves my computer. That way, even if my Dropbox account was compromised, the files would still be encrypted and, for all practical purposes, unreadable without my Boxcryptor password (which never leaves my possession).
So far, my impression of Boxcryptor is quite good, and its on-the-fly encryption/decryption works great on my Windows and OS X laptops. Unfortunately, iOS is a slightly different story because, unless I'm missing something, you are forced to use the Boxcryptor file management app to first decrypt your file, then copy them into whatever app you want to use. For example, I can't open an encrypted spreadsheet directly in Excel for iOS; instead, I have to find the file in the Boxcryptor app, download and decrypt it, then copy the decrypted file into Excel. If I then make any edits to that file in Excel, I have to save the file back to Dropbox. At that point, the saved file is no longer encrypted. To accomplish that, I have to go back to the Boxcryptor app and add a copy of the file from Dropbox into Boxcryptor, and then delete the unencrypted version of the file. It works, but it's clunky. I'm willing to live with the inconvenience if this is the only way (which I suspect it is), but I'm just wondering if I'm missing something obvious that would make the workflow more efficient. For occasional use, it's workable, but it can get tedious in a hurry if you're trying to edit multiple files.
I guess that's the price I pay for electing to store sensitive information in the cloud.
If anyone knows a better way, I would appreciate some tips. Also, please don't dilute the thread with "never store sensitive information in the cloud" sermons. As I said, I'm aware of the risks.
So far, my impression of Boxcryptor is quite good, and its on-the-fly encryption/decryption works great on my Windows and OS X laptops. Unfortunately, iOS is a slightly different story because, unless I'm missing something, you are forced to use the Boxcryptor file management app to first decrypt your file, then copy them into whatever app you want to use. For example, I can't open an encrypted spreadsheet directly in Excel for iOS; instead, I have to find the file in the Boxcryptor app, download and decrypt it, then copy the decrypted file into Excel. If I then make any edits to that file in Excel, I have to save the file back to Dropbox. At that point, the saved file is no longer encrypted. To accomplish that, I have to go back to the Boxcryptor app and add a copy of the file from Dropbox into Boxcryptor, and then delete the unencrypted version of the file. It works, but it's clunky. I'm willing to live with the inconvenience if this is the only way (which I suspect it is), but I'm just wondering if I'm missing something obvious that would make the workflow more efficient. For occasional use, it's workable, but it can get tedious in a hurry if you're trying to edit multiple files.
I guess that's the price I pay for electing to store sensitive information in the cloud.
If anyone knows a better way, I would appreciate some tips. Also, please don't dilute the thread with "never store sensitive information in the cloud" sermons. As I said, I'm aware of the risks.