Security and convenience always seem to be at war with each other. Sometimes it’s difficult to understand why security folks are so draconian in their rules. It’s never for the day to day normal situations that those rules come into play, but for the failures that inevitably happen. The popular storage service Dropbox‘s recent security problem is an example of how you need to think about possible security failures.
On the surface Dropbox certainly looks pretty secure. They transmit files securely over SSL, they encrypt your files for storage, and you must login with a username and password to get access. Looks pretty good. Here’s where the security can breakdown. The encryption key is stored at Dropbox. It’s linked to your account. It becomes available for use when you login.
On June 19, Dropbox updated its site, and accidentally broke their password authentication so that any password worked. If I knew your Dropbox username, or guessed it, I could login to your Dropbox account by typing anything for the password. At that point, I could steal your documents, delete them, or replace them with falsified documents. I could even upload a virus and hope you would download it later and infect your computer.
This high profile breakdown in security for a heavily used online data storage service underlines the importance of encrypting data that you store remotely, and you having control of the encryption key. Whether you use an online data storage service, or you are storing physical media off site, encryption is important for you to maintain control over who accesses your files. And having the encryption key located separately from the encrypted data is necessary to insure your data’s safety. This prevents theft of the data by hacking. It protects against the employees of the service stealing the data. And it means that even if the service like Dropbox is compelled to turn the data over by law, all they can turn over are the unreadable, encrypted files.
There is a gotcha when encrypting your data: If you lose your encryption keys neither you nor anyone else can decrypt the data. Even though you have the files, your data is effectively gone. There are freely available tools for all operating systems for encrypting your data, and we recommend you store your encryption keys in a safe, secure location.
SWCP’s online backup service, the SWCP BUS, offers the option for user encryption of data, with an encryption password that is separate from your login password. When that feature is used, your data is encrypted before it is uploaded to SWCP. SWCP could not decrypt that data, even if we wanted to. Or if even you wanted us to. Remember, do not lose that encryption key.