Wanna know all about Sher.ly?
When you store files in the public cloud, no matter how strong your passwords, you don’t have the keys to what is probably a collection of your most important documents. In essence, it’s locking the door, the garage, the back door, all the windows, setting the alarm, then leaving the key outside with the alarm code on a scrap of paper.
Bet you aren’t feeling so secure anymore.
Companies who offer encryption as a feature of their products do what they say. They encrypt the data, whatever it is - emails, documents, images. They do this on their servers. Then they send the keys to that data to the customer.
Which means the keys are in two places, with the customer and the company. Not only leaving the data twice as vulnerable, but the keys to your data are now with a third party. They can access it at any time, or give them to someone else, like the NSA, or they themselves could be the target of a digital raid. Criminal cyber gangs see public cloud firms as a lucrative source of consumers personal information, which is a commodity with countless illegal money-spinning uses.
Also a noteworthy consideration, both in the eyes of the law and when it comes to security.
SSL encryption protects your network traffic. It is prevention against people snooping on or decrypting data when it is in transit. Usually going from a cloud hard drive to a device, or between servers, if it goes over the internet. Disk level encryption is designed to protect the data when it’s at rest. Theoretically, SSL and disk encryption should keep your documents safe whether at rest or in transit.
But the keys are still in both places - your devices and the companies servers. Which kind of undermines the whole, Your data is safe with us! idea.
The only solution, for true security, is for you to have the keys to the kingdom. It’s your data, after all. You wouldn’t hand random strangers house keys if they promise not to take anything. Or promise to keep out their shady looki
You holding the keys, along with data being encrypted before it leaves a secure device (like Sherlybox) and a strong password policy: that’s true security. No more keys lying around for anyone to pick up or steal.