One thing that almost all online backup solutions (e.g.. Dropbox, CX, Memopal, etc.) have in common is that they don’t allow the user to store encrypted files on their storage. They encrypt the connection from user’s computer to the cloud service, but once the files are there, they will be stored either unencrypted or encrypted with a key that the service provider has. This practice allows the provider to index the files and check their checksum. Once a file has a known checksum (usually SHA1) it will no longer be uploaded to the storage, it will be only referenced, in order to spare some space.
Although this allows the provider to massively optimize the storage, this has a major drawback: zero privacy for the user. If somebody hacks the storage (see Dropbox’s privacy problems in the past) then your files will be available unencrypted to the attacker. In the light of the NSA surveillance, this means that they can get their hands on your files without any problem at all.
In the last two years it seems that the problem started to be solved by some providers (e.g. Wuala) which saw the opportunity and offered upload of the files which are first encrypted on the user’s device.
Although services exist, they are rather expensive for home users and micro and small businesses. Fortunately, there are other ways to achieve this at no cost.
All what you need is to have an online storage account (free) and a special software, which is free and open source.
The software is called Duplicati and it is available here for Windows, Linux and MacOS.
Duplicati is a free backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers. It works with Amazon S3, Windows Live SkyDrive, Google Drive (Google Docs), Rackspace Cloud Files or WebDAV, SSH, FTP (and many more).
The security is implemented in Duplicati with built-in AES-256 encryption and backups can even be signed using GNU Privacy Guard. A built-in scheduler makes sure that backups are always up-to-date. Last but not least, Duplicati provides various options and tweaks like filters, deletion rules, transfer and bandwidth options to run backups for specific purposes.
Duplicati is evening providing How-Tos for many providers of online storage, including 1und1 in Germany (it offers 1 TB online storage via WebDAV), Google’s Drive, Skydrive, Box.com and others.
The advantage of using this method instead of purchasing some space to some provider is that you are in control of how much you backup, what you backup, when you backup and most important of all, where you backup.
Here is how you set up a backup using Box.net, which offers 50 GB for free to any user.
Click on the pictures of the gallery and read the description.
How to perform backups for more users
If you are a small business with a few users, you can perform backups in the same way, even using the same account. You have to take care to give the backups different name. For example, you should call the backup with the same name as the computer which is backed up.
It would be preferable to schedule the backups at different hours during the day (or night) in order to not slow down the network and not to have the Internet connection’s upload rate as a bottleneck.
If you have critical data, customer information, I strongly recommend to use professional backup systems which come with SLA. Using a free account is in general ok for private data, but if you want maximum guarantee for your data then it is recommended to purchase space at a provider.
© Copyright 2014 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.mustaca.com for the IT Consulting services I offer.