Keeping your personal data secure while you want to access it anywhere can be challenging. In this cloud based world you can access anything from anywhere. This is the easy part because the cloud storage business is rising so you can choose from several services with different advantages.
I like to keep all my stuff for the reasons above and for backup reasons too, but a few weeks ago I realized that I have too much unsecured personal information stored in the cloud, on my notebook and on my mobile . If anybody ever gains access one of these he gains access to all my stuff. I don’t mind my music or ebooks but all my coding projects and personal media etc. So I came up with following solution.
The first thing I need to secure my data within the cloud storage. Cubby Locks is available in (uh, what a surprise) Cubby. You can create multiple cubbies within your system and you can separately “lock” them. In the real world this means that you can have a simple folder for your casual stuff to sync that all around and you can have another folder which contains your personal data synchronized with the cloud. But here comes the difference: if you lock your cubby then your data stored in an encrypted format in the cloud. This means that even if you left your mobile or browser logged into Cubby you cannot access your data without the password which is the key for encryption.
For more technical details of Cubby Locks check this article: Technical deep dive into cubby locks.
This is the right point to protect my data in the cloud but it won’t protect it in my notebook (if you read the Cubby pages you know that this is a cloud side encryption). So the second thing I need is to encrypt the data on the machine itself. One of my colleagues advised a popular encryption approach which is TrueCrypt and it’s a mature, proven product.
With TrueCrypt you can create an encrypted container which can be mounted to the system as a virtual hard drive or removable drive. You may already figured it out that you can create a cubby inside this container and you can lock that so it is encrypted in the cloud and encrypted on the machine too. So for example I have 3 different TrueCrypt containers:
M for media, P for personal documents and W stands for work. Inside these virtual drives I have the cubby:
When you work with the content of this folder it’s the same experience than when you work with a regular folder but you can easily dismount the TrueCrypt drive and then nobody has access to it without the password.
You may pay more attention to the startup order of Cubby and TrueCrypt and the dismound order. For example if you dismound the drive before you stop Cubby then you have to re-add the folders later (there is a merge option so you don’t have to re-upload everything). I think this is an odd thing but I expect improvements on this. Until that I like to stop the Cubby before any dismount (either manually or scripts triggered by system events) to avoid the re-add and merge cycle.
It can be a bit uncomfortable but stolen personal data is more uncomfortable in my opinion 🙂