Cloud services such as Dropbox and Google Drive permit users to backup their data and synchronize it across different devices (such as laptops, desktops, mobile phones, etc) using cloud storage technology that resides on servers controlled by those entities. While a great solution for many users, others are apprehensive or skeptical to entrust their private data to third parties. Fortunately, it is possible to enjoy the benefits and convenience of cloud storage while maintaining the security and complete privacy of your data by encrypting all of your data before it leaves your computer.
There are several different third-party encryption utilities that you can use to accomplish the same thing, but of those I have tested Cryptomator is the best and easiest to work with. Cryptomator is an open-source project which means that it's source code is open to review and that makes it easy for users to know that it doesn't have back-doors or exploits built into it. Cryptomator works by encrypting files on your computer before they are sent to the cloud. This gives Dropbox and Google zero knowledge of what is contained in your files. Since your data is encrypted before leaving your computer, it is only stored in its encrypted form on the cloud service's servers. In the event that your cloud provider's security is compromised or your login credentials stolen, no one will be able to access your encrypted data without the encryption key you used to secure them.
Here is how you can do so in a few simple steps without the need to purchase anything.
Step 1: Download & install Dropbox (or Google Drive)
- Create your cloud account at the service of your choice (Dropbox, Google Drive, Microsoft OneDrive, Box, etc)
- Download and install their cloud storage software on your computer (if you do not already have it installed)
- Create some test files or folders and make youself familiar with the directory structure and how to save files
Step 2: Download and install Cryptomator
- Visit Cryptomator.org and download the Windows software installation package
- Make a donation if you want to, or set donation to "0" and continue to the download
- Install the software using default options, and let it open after installation is complete
Step 3: Create an Encrypted Vault in Cryptomator
- Launch Cryptomator (if it is not already open)
- Click the PLUS (+) sign and choose "Create New Vault"
- In the explorer, navigate to the root Dropbox folder (or other cloud folder)
- Type a name for your encrypted vault, and click "save"
- Enter a password twice (write down or print the password and keep it very safe) and choose "create vault"
- Your vault is now created and ready to use
Step 4: Use your Encrypted Vault
- With Cryptomator open, select your vault from the list and enter the password, then click "Unlock Vault"
- Cryptomator will now mount your encrypted folder and you can use it as you would any other folder
- Files saved in the encrypted vault (folder) will be encrypted before being uploaded to the cloud
- To encrypt files that are already in your Dropbox, move them from a regular folder to the encrypted vault
- When you finish working on the files, you need to choose "Lock Vault" to close your encrypted session
- In my example (below), I moved files I wanted encrypted from my regular "Payroll" folder to my Vault
The above image shows the regular, unencrypted folder as it appeared in the local Dropbox folder. After moving the files to the encrypted vault we created, you can see how even the filenames are encrypted (image below).
If you followed the steps in this guide correctly, you now have an encrypted folder full of files stored in the cloud that can only be accessed by you, even if your Dropbox or cloud account is compromised. You are now able to have peace of mind while enjoying the benefits of using your cloud account to backup or collaboration. If you look at your encrypted vault folder on Dropbox's web portal you will see that the files are completely encrypted and reveal nothing (other than file size) about what is contained in the files. This is ideal for anyone who wants secure and encrypted cloud storage. I can't stress enough how important it is to have a secure backup of your password or encryption key. You should keep this printed out in a secure or locked place in case you are forgetful or cannot remember the password you used to encrypt the folder.
Cryptomator has several advanced options that you can configure if you want to take advantage of them. Since I find it most useful to use an incredibly complicated password that would be impossible to type each time, I use the option to "save password" and "auto-unlock on start" and then or a 40 or 50 character complex password which I store in a password manager and then save on each of my computers. This affords optimal encryption for data on stored on the cloud but keeps it easy to use on each of my computers. You should not use these options on a public computer or one that you share with another person because it would defeat the purpose of encryption if you set it to automatically unlock in those cases.
There you have it. Free, encrypted cloud storage. If you found this article useful, please share it or tell your friends! Everyone is safer when we all practice good security.