Saturday, 11 January 2014

Brian Goudie - A lesson on online storage!


Dropbox Standard Setup - Insecure

Like most others of my generation, technology sometimes gets ahead of me.

This past month has taught me a huge lesson - online storage programmes may not be as 'secure' as you think!

I was living in a happy world, believing that if you delete a 'shared' folder, or break the link to the machine, it also deletes the files on the 'shared' machine - it doesn't!

So you give an employee access to a 'Dropbox' shared folder, they 'sync' and they have all your files - they leave, you unshare, but they still have the files!

If a machine gets stolen - they have all the files!

I have used 'Dropbox' 'Skydrive' 'ICloud' and 'Google Docs' and always preferred 'Dropbox', only because the files are retained locally and easy to access. I never gave a thought to the fact that Dropbox stores all documents locally, and acts as a normal drive - syncing across all machines. And automatically uploads from your phone camera.

I also started using 'Dropbox' much more because I got a 50GB 'Dropbox' free a couple of months ago with my new Samsung Galaxy - free, got to be good right?

Maybe not.

Take a real life scenario, the machine with your local 'Dropbox' is compromised, and you end up locked out of it - all your files are now out of your reach, and in the hands of a third party.

Dropbox runs as long as your machine is switched on, no password is required to access the local machine, and you are locked out!

All your saved docs, camera uploads are gone!
Dropbox Encrypted Setup - Secure
A very good friend of mine solved this for me yesterday, combining 'Dropbox' and 'TrueCrypt' - I think I get this now - basically the local copy of 'Dropbox' sits in a secure encrypted drive, that can be open and closed as necessary and will sync when you open 'TrueCrypt', meaning if anyone access 'Dropbox' and tries to delete files, the local 'TrueCrypt Dropbox' drive remains unaffected.

My friend set this up for me yesterday and the only problem appears to be that my 'Dropbox' programme opens automatically on startup, and cant find the 'Dropbox' folder - I am sure Pui will fix that!

Now while all this new setup looks great, I went and bought a USB external hard drive, and will go back to having a 'parachute' - a hard drive with a full backup kept off site! Worked 20 years ago, no reason it wont work now!

No comments:

Post a Comment