Do you use Dropbox at home or work? Dropbox is an easy way to share documents among your devices and coworkers, plus it offers storage in the Cloud. For businesses, it can eliminate many of the IT support issues around backup and collaboration, especially in a BYOD (bring your own devices) environment. Dropbox currently has over 300 million users.
But Dropbox has had some security hiccups. Dropbox blames one of the largest events on their customers’ reuse of passwords. Dropbox claims that it was not hacked, but that usernames and passwords were stolen from other unrelated services. The cybercriminals then used those passwords on Dropbox. While I in general don’t like the “blame the customer” defense, I also have little patience with reusing passwords. Yes, it makes it easier to remember, but it makes your data, or your company’s data, much more vulnerable.
Enter Cloudifile from Cloud Labs. Cloudifile does two things: it encrypts your critical documents in Dropbox and on your own devices, and it automatically syncs these documents through Dropbox. Once you have installed Cloudifile on your device, you designate the specific files and folders that you want protected. Cloudifile encrypts each file with a different 256-bit key that has itself been encrypted with a 2048-bit key that is unique to your Cloudifile account. On your local device, a virtual unencrypted file is immediately available for use. As you update the file, the encrypted copy on Dropbox is also automatically updated. When you add a new file to a specified folder, Cloudifile will automatically add the encrypted copy to Dropbox. I find it very easy to use. Once you specify a file or folder via a right-click action, Cloudifile handles everything invisibly.
You can share Cloudifile folders with specific other Cloudifile users. You use the basic Dropbox sharing facilities along with Cloudifile requests to approve the share request. If you decide to no longer share a folder, all files in the folder are re-encrypted with different keys so the other person can no longer access those files.
If someone gains access to your Dropbox account they can see what files you have under Cloudifle control in a Cloudifile folder. However, each of those files is strongly encrypted.
What if someone gains possession of your device and can log on to the device? They probably now have access to your Dropbox account, but without your Cloudifile credentials, your files are safe. Files on your local device are not even present if you are not logged into Cloudifile.
Since there is an encrypted copy of your local files on your local device, when you are logged in to Cloudifile those local files are available for your use even if you are not connected to the Internet. When you next connect, Cloudifile will automatically re-sync your data with Dropbox.
Cloud Labs does not have a copy of your logon password, nor does it have any of your encryption keys. At no time does your data pass through any Cloud Lab’s servers. When you set up your Cloudifile account, you receive a “password reset” string. This 1,600+-character string enables you to reset your password and recover your data. Make sure you keep this “password reset” string someplace safe, but not on any Cloudifile protected device.
If you lose your local device, simply logging on to Dropbox and then Cloudifile on your replacement device will immediately restore all of the Cloudifile files and folders.
Cloudifile is currently available on Windows devices (Windows 7, 8, 8.1). I expect to see Android and iOS versions mid first quarter 2015. Cloud Labs is working on a Mac version. Currently, you can download Cloudifile for free.
The last word:
All of your stuff does not require the same level of security. If you started using Dropbox as a place to capture and consolidate images and videos from all of your devices, then the convenience of an easy to remember password made sense. But if you are now putting your tax or medical records, or worse, your company’s product plans on Dropbox then I recommend you look at Cloudifile for those private or proprietary documents you wish to keep secure.
Keep your sense of humor.