Security & Privacy Policies

With so many different options now available for your securely backing up your files online, it’s hard to know what to look for or who to trust.  In this discussion we’ll talk about what should be first and foremost when choosing a backup company: security and privacy.

Regarding privacy, make sure that the company you choose has an iron-clad privacy policy.  There was recently a big to-do about Dropbox changing their privacy policy, but in the end it was mainly just miscommunication.

Specifically, here’s what the top companies have to say:

SpiderOak: “SpiderOak never stores or knows a user’s password or the plaintext encryption keys which means not even SpiderOak employees can access the data. Our zero-knowledge privacy approach means we can never betray the trust of our users”

SugarSync: “We use industry best practices to ensure that your data is safe and secure. Your files are transferred securely using TLS (Transport Layer Security) and are stored in the cloud in an encrypted format using 128-bit AES-the same level of protection used for online financial transactions.”

Wuala: “All files are directly encrypted on your desktop. Your password never leaves your computer. Not even we as the provider can access your files or your password. Wuala employs proven encryption technology (AES, RSA and SHA) to secure your data.”

Mozy:  “We protect the interests of our customers and business by creating and operating a holistic program focused on the confidentiality, availability, and integrity of company and customer systems and data…We use strict security policies, military-grade encryption, and world-class data centers to protect your information, including:  Encryption: Your information is always encrypted before being sent to our data centers and while stored there.  SSL encryption: The same technology used by banks secures your data during the backup process.  AES/Blowfish: Choose Mozy’s encryption key using 448-bit Blowfish or manage your own key using military-grade 256-bit AES to secure your data during storage.”

Carbonite: “Secure Transfer — All Backed-up Data is encrypted with 128-bit Blowfish encryption prior to transfer and then sent through an encrypted 128-bit SSL tunnel to Carbonite data centers.  Secure Storage — After the secure transfer to Carbonite data centers, your Backed-up Data is maintained and stored with Carbonite using 128-bit Blowfish encryption. Your Backed-up Data is accessible only by supplying your valid login credentials. You can choose to use Carbonite’s 1024-bit encryption key or manage your own encryption key. If you choose to manage your own encryption key, you must safely archive it because, if lost, you will not be able to restore or otherwise access your data.  Physical Security — Carbonite servers are located in secure data centers, protected with features such as gated perimeter access, 24 x 7 x 365 on-site staffed security and technicians, electronic card key access, and security cameras inside and outside of the buildings.”

Backblaze:  “Backblaze is committed to the security of your data and has put in place industry standard physical and electronic enforcement mechanisms. Backblaze products automatically encrypt your data before transmission and send the encrypted data using industry-standard Secure Socket Layer (SSL) encryption. Your data is stored in a secure location with access controls for authorized employees only.”

crashplan backup software