backup your data

Data is your digital assets. It’s the most important aspect you have on your computers or mobile devices.

Many things can happen leading to hardware failure, lost or data corruption.

You can replace the hardware, reinstall operating system and applications. But you may not be able to recover your data. They could be lost forever. Protect your data, by backing them up. And better yet, backup to cloud storage.

  1. Follow 3-2-1 backup rule
  2. Cloud stoarge risk factors
  3. Zero knowledge encryption
  4. Use Boxcryptor to enable zero knowledge encryption
  5. Get started using boxcryptor

1. Follow 3-2-1 backup rule

3-2-1 backup rule

3 Copies: Keep 3 total copies of any important data, 1 original and 2 backups.

2 Media: Store your data on 2 different media types like hard drive, flash drive, DVD, cloud & etc. So that your data won’t suffer from the same hardware failure.

1 Offsite: Keep a copy far away at a different location. Your data would be safe even if there is fire, burglary or natural disaster.

This 3-2-1 backup rule is the most common approach. Carnegie Mellon University also recommended this approach in their 2012 paper Data Backup Options for US-CERT (United States Computer Emergency Readiness Team).

This should be the minimum backup approach for your important data. You can always maintain more copies or versions.

Backup to cloud storage makes a lot of sense following this 3-2-1 backup rule. Because this cloud backup copy serves as a copy on a different media offsite.

But don’t just upload your data unprotected. Use Zero knowledge encryption to protect your data in the cloud.

2. Cloud storage risk factors

cloud storage risk factors

Backup to cloud storage is a great way to keep extra copy of your important data. However, storing your important data at a cloud storage service could have some risks to consider:

  • Privacy: Your data is in third party’s servers. We have no guaranteed that the data is not being looked/scanned at.
  • Security: Most service providers have encryption in place to protect your data.

    However, if their servers are compromised and have unauthorized access to their encryption keys, your data could still be at risk, even though it’s rare.

  • Lost of service: If the service provider terminates the service, you may lose your cloud data. So pick a well known trusted one.

3. Zero knowledge encryption

encrypted data before storing at cloud

To mitigate the risk of using cloud storage, it’s best to take the control in our own hands by using zero knowledge encryption.

Zero knowledge encryption means that the we, as the data owner, are the only one holding the password for encryption/decryption.

And the encryption/decryption process takes place locally at our computer/device before data is sent to the cloud storage. As a result, your data is completely private and no one else can see your data.

Your are the only one who knows the password. Therefore, if you forget your password, you lose your data. Use a password manager to keep your password safe, as discussed in my other post 5 steps to improve your online account security.

4. Use Boxcryptor to enable zero knowledge encryption

using boxcryptor

Boxcryptor is a security software that uses zero knowledge encryption to add a security layer to the cloud storage of your choice.

Boxcryptor supports more than 30 cloud storage providers including Google Drive, Dropbox, iCloud drive, Amazon Drive and etc.

All encryption/decryption are done locally. Your password is not stored at their server and only you have the password to enable encryption/decryption locally.

Free basic version

  • Connect to one cloud provider
  • Use on two devices

Personal version

  • $48 / year
  • Unlimited number of cloud providers
  • Unlimited number of devices
  • Can also encrypt filename

The major advantage is the flexibility to connect to major existing cloud storage providers that you are already using and comfortable with.

Another benefit is the capability to encrypt your local files in your hard drive or flash drives. Therefore, your local backup copies can also be encrypted.

5. Get started using boxcryptor

Once setup, a virtual drive would be created and connect to the selected cloud storage’s sync folder.

You can then create a folder to enable encryption under the virtual drive and any file copied to the encrypted folder would be encrypted
 automatically before actually sending to the cloud storage.

Likewise, when you open or copy an encrypted file from virtual drive, the file will be decrypted automatically.

System requirements for Windows

Requires Windows 7 or later with .NET Framework 4.5.2

Install Boxcryptor

Boxcryptor installer
boxcryptor - files in use
You may run into this screen. Just let it restart Windows Explorer
Boxcryptor setup completed
And reach this screen when installation is completed.

Create Boxcryptor account

Once you click ‘Finish’ button, the follow screen appears.

boxcryptor sign in


Boxcryptor create account
Enter your info to finish creating your account
Boxcryptor confirm create account
Read the importance of your password and confirm the account creation

Once the account creation is complete, you can choose the personal version for $48 or stay as free basic version.

Configure Boxcryptor virtual drive

Boxcryptor welcome screen
A welcome screen will then show up. Click through it for a quick tutorial

Boxcryptor should have created a virtual drive X:

Let’s fire up the window explorer and you should see the Boxcryptor drive

Boxcryptor drive X

Now right click on drive X: and go to Boxcryptor > Settings

boxcryptor settings

All your supported cloud storage sync folders would appear here. You can also add your local folders here to encrypt your files locally.

Enable encryption by creating an encrypted folder

Boxcryptor only performs encryption/decryption for files inside an encrypted folder.

Let’s create an encrypted folder using Google Drive as an example. Go to X:\Google Drive and then create a folder. Boxcryptor will prompt you whether to encrypt the folder or not.

Boxcryptor encrypt folder

Click on ‘Encrypt’ to create the new folder. Now any files copied to this new folder will be encrypted before they are uploaded to the cloud storage.

That’s about it. Use an encrypted folder for your backups and you now have an offsite encrypted cloud backup copy that is only accessible by you.

NEXT > Protect home network using subnets with pfSense

Leave a Reply

Close Menu