
Data is your digital assets. It’s the most important aspect you have on your computers or mobile devices.
Many things can happen leading to hardware failure, lost or data corruption.
You can replace the hardware, reinstall operating system and applications. But you may not be able to recover your data. They could be lost forever. Protect your data, by backing them up. And better yet, backup to cloud storage.
- Follow 3-2-1 backup rule
- Cloud stoarge risk factors
- Zero knowledge encryption
- Use Boxcryptor to enable zero knowledge encryption
- Get started using boxcryptor
1. Follow 3-2-1 backup rule

3 Copies: Keep 3 total copies of any important data, 1 original and 2 backups.
2 Media: Store your data on 2 different media types like hard drive, flash drive, DVD, cloud & etc. So that your data won’t suffer from the same hardware failure.
1 Offsite: Keep a copy far away at a different location. Your data would be safe even if there is fire, burglary or natural disaster.
This 3-2-1 backup rule is the most common approach. Carnegie Mellon University also recommended this approach in their 2012 paper Data Backup Options for US-CERT (United States Computer Emergency Readiness Team).
This should be the minimum backup approach for your important data. You can always maintain more copies or versions.
Backup to cloud storage makes a lot of sense following this 3-2-1 backup rule. Because this cloud backup copy serves as a copy on a different media offsite.
But don’t just upload your data unprotected. Use Zero knowledge encryption to protect your data in the cloud.
2. Cloud storage risk factors

Backup to cloud storage is a great way to keep extra copy of your important data. However, storing your important data at a cloud storage service could have some risks to consider:
- Privacy: Your data is in third party’s servers. We have no guaranteed that the data is not being looked/scanned at.
- Security: Most service providers have encryption in place to protect your data.
However, if their servers are compromised and have unauthorized access to their encryption keys, your data could still be at risk, even though it’s rare.
- Lost of service: If the service provider terminates the service, you may lose your cloud data. So pick a well known trusted one.
3. Zero knowledge encryption

To mitigate the risk of using cloud storage, it’s best to take the control in our own hands by using zero knowledge encryption.
Zero knowledge encryption means that the we, as the data owner, are the only one holding the password for encryption/decryption.
And the encryption/decryption process takes place locally at our computer/device before data is sent to the cloud storage. As a result, your data is completely private and no one else can see your data.
Your are the only one who knows the password. Therefore, if you forget your password, you lose your data. Use a password manager to keep your password safe, as discussed in my other post 5 steps to improve your online account security.
4. Use Boxcryptor to enable zero knowledge encryption

Boxcryptor is a security software that uses zero knowledge encryption to add a security layer to the cloud storage of your choice.
Boxcryptor supports more than 30 cloud storage providers including Google Drive, Dropbox, iCloud drive, Amazon Drive and etc.
All encryption/decryption are done locally. Your password is not stored at their server and only you have the password to enable encryption/decryption locally.
Free basic version
- Connect to one cloud provider
- Use on two devices
Personal version
- $48 / year
- Unlimited number of cloud providers
- Unlimited number of devices
- Can also encrypt filename
The major advantage is the flexibility to connect to major existing cloud storage providers that you are already using and comfortable with.
Another benefit is the capability to encrypt your local files in your hard drive or flash drives. Therefore, your local backup copies can also be encrypted.
5. Get started using boxcryptor
Once setup, a virtual drive would be created and connect to the selected cloud storage’s sync folder.
You can then create a folder to enable encryption under the virtual drive and any file copied to the encrypted folder would be encrypted
automatically before actually sending to the cloud storage.
Likewise, when you open or copy an encrypted file from virtual drive, the file will be decrypted automatically.
System requirements for Windows
Requires Windows 7 or later with .NET Framework 4.5.2
Install Boxcryptor

- Download Boxcryptor for Windows
- Run the installer and follow instructions


Create Boxcryptor account
Once you click ‘Finish’ button, the follow screen appears.

Click on ‘CREATE ACCOUNT’


Once the account creation is complete, you can choose the personal version for $48 or stay as free basic version.
Configure Boxcryptor virtual drive

Boxcryptor should have created a virtual drive X:
Let’s fire up the window explorer and you should see the Boxcryptor drive

Now right click on drive X: and go to Boxcryptor > Settings

All your supported cloud storage sync folders would appear here. You can also add your local folders here to encrypt your files locally.
Enable encryption by creating an encrypted folder
Boxcryptor only performs encryption/decryption for files inside an encrypted folder.
Let’s create an encrypted folder using Google Drive as an example. Go to X:\Google Drive and then create a folder. Boxcryptor will prompt you whether to encrypt the folder or not.

Click on ‘Encrypt’ to create the new folder. Now any files copied to this new folder will be encrypted before they are uploaded to the cloud storage.
That’s about it. Use an encrypted folder for your backups and you now have an offsite encrypted cloud backup copy that is only accessible by you.