Your IT Consultant

NetDocuments Lets Users Control Encryption Keys

June 9, 2015

Encryption is your friend. The requirements for keeping your data safe from prying eyes (e.g. NSA, foreign governments, soon-to-be-ex-spouses, etc.) is to use encryption where you control the keys, having a strong password/passphrase and NO master decryption key held by someone other than yourself. That means no Dropbox, iCloud, OneDrive, Google Drive or any other cloud service where the vendor can decrypt the information without your involvement. Spider Oak is a service where the user controls the encryption key and there is no “back door” to access the information. Box is currently in beta with a user controlled encryption offering that is expected to be available this summer.

NetDocuments is one of the latest offerings to make user controlled encryption available. I don’t know how he does it, but our friend and colleague, Bob Ambrogi, seems to always get the news first. He has a post that describes the capabilities of the new scheme, which will let users manage their own encryption keys. If you are a NetDocuments user, I would recommend that you opt for the Private HSM feature to store Workspace Encryption Keys. I’m hopeful that more and more vendors will provide solutions where the user controls the encryption key. Even if you are the only one to control the encryption key, make sure you have a strong passphrase/password. The strongest encryption algorithm won’t protect your data if you use a passphrase/password of 1234.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com