In answering the following questions, we looked at Dropbox as an example when asking and answering questions in relation to the security of your business / personal information / data when in cloud storage.
Following reading this article, you may check out the terms, conditions and privacy notice of your cloud storage provider and ascertain their position in relation to the issues identified in this article, in relation to the protection and security of your business / personal information /data and evaluate how ‘ProtectorApp Encryption Program’ can help you further secure your business information / personal data
Why would I need ProtectorApp encryption program to protect my data when it is already encrypted in cloud storage?
While your data may be encrypted when it is stored in cloud storage such as Dropbox, its contents are still accessible to Dropbox and their third-parties. Under the terms and conditions of Dropbox (https://www.dropbox.com/terms) Dropbox state that they may review your conduct and your content for compliance with their terms and acceptable use policy.
Why would I need to have my file names and file titles encrypted when its stored in cloud storage?
Dropbox states that they collect information relating to how you use the services, including actions you take in your account (like sharing, editing, viewing, and moving files or folders) (https://www.dropbox.com/privacy). By not having the details of your files names and contents encrypted, file activity and movement may inadvertently disclose confidential information which may indicate likely market activity or changes in business strategy etc. By using ProtectorApp Encryption Program, all files names and contents are encrypted and therefore file activity such as sharing, editing, viewing and movement of files and folders are not identifiably to Dropbox or their third parties.
What other information do cloud storage providers collect in relation to my device etc.?
Dropbox states that they also collect information from and about the devices you use to access the services. This includes things like IP addresses, the type of browser and device you use, the web page you visited before coming to their sites, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services (https://www.dropbox.com/privacy). If you add these details with details of your file management activities and details of the sites you visited prior to accessing your business files stored on Dropbox, you can quickly build up a picture of what is happening within your business. However, if you remove access to information such as your file names and contents through ProtectorApp Encryption program, you will greatly reduce the risk of unintentionally disclosing private and confidential information in relation to your businesses activities and personal information.
Does your cloud storage service provider share your business information or personal data and files contents with others?
- • Dropbox, Inc.
- • Amazon Web Services, Inc.
- • Teleperformance A.E.
- • Salesforce.com, LLC
- • SnapEngage, LLC
- • LiveOps Cloud Platform, LLC
- • Google LLC
- • Zendesk, Inc.
- • Oracle America, Inc.
In light of the fact that Dropbox and its third parties have access to your business information / personal data, ProtectorApp Encryption Program can assist you secure your business information, personal data and any other confidential information, by encrypting both the file name and file content before forwarding it to cloud storage, thus making access to your business information, personal data and confidential information highly unlikely.
Will your cloud storage provider disclose your business information or personal data to any other third parties?
Dropbox states (https://www.dropbox.com/privacy) that they may disclose your information to third parties if such disclosure is reasonably necessary to
- • comply with any applicable law, regulation, legal process, or appropriate Government request;
- • protect any person from death or serious bodily injury;
- • prevent fraud or abuse of Dropbox or our users;
- • protect Dropbox’s rights, property, safety, or interest; or
- • perform a task carried out in the public interest.
However, if your business information and personal data are encrypted by ProtectorApp Encryption Program, you can take back control of who can access your personal information, as any third party request will have to be made directly to your business; as the information stored in the cloud storage will be unreadable due to its encryption.
Do Government request customers information from cloud storage providers?
Dropbox has confirmed that they have received Governmental request for user’s data from Governments all over the globe (https://www.dropbox.com/transparency). They also state that such government requests frequently include a court-granted non-disclosure order which prohibits them from giving notice to the affected user. However, Dropbox have indicated that they fight overly broad requests on the part of Governments and resist requests from Government investigations that are improper, illegitimate or have been brought in bad faith .
ProtectorApp Encryption Program’s ability to encrypt your business information and personal data / files prior to they being forwarded to cloud storage reduces the possibility of Governments accessing or requesting access to your data without your knowledge, as the information they would receive would be encrypted and unreadable, thus increasing the security of your businesses information and personal data.
Can your Cloud Service Provider recover deleted files?
Dropbox has a very good recovery of deleted files capability. They save deleted and previous versions of files for specific periods of time in case you wish to recover them, this can vary from 30 days to 120 days or a full year depending on your Dropbox Plan (https://www.dropbox.com/help/security/data-retention-policy).
While this is an excellent functionality for the recovery of deleted files, it is also a risk to access of your business’s information and personal data that has been deleted, unless you have had the information or personal data encrypted through ProtectorApp encryption program before deletion.
How long will the cloud storage provider retain your personal information or data for?
Dropbox will retain the information you stored on their cloud storage for as long as your account is in existence or as long as they need to provide you with their services (https://www.dropbox.com/help/security/data-retention-policy). In the event that you delete your account they will initiate deletion of your files and information after 30 days. However, they may retain your information if it is necessary to comply with their legal obligations, resolve disputes or enforce their agreements. In light of Dropbox retention policy and the associated risks of third party accessing your business information or personal data, the encryption functionality offered by ProtectorApp Encryption Program is essential for every business to protect the confidentiality and integrity of their business information or personal data while it is stored in any cloud storage format.
Where does your cloud service provider store your personal information and data?
Dropbox states that they may store, process and transmit your personal information and data in the United States and locations around the world. Dropbox has recently launched datacentres in the EU. When transferring data from the European Union, the European Economic Area, and Switzerland, Dropbox relies upon a variety of legal mechanisms, including contracts with their customers and affiliates. Dropbox states that they comply with the EU-U.S. and Swiss–U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the European Economic Area, and Switzerland to the United States. This is admirable, and it appears that Dropbox is complying with the relevant regulations etc., in relation to the transfer of data to third countries or international organisations under GDPR. However, the fact that your personal information and data is being stored in the United states and locations around the world, increases the necessity to ensure that you avail of the opportunity for your business to encrypt it prior to forwarding it to cloud storage by using ProtectorApp Encryption Program.
Will Dropbox allow me to encrypt my business information and personal data prior to cloud storage?
Dropbox allows users to add their own encryption to business information, personal data and files stored in Dropbox (https://www.dropbox.com/help/sign-in/how-security-works).
What is the legal basis for you to allow Dropbox to process your personal data?
Since Dropbox states that they collect information relating to how you use the services, including actions you take in your account (like sharing, editing, viewing, and moving files or folders) (https://www.dropbox.com/privacy) such actions would appear to come under the terms of processing under the GDPR and as such your clients, privacy notice and purpose of processing, lawfulness, transparency, fairness, data subject rights etc. would all need to be addressed under the GDPR. ProtectorApp Encryption Program could assist you in complying with the GDPR as it would encrypt the relevant personal data / information and mitigate any possible risks to accessing such data or information.
Do your data subjects know that their personal data is being processed by Dropbox? (Transparency / Data Protection Notice / Consent/ lawfulness/ fairness etc.)
In light of Dropbox activities / processing of your business information and personal data while in cloud storage, you may need to revisit your GDPR compliance, policies, privacy notices etc. as required by the GDPR so as to ensure you are compliant with the GDPR.
So how difficult is it to encrypt your data while using ProtectorApp Encryption Program?
It couldn’t be easier, simply open ProtectorApp encryption program on your desktop, click import files, a browser window opens, and you simply select the file or files you wish to encrypt, click open and they are immediately imported into the program and encrypted. All that has to be done then, is to select the files and save them to the designated file name of your choosing. That’s all that has to be done, your personal information or data has been encrypted and stored in the storage location of your choosing i.e. cloud, server, database or computer.
So, what exactly is ‘ProtectorApp Encryption Program’?
ProtectorApp encryption program is a file management, organisation and encryption program that encrypts, organises and enable encrypted file sharing within a user group or to an individual. It provides each business with an individually encrypted key making each enterprise a standalone secure encrypted file environment. The encryption program uses the highest standards of encryption that is commercially available through a user-friendly interface which requires minimum training for its use. It includes features such as
- • High level encryption
- • File categorisation and searching functionalities
- • Encrypted File sharing
- • File expiry data management
- • Audit logs
- • Secure file exporting options
Most importantly, your business retains control of who can access your personal information or data, there is no hosting account required, your data remains under your control and with you. Protectorate Solutions Ltd. has no access to your data, you control and process it as you see fit.
Our encryption solution encrypts your data to the highest standards commercially available with a level of encryption of AES 256. It not only encrypts the file name and file contents, but it will also encrypt keywords, notes etc., made in relation to each file or information.
ProtectorApp encryption program is an ideal tool to aid in compliance with the General Data Protection Regulations (GDPR). The protection of business information and personal data has never been more critical in this age of cyber-attacks and unauthorised access attempts.
For more information on our ProtectorApp Encryption Program simply Contact us today or directly email us at email@example.com