Going digtal: Is there a simple, secure way to keep stuff in the cloud?

DavisBXL

Hi all,
I would like to stop storing a tonne of paper around the apartment - bills, certs, etc. except the most important - and safely store them online in a secure yet accessible way.
I'm finding myself a bit caught between the convenience of just dropping them in folders on Google Drive/Dropbox, vs the idea I'm putting up a lot of personal info on the cloud, and the inevitable risk that brings vs. the possibly greater chance of it being damaged/stolen if it exists only as paper; not to mention the inconvenience.
In the past there were things like TrueCrypt to make a secure zip file of invoices for example, but now I'm finding myself puzzled as to how best to ensure there's a reasonable amount of security to keep my documents safe.  In a perfect world, I'd like something that's able to encrypt either individual files or folders which could then be put on Dropbox for example, and be accessible through Windows, Mac and Android progs/apps without too much of a song or dance.
Or if others have better solutions, I'm all ears. :)  
Thanks!

seamus

I guess "reasonable" depends on what the documents contain and how valuable they would be if stolen (I'm betting the answer is "not very") and how much difficulty it would put you in if your encryption key was lost or forgotten (I'm guessing "a lot").

For the vast majority of people, storing your data unencrypted on a secure platform like Dropbox or Google Drive is perfectly fine. The chances of the entire service being compromised are pretty small - and even if it was, there's a lot more interesting data in there than your small business accounts from 2014.

So the main thing you need to keep secure are your credentials. And if you have good hygiene around that, then someone would need to go to a lot of effort to compromise your account. Is the data in your account really valuable enough to justify that effort?

Research what the platforms do an how they do it. The bigger ones encrypt everything already (often with multiple layers), so someone who did manage to get physical access to the data can do nothing with it. They will also have multiple levels of internal controls, so employees have limited (if any) access to customer data, and all access will be logged and audited. The encryption keys and decryption processes themselves are often controlled with multiple access layers that require multiple employees to confirm permission before anyone can even look at them.

So while it can feel a bit odd sticking a plaintext file up on Dropbox, when it gets into the wild that file is not stored in plaintext anywhere.

DavisBXL

Thanks for the quick reply.  Agreed on your assumptions - not highly sensitive and losing access would, well, rather suck.
I guess the main reason I was hoping there was a relatively user-friendly option out there is memory of the Dropbox hack, the way company after company have appeared disingenuous in their reporting of it, and the basic principle that combing two separate mechanisms would hopefully add a whole different layer of protection.
I guess what you are saying is 2-factor authentication, different passwords, and a reputable cloud service provider should be enough for personal documents, which I can definitely appreciate is the simplest way to go.
Of course if there are other ideas out there, I'm still open to them!

Johnboy1951

I much prefer reasonably local storage, keeping a backup off site.

Rotate the backup and have it suitably encrypted.

I dislike and distrust storing 'valuable' data on someone else's server.

It is fine for things I wish to share.