asking for thoughts on posting a sensitive doc to a cloud

thomas1004

Well-Known Member
#1
Hello to all,

I have a word doc with sensitive info. I've used Windows to encrypt the document.

I want to be able to share and update this doc from various platforms: win7 pc, win8 pc, surface etc.

Seems to me this doc belongs on OneDrive, but my question to you is, how secure would it be in the cloud, even in an encrypted state?

I appreciate your thoughts, and if you have any suggestions about sharing this kind of doc, please let me know.

Thanks for your help,
Tom
 


#2
Personally, I never upload sensitive info...encrypted or not. Then you compound the problem by sharing said sensitive info and not knowing who's doing what with it on the other end.

My answer is NO!
 


whs

Extraordinary Member
#3
Hard to say. I have a lot of docs on One Drive and never had a problem. On One Drive you can keep it private or make it only available to specific people. Don't make it Public.
 


thomas1004

Well-Known Member
#4
thanks for your thoughts bassfisher and whs.

I fully understand the danger in posting sensitive data
externally. And on the other hand there's an ease of use and lesser chance of losing updates if a file is kept in one place.

I've taken the additional step of password protecting
my encrypted doc. Even so I'm going to use OneDrive
to hold an updated file briefly until I download it locally to another device then delete it from OneDrive. So its
exposure will be minimal.

thanks again and regards
Tom
 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#5
I would never put it there in the first place - but also: "then delete it from OneDrive" - remember the interpretation of the word "delete" on a computer system.
 


thomas1004

Well-Known Member
#6
hi Pat,

I'd like to read your interpretation of "delete" please.

I was in IT software development for many years so I'm guessing that you're saying any file put on OneDrive is automatically cached/backed up even if a file touches OneDrive briefly. Is that it?

Even so, the path to cracking my doc would be to hack into my OneDrive account; crack the password; decrypt the file.
I would guess that it's much easier to hack sensitive data from a retailer or put a keylogger on my pc.

Do you think that Dropbox is more secure than OneDrive? Are there cloud-type storage options more secure?

Thanks for joining in, I appreciate your input.

Regards,
Tom
 


Krypto

Fantastic Member
Premium Supporter
#7
I Use Drop Box & One Drive for my cloud storage needs. When it comes to sensitive information I would not put that on the cloud you don't know who has access to it. While there security is very good. you are putting your documents on a live server somewhere. Whether it is a marked public or private it is still out there. One alternative would be to have your own personal cloud storage server at home. You then own the storage and have much more control over it.

Check out this videos they might help:)


 


patcooke

Microsoft MVP
Staff member
Premium Supporter
Microsoft MVP
#8
hi Pat,

I'd like to read your interpretation of "delete" please.

I was in IT software development for many years so I'm guessing that you're saying any file put on OneDrive is automatically cached/backed up even if a file touches OneDrive briefly. Is that it?

Even so, the path to cracking my doc would be to hack into my OneDrive account; crack the password; decrypt the file.
I would guess that it's much easier to hack sensitive data from a retailer or put a keylogger on my pc.

Do you think that Dropbox is more secure than OneDrive? Are there cloud-type storage options more secure?

Thanks for joining in, I appreciate your input.

Regards,
Tom
Like you I spent many years in system software R&D having started writing in 8-bit Assembler!. There are a number of issues regarding security, access and deletion. All encryption processes are based on mathematical combinations and permutations which challenge the laws of probability but ultimately any encryption process based on a mathematically constructed algorithm may be "cracked" using one or more established techniques. My reference to file deletion is in relation to the well known fact that "deleting" a file amounts to removing its name from a directory and flagging the sectors previously used by the file as now being free for re-use. Deleting does not physically delete any data, which may easily be recovered unless the data has been destroyed by secure deletion software which needs to do much more than just overwrite the data by re-using the disk space.
 


This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.
Top