How to Encrypt Cloud Storage in 2021: Better Safe Than Sorry

Although a lot of cloud storage providers will encrypt your data automatically, some don't and many don't let you manage your own encryption keys. This guide on how to encrypt cloud storage helps you get around these issues.

Robin Barber
By Robin Barber (Writer)
— Last Updated: 2021-01-26T21:54:23+00:00

There are plenty of uses for cloud storage, and generally, we’re a fan of it. However, as with everything else on the internet, you need to make sure you’re keeping your files safe from prying eyes. In this article, we’ll show you how to encrypt your cloud storage, so your data is protected from everyone who might want to take a peek.

Key Takeaways:

  • Encrypting files saved to a cloud storage service is the best way to protect your privacy.
  • There are several good zero-knowledge cloud storage services, such as Sync.com.
  • Free third-party software is also available to encrypt files before uploading to the cloud.

Although any encryption is better than nothing, if you want to keep your data private from everyone, you’ll need to use zero-knowledge encryption. This means that you’re the only person with the encryption key, so no one else can decrypt your files to read them — not even the cloud storage services themselves.

However, while zero-knowledge encryption is a great way to ensure your personal privacy is protected, it isn’t always very user-friendly. You can’t use block-level sync, you’ll have a harder time sharing encrypted files and no one can recover your data if you forget your password. This can be worth it for the extra protection, but you should always consider these drawbacks.

  • Cloud storage encryption isn’t for everyone. For many users, the ability to manipulate and share your cloud data is worth more than the extra privacy. However, if there’s anything that you’d rather a stranger didn’t see, and you don’t want to store it on your computer, it’s worth trying out a free encryption service.

  • If you don’t like any of the more secure providers, or you have an existing subscription with another cloud service, you should encrypt the files before uploading them to the cloud. With most encryption software, you can simply right-click a file and choose the “encrypt” option from the dropdown menu.

  • Although OneDrive does encrypt all of your files, Microsoft holds the encryption key. This means that a large data breach or court subpoena could give someone access to your data. While this is unlikely, your best option to prevent it is to encrypt the files before putting them into your OneDrive folder, obscuring the data even if they take the key for your account.

How to Encrypt Cloud Storage 

There are two good ways to encrypt data that’s held on a cloud service: using a zero-knowledge service or encrypting your files before uploading them. Both methods work well, as long as the service doesn’t hold your encryption keys or password and uses AES 256-bit encryption or an equivalent to keep your privacy safe.

Easy Route: Use Zero-Knowledge Cloud Storage Services 

If you aren’t picky about the specific provider you use and don’t already have a subscription, then your best choice is to move to one that has zero-knowledge encryption built-in. Luckily, there are plenty of zero-knowledge cloud storage services that put you in charge of your own encryption key, and these are our favorite four.

1. Sync.com

When it comes to the best cloud storage services, Sync.com is number one; it’s secure, easy to use, feature-rich and good value. It even comes with a solid 5GB free plan, so you don’t even need to pay to keep a few sensitive documents safe. So, if you’re looking for a well-rounded cloud storage service, you should read our full Sync.com review.

2. pCloud

Next up is pCloud, an excellent provider that gives Sync.com a run for its money, getting close to it in our head-to-head matchup. The only thing holding it back is that you’ll have to pay an extra $4.99 per month for its zero-knowledge encryption, so it’s a bit more expensive. However, if this slightly higher cost doesn’t put you off, read our full pCloud review for more information.

3. Icedrive

As a newer service, Icedrive doesn’t have some of the advanced features you’ll get with Sync.com and pCloud. However, you will get 1TB of storage with zero-knowledge encryption at the low rate of $4.99 per month, making this a far more affordable service than the other two. If you’re looking for secure storage on a budget, you should read our full Icedrive review.

4. MEGA.nz

Finally, we have MEGA.nz. Although it isn’t the fastest or cheapest, it does offer 15GB of space for free, with more available for installing the app or inviting a friend. With this free plan, you’ll get access to the same zero-knowledge encryption and plenty of features focused on file sharing. So if you’re looking for free services, check out our full MEGA.nz review.

Slightly Less Easy Route: Zero-Knowledge Encryption Services 

Although it isn’t as easy to use, dedicated zero-knowledge encryption software can encrypt your files on any cloud-based service. This includes cloud storage providers like Dropbox, Google Drive and OneDrive, but you can also use it to encrypt an online backup or send encrypted files to others.

You should make sure that you’re using a trustworthy service, and there are a handful of good free encryption services available. However, if you’re just looking for the best, our favorite tool is Boxcryptor. This is partly because of the great free plan and its use of AES 256-bit encryption, but if you want to learn more about this service before you start, read our full Boxcryptor review.

How to Use Boxcryptor to Encrypt Cloud Storage Data

Using Boxcryptor to encrypt files before uploading them to the cloud is a great solution if you want to protect any data stored with a less privacy-focused provider. This’ll let you hide your information from anyone who may want to look, as long as you set it up correctly.

  1. Get a Boxcryptor Account

    First, go to boxcryptor.com and click “sign up.” This will bring you to a page where you can sign in to an existing account or create a new one. Either way, you will need an email address and a secure password.

    cloud storage encryption sign in
    Create a free Boxcryptor account at boxcryptor.com.
  2. Download the Boxcryptor Installer

    After you create your account, you will see a download page where you can click the “download Boxcryptor” button to get an installer. If you already have an account, you can find it by clicking “download” at the top of the homepage.

    cloud storage encryption download
    Download the correct Boxcryptor installer for your computer.
  3. Install Boxcryptor

    Once you’ve got the installer, you’ll need to agree to the privacy policy and set where it will install. After reading the information on each page, you’ll need to click the “next” button in the bottom-right corner of the window.

    cloud storage encryption install
    Install Boxcryptor with the setup wizard.
  4. Find Your Boxcryptor Folder

    After you’ve installed Boxcryptor, you can access it from “this PC” or the sidebar in Windows File Explorer. If you can’t see them, check that you’re signed in to your account by opening the Boxcyptor desktop app from your start menu.

    cloud storage encryption Boxcryptor
    Open Windows File Explorer and find your Boxcryptor drive.
  5. Connect Boxcryptor to Your Storage

    If Boxcryptor hasn’t automatically moved the cloud storage services you want to use into the encryption folder, then right-click the Boxcryptor drive, select “Boxcryptor” in the dropdown menu and click “settings.” In the window that it opens, click “add” and choose your cloud drive.

    cloud storage encryption connect
    If it doesn’t find your preferred cloud service automatically, open the settings to add it.
  6. Encrypt Your Data With Boxcryptor

    Once your file is in the Boxcryptor drive, you can right-click it, select “Boxcryptor” and then “Encrypt.” You can also encrypt a whole folder, so you don’t miss anything by accident.

    cloud storage encryption encrypt
    Encrypt your files and folders to protect your privacy.

Although it’s a great privacy tool, one drawback to zero-knowledge encryption is that the company — in this case, Boxcryptor — can’t help if you lose your password. This means that losing access to your account will effectively destroy your files. To prevent this from happening, make sure to save your passwords with a secure password manager.

What Is Encryption?

Encryption is a way to hide data by scrambling it with a key. This means that the person who wants to access the data — or read an email, in the case of email encryption — must have the right key to decrypt and read the file, or it just appears as nonsense. Depending on the encryption software, it uses either the same key for both processes, or two different keys — a public key and a private key.

This use of encryption keys — which are often long, complex and generally hard to guess — is what makes encryption so strong. However, if you want more detail on how it works and the other techniques used to make it stronger, you should read our full description of encryption.

Why Encrypt Your Data: The Problem With Managed Encryption

Although rare, data leaks do happen. As most countries have laws requiring data to be protected — such as Europe’s GDPR — basically, every company uses some kind of encryption, especially when it comes to cloud-based services. This seems like it should be great for user privacy, and in a way, it is. However, it isn’t a silver bullet.

Managed encryption — where the data is encrypted by the company storing it, rather than the user — does help protect your files in a data breach. However, the company that holds the encryption keys can theoretically access all of your data.

Google’s terms of service states that it monitors your content for everything from personalized ads to blocking illegal content, and Microsoft’s privacy statement isn’t exactly much better. Even Dropbox has been found monitoring your data to block pirated content in the past.

With Dropbox, Google Drive and OneDrive all watching your data for their own benefit, it’s best to take the safe route and protect it yourself. Using a zero-knowledge encryption program or a service dedicated to security will keep your cloud data away from anyone that doesn’t have your permission.

Final Thoughts 

Zero-knowledge encryption isn’t for everyone, and sometimes the benefits of block-level syncing and easy file editing are worth the privacy risk. However, if there are any files you want to keep safe, the software is available and relatively easy to use. There are even some open-source options, as you can read in our full Cryptomator review.

You can also use one of the free cloud storage plans with zero-knowledge providers like Sync.com and Icedrive. This means that you can get around 5GB to 10GB of space — depending on the provider — to keep your files safe without paying anything extra.

Have you encrypted the data in your cloud storage? Did you use our methods? Let us know your thoughts in the comments section below. Thanks for reading.