Do you want to know a secret?,
Do you promise not to tell? ♬
Lyrics and music by Lennon/McCartney.
At last week’s Pacific Legal Technology Conference held in Vancouver, BC, Canada, “The Cloud” was one of the hottest topics in the Conference. Of course the REPORT OF THE CLOUD COMPUTING WORKING GROUP from the Law Society of British Columbia was recognized as a leading document in terms of lawyers looking for a thoughtful analysis of moving to the cloud.
One of the other hot topics within lawyers using the cloud is the security in and around cloud-based storage and sync services such as Dropbox or SugarSync. The concern has been heightened by the revelation that Dropbox dropped the security ball and introduced a bug that could have allowed unauthorized access to users’ Dropbox accounts. For lawyers who need to guard their client’s confidences, this type of data security breach is indeed, worrisome.
It would be great if all data stored in Dropbox could be encrypted with a strong encryption algorithm, which (hopefully!) would render it meaningless even if someone could gain access to your Dropbox account (or similar service). Fortunately, others have given this some thought. Dropbox has several pages that talk about how to mount your Dropbox folders within an encrypted volume on your computer (PC or Mac). The idea here is that your files are encrypted – both on the cloud and on your computer – by having your Dropbox folders within the encrypted volume on your computer.
For PCs, Dropbox has this article in their TipsAndTricks wiki on using Truecrypt with Dropbox.
For Mac users, Dropbox has this forum that discusses mounting your Dropbox folders within an encrypted volume on your Mac using OS/X.
As we move to the cloud we need secure ways to keep our client’s secrets – secret…
(Hat tip to Peter Buxton for providing the idea for this post).