Use zero-knowledge providers Zero-knowledge cloud storage providers use encryption at all three crucial stages. Below are a couple of practical options for lawyers. What are your options?You have many options to better protect your client data stored online. This is something you want to seriously think about if you’re storing sensitive or confidential client information on their servers. Dropbox and Google Drive) who do not offer client-side encryption have the ability to access your data. Only a handful offer encryption at all three stages. What does this mean for lawyers?Almost all cloud storage providers offer encryption at the second and/or third stage. Although the provider manages the decryption key at this stage, your data is still protected from provider access as long as you’ve used client-side encryption at the first stage.īelow is an illustration of what encryption looks like at the three stages and what it looks like when there is no client-side encryption at stage 1.
It stores and maintains the decryption key along with your data. Encryption at this stage is done by the provider. Third stage: Server-side encryption for data at restWhen your data reaches the provider’s server where it will reside for an indeterminate period, it is secured with a third layer of encryption. In-transit encryption prevents this from happening and provides another layer of security for your data. Even though attackers may not be able to decrypt your data, they can still hold it hostage. Client-side encryption doesn’t prevent attackers from intercepting the transfer and seizing your encrypted data. Encryption at this stage ensures your data is not vulnerable to interception while it’s in motion. The transfer occurs over encrypted connections established by the provider. Second stage: Encryption for data in transitOnce your data is locally encrypted on your computer, it will be transferred to the provider’s remote server. The data is therefore protected against backdoor access and outside hackers because your key is not stored with the provider. Only you can decrypt the data using your key. Encryption at this level is crucial because it makes all your files unreadable by everyone. This is called client-side or zero-knowledge encryption. Without knowledge of your key, the provider has no access to the data stored on its server. A copy is not shared with the provider, so it has “zero knowledge” of your key. So let’s look at the different stages in more detail without getting too technical.įirst stage: Client-side encryption for data before transit Before you transfer your data from your computer to the provider’s server at their data center, you encrypt your data locally on your hard drive with a private encryption key using the provider’s tool. Then you can make an informed decision as to which provider to use. My goal is to help you understand why encryption at each stage of data transfer is important. A good cloud storage provider encrypts your data at three different stages to provide the most protection: (1) before it leaves your computer, (2) in transit to the provider’s server, and (3) when it is stored on the provider’s server. Data can be encrypted at several levels, but not all vendors encrypt data at every crucial level. Encryption, which makes data unreadable, plays a big role in data protection. The risk of malpractice exposure if client data is compromised or breached is something lawyers need to evaluate.īefore you choose to store your client data with an online third-party vendor, take some time to understand how that data is secured and protected.
Issues of whether data is encrypted and who has access to the data make some lawyers understandably nervous about having a third party store their client information.
However, the use of these common cloud storage services presents some data security concerns. Many use Dropbox and Google Drive for this purpose. Lawyers increasingly rely on the cloud to store, share, and synchronize their client files.
0 kommentar(er)
