Many companies rely on cloud storage solutions to store and facilitate the security of their data. One aspect of cloud storage seldom mentioned, however, is the ownership of encryption keys. Although the majority of cloud hosting providers encrypt data stored on their services by default, they do not allow their users to set custom private keys. This results in a vulnerability to the client’s data as the hosting provider maintains read access to anything stored on their servers.
Amazon’s Web Services (AWS) provides its own variant of a cloud storage solution with their S3 offering. Within Amazon’s own manual, the company mentions the potential for vulnerability and states that if users would like to have true client-side encryption, they must use a third-party tool as this functionality is not built into S3. If a user lacks control over the encryption keys and the encryption process, they will always lack the certainty that their data is secure.
GoodSync can provide that certainty with its data at rest AES-256 encryption capability. An Amazon S3 account can be linked to the GoodSync application, which will upload and encrypt all client data in an automated and configurable way. Users can be certain that any data they upload to their S3 buckets is truly secure and private.
You don’t need a license to try this. You can download and run a free fully-functional trial of GoodSync for 30 days. You can also access encrypted files remotely with GoodSync Explorer.
Follow these simple steps to protect your Amazon S3 data:
1) If you haven’t done so already, download and install GoodSync.
2) In the Job menu, select “New” or click the “New Job Button” in the toolbar.
3) In the New GoodSync Job prompt:
- Enter the name for your new Job.
- Select Backup or Synchronize as your Job type.
Next, select the endpoints for your job.
4) Select the left side and navigate to the location of the data that you would like to encrypt and back up. Note: In our example, we will use a local folder. For all supported services, please click here.
5) If you need to connect your Amazon S3 account, click here.
6) Select the right side and navigate to the S3 location that you would like to back up to.
7) Within the Job Options, select “Right Side” and check the box labeled “Encrypt File Bodies and Names.”
8) Enter a password that you’d like GoodSync to use to encrypt your data. GoodSync will save that password in the job settings; you will also need to remember it (TIP: use a password manager, e.g. RoboForm, to record it) in order to access that data from other devices or to allow other people to access that data.
9) To begin synchronization, the encrypted folder must either contain zero files or only files previously encrypted by GoodSync with the same password that you entered in step 8. If the folder contains any other files, click “Empty Sync Folder” to remove its contents and prepare for synchronization.
10) Click “Test Encryption” to confirm the passwords match. If the folder already contains files that have been previously encrypted by GoodSync, GoodSync will attempt to decrypt them with the key you specified.
11) Click “Save” to commit changes.
12) Click “Analyze” and “Sync” to run the sync.
Below is an example of unencrypted data (left) and encrypted data (right).
Note: to configure the job with automation or other settings please click here.