Quote:
Originally Posted by Aleron Ives
Is there any practical way to keep your data encrypted when using a remote backup service? You could encase all your files in encrypted 7-Zip archives or encrypted filesystem containers, but then you'll have to upload/download large containers every time you want to refresh a single file.
|
You might want to look into "Cryptomator". That encrypts on a file basis, not a container basis.
https://cryptomator.org/
When you look at Cryptomator documentation, it mentions a "vault". But this is not a vault in the sense of Veracrypt type encryption. It's not a "one big file container" type of vault that holds everything. Files are encrypted separately. So if you have 100 files, and change one of them, when that gets uploaded to the cloud is that one file (maybe with an additional overhead file or two). Not the whole giant bundle of all 100 files like would happen with a Veracrypt vault.
You would also need to make sure your backup service allows you to specify only what you want uploaded/backed up. As I understand it, Backblaze uploads basically your entire computer by default. I think you can blacklist certain files/directories that you don't want uploaded. What you really want IMHO is not a blacklist strategy, you want a whitelist strategy. Where you tell the backup service what you do want backed up, not what you don't want backed up. Backblaze type setups are better for non-computer people who have no idea what they would or would not want backed up, so the default of "everything" is the best option for them. But you end up backing up a ton of useless garbage that way. But again, that's the safest option for the non-computer-guru group of users. Each backup strategy has its strong points and weak points. Different services target different user bases.