This article explains how data can be secured while stored in the cloud. I’m not comparing cloud providers but simply pointing out how data is encrypted and who ultimately has access to it. Big players such as Google Docs, DropBox and SkyDrive (OneDrive) all ensure the data is sent between you and their servers in a secure way. The question is who has access to your data when it’s sitting idle in the cloud?
In the first diagram below, you can see that data is sent from you to the cloud storage servers. When your data gets to the server it is encrypted with a key held by the cloud service provider. At this point your data is safe and secure even if someone was to gain access to it, all they’d get is your encrypted data. The data can be copied back to your computer at which point it’s first decrypted and then sent back to you.
So who has access to your data? The cloud service provider can encrypt and decrypt your data and therefore they have access to it. You can also assume law-enforcement organisations have access too given they can ask (insist) on the key and the data from the cloud service provider.
In the second diagram below, you can see that data is encrypted on your computer before being sent to the cloud servers. When there, the data is still encrypted with your key. The data can be copied back to your computer and finally decrypted when it’s back on your computer.
So who has access to your data with this scheme? You. Actually, anyone who has your key and your data. If your key is only on your computer and you keep your computer physically safe then your data is likely safe too.