Managing Data
Data management and data security turned out to be one of the thorniest, and most important, topics to unravel as we made plans to depart. Strap in. There are a lot of words here.
Call me paranoid, but I don’t want to travel with important data on my laptop. As a physical object, it just seems to be at high risk. Theft, failure, inappropriate inspection… If my laptop is stolen or damaged, replacing it means lost data.
Easy, right? Cloud storage.
But before blindly stumbling down that path, it’s important to note that there is one specific downside from moving off of dedicated, local backup to the Cloud: versioning. If I used Time Machine, for example, to back up to a USB drive, that backup would create multiple versions of any documents I created and edited, allowing me to rewind to yesterday’s version, or last week’s version. Moving to a Cloud service would eliminate that benefit. The backed up version would be the latest version, and any incremental changes I made would be gone forever.
Versioning is definitely a Pro for local backup. On the Con side, however: security. I’d be carrying all of my data with me, between laptop and backup drive, and if they were lost, stolen, or damaged, my data would be gone forever. Given that, the inability to access incremental versions is a minor inconvenience. I just don’t think I’ll be revising documents so frequently that the incremental versions matter. It’s not like I’m working and need to look at Tuesday’s version of that PowerPoint presentation to recover a slide I’d mistakenly deleted.
The other Pro of Cloud storage is that there’s no data stored locally on my computer to which a state actor might object. It’s not like I’m carrying digital contraband, but I also don’t want to be at the mercy of a border agent’s take on problematic. Better very, very, very safe than even a little bit sorry.
Cloud Storage Options
So we’ve agreed on Cloud, but that’s a strategy that begs the question: which Cloud service? The most obvious options are Microsoft’s OneDrive, Apple’s iCloud, Google Drive, or DropBox. There’s truthfully not much to pick between these services. They all offer multiple storage plans at similar prices, with similar approaches to security. There are slight differences, but they’re slight. You could pick any one of them and be fine.
One other consideration when choosing a Cloud vendor. When you use a service that can decrypt your files, they will. The Times recently reported that Google shut down the account of a woman whose nine year old son had uploaded a video of himself dancing naked. This is not a random act. Pretty much all of the services that can read your data, do. They have algorithms that scan for problematic material and automatically shut down accounts when they find it. They don’t just delete the material, they close the accounts. So if Google finds a YouTube video you’ve uploaded that they don’t like, they’ll shut down Google Drive, Mail, Sheets, everything. You’ll be completely locked out, and good luck finding a human at any of these services to explain that a mistake was made.
So my data security needs were both to protect my data from outside attacks, but also from my Cloud provider. I wound up choosing a service called pCloud. The landscape of these services is constantly changing, but as of 2022, pCloud offered the best plan in terms of price, features, and policies. I bought 2 TB of storage on their lifetime plan for a one-time payment of $350. For another $125 I purchased an additional lifetime encryption service. That, truthfully, was the feature that tipped me over to pCloud.
That extra layer of security manifests as an encrypted vault. Files I put in there have an additional layer of security, specifically a method known as Zero Knowledge. With other forms of encryption, the data is encrypted both in transit and at rest on the cloud server, by the service provider, with their keys. That means if a hacker accesses the provider’s keys, they have access to your data. If your provider receives a warrant, they can provide the key to law enforcement. So your data is pretty secure with a Cloud provider, likely more hardened against security breaches than you can make your own computer and network. But is it truly secure? No.
With Zero Knowledge encryption, the files are encrypted with a password on my side, not by the Cloud provider. So the only thing the provider ever sees is the encrypted files, and they don’t have the key to decrypt those files. No hacker can steal it from them, no warrant can force them to deliver it, and they can’t scan it looking for anything they may deem inappropriate. They simply don’t have the key.
Let’s be clear: I don’t have anything particular to hide, nor am I worried that law enforcement would have a reason to issue a warrant for my data, or would find anything incriminating if they did. But I am digitizing nearly 100% of our personal records. All of our medical records, from our entire lives. All of our financial records, legal records, personal correspondence, family pictures… You name it, it’s been scanned, filed, and shredded. So the data I’m looking to store in the Cloud is our entire lives. I want that data as secure and locked down as possible. From every form of threat.
To that end, even Cloud providers can have data failure. By storing all of my files in the Cloud I’ve both increased my security and created a single point of failure. Data loss by pCloud would be completely catastrophic to me. So, in the best tradition of belt and suspenders, my backup needs a backup.
Backing Up The Cloud
For the data that’s not in my encrypted vault on pCloud, I have no problem with it also being stored on another service. Because so many of my historic documents were created in Office, I’m going to be stuck with an annual subscription. Without it, my documents are unreadable.
Thankfully, 1 TB of Cloud storage is included on OneDrive with my annual Office subscription. That’s more than enough to back up the documents I have in pCloud that don’t warrant the extra security of being stored in pCloud’s encrypted Vault.
There’s no native way to take the documents from one Cloud service and duplicate them on another service. I could download them all from pCloud and then upload them to OneDrive. That would be slow, but it would also make me responsible for syncing the two data sets. If I modified a document in pCloud, I’d have to manually update the version on OneDrive. That’s unworkable. And the solutions that exist to backup data to multiple Cloud providers are primarily meant for corporate environments, in terms of both cost and complexity.
Thankfully, I found one service that fills the bill and is consumer oriented: MultCloud. MultCloud will take my pCloud files and replicate them to OneDrive, then keep them synced. If I add, delete, or edit documents stored in pCloud, MultCloud will update OneDrive accordingly. MultCloud has multiple plans, but I signed up for their annual plan with 1200 gigs of data for $60 (as of 2022). That’s more than enough bandwidth to do the initial replication from pCloud to OneDrive. At the end of the subscription year, I can downgrade to the free plan, which includes 5 gigs of data transfer/month. What we create while we travel will be mostly photos, but it’s still hard to imagine adding more than 5 gigs of data to pCloud in a month. The free plan should cover us nicely.
But Wait! What About VPNs?
Virtual Private Networks (VPNs) offer an additional layer of security, but that additional security is likely unnecessary for most folks. Since SSL certificates became a de facto requirement, almost all websites use https, the secured version of http. That makes sure data is encrypted in transit between client and server. So if you enter your credit card information on a website, that data is being sent encrypted as long as you see the lock icon on the url.
But a VPN isn’t a bad thing. In addition to an extra layer of security, by creating an encrypted tunnel through which your internet traffic passes, it allows you to connect to a server almost anywhere in the world. So I could be in Mexico, use the VPN to connect to a US server, and log into Netflix. As far as Netflix is concerned, I’m in the US, so I can stream the same content I could when I was home. If, on the other hand, I wanted to watch Mexican Netflix, I can either shut the VPN off and use the local connection, or connect to a Mexican server via VPN, for the extra layer of security.