i need help with data in transit

I have sensitive data that I keep encrypted locally. This means I have to transfer encrypted files to co workers via hard drives. It would be nice to have the data secure where all of us can access it but it is protected. I have tried to use truecrypt with dropbox but the uploads are very slow. Trying to encrypt a folder then upload the encrypted folder can take a long time since I have to upload the whole encrypted folder for small incremental changes.

Someone told me that Microsoft now signs business agreements for security which means I can keep sensitive information on their server without truecrypt which means I can make small changes to the information without having to encrypt and unencrypt the whole file of all the data for each small change.

How do I get the data to the server protected in transit? Do I need a vpn? Honestly I don't even really know what that means.

Thank you for your help.

Cooldays

 

Yes, that's a problem using Dropbox with TrueCrypt files.

I wouldn't trust that. But you might, depending on your threat model.

The traditional solution is using a local server (under your physical control) with a remote-access VPN for your coworkers to securely connect through. You and your coworkers would also use full-disk encryption on your workstations.

De nada

 

Thank you,

I am trying to avoid the server due lack of ventilated office space. Also it is only 2 staff that need to share data. It would be simple if I could figure a way to get data to the cloud back and forth safely.

 

You could find a cloud provider that you trust, and set up an OpenVPN server on that for you and your coworkers. OpenVPN has a ready-to-go Access Server. It's free, but only comes with two client licenses. You can buy more for a small annual fee.

 

You can try encrypt the files using EncFS then sync the encrypted files to dropbox (http://ninjatips.com/encrypt-dropbox-using-encfs/) or other cloud storages. You and your co-workers need to share the same account and password so don't expect this will work very well. Another alternative is to use services like viivo.

 

Easy as pie

CryptoHeaven/Salusafe will work perfectly for you. Paid accounts are pricey but being a small company, the free accounts might suit you fine.

Here's what you do:

Create a free account for every user (PC) in your office. During the account creation process, select to save your private key "locally". Make a copy of the private keys on a thumb drive and store securely. If your pc's do not run java, a portable version of java will be created for cryptoheaven's use "only".

You can now upload documents and other files (free accounts have a 100MB limit) and choose who and how to share these files with. Files you share with your 2 employees will show up in their accounts for access and if you desire, edit.

This is "encrypted webmail/file storage/file sharing/chat". "Everything" in your account is encrypted "locally" with your public key before being uploaded and stored on the server and downloaded and decrypted "locally" for you with your private key when needed. Nothing is saved locally unless you make a copy of it.

 

Yes, you can set up a VPN server, but that can be a hassle. I would recommend truecrypt + bittorrentsync, but instead of using one truecrypt container, just use more containers. If you work with small files, like word or similar formats, just set a small size (10-50MB) for your containers.

 

crytohaven/salusafe seems on the surface like a very good answer. I have some doubts though. Yhey claim they are HIPAA compliant. Well guess what...I may be wrong, but you can't be unless your server is in the USA. So the whole thing seems fishy to me. This is, however, the exact model I am looking for. Encryption at my computer, shared and backed up on the cloud.

these are the requirements: Are they legit? they are located in "dominica" something seems wrong....

 

Registered in Dominica which is i believe a tax/privacy haven but servers are located in Canada. Just create a free account and ask some questions through the client directed at CH Support.

 

They did not respond to an email request. Still suspicious, or at least not convinced.