Menu

Why We Need Client-Side Encryption?

Anamika Ved and Liz Steininger on September 19, 2017

Already in 2017, there has been an inordinate number of cybersecurity meltdowns. This complex and constantly evolving range of security threats lead many of us to wonder how we can best protect our data from theft or loss.

Many cloud providers advertise their use of end-to-end encryption for security. However, some of the important data breaches in the past have demonstrated that end-to-end encryption may not be enough.

What is end-to-end encryption?

End to end encryption is a method of communication where data is encrypted on the sender side, in a manner that can only be decrypted by the receiving party. In principle, it does not require the involvement of the third party, ensuring that data and files are only readable by intended recipients. Although end-to-end encryption protects data during the exchange between users and cloud-based service providers, it's still possible for servers to access and view stored files. Therefore as Jonathan Zdziarski, a leading independent security researcher and forensics expert said, “End to end encryption is a good thing, but it’s really just the beginning of good security.”

What is needed is a truly robust data security - technology that can provide the best possible protection of sensitive data and files. That’s where client-side encryption comes into the picture.

What is client-side encryption?

Client-side encryption is an advanced, cryptographic technique in which data is encrypted on the sender’s side, in the client they control, before it is transmitted to servers in a network. Client-side encryption allows the users to maintain the encryption key that is not available to the service provider. The files can be decrypted only by using the key created by the client. Data is not understandable by the service providers or third parties that compel service providers to deliver access to data.

S4 and client-side encryption

At Least Authority we take security and privacy seriously and we build our products to protect the confidentiality, integrity, and security of your data. We believe that client-side encryption offers uniquely powerful “provider-independent security” - where the confidentiality and integrity of your data is unaffected by any storage server's behavior. Our Simple Secure Storage Service (S4) - a verifiably secure off-site backup system for individuals and businesses- uses client-side encryption on every file. Your data is encrypted before it leaves your device. This means that you are in control of the keys to your files and only you and those who you share with can access your data. The server that stores your data can’t spy on your files even if it tries and under no circumstances can we circumvent the encryption and we never look at your data.

We strive to give you an affordable, easy to use, resilient cloud storage service - S4 with a new graphical user interface “Gridsync”.

If you have more queries about our secure products and services please send them our way at contactus@leastauthority.com