Pandemic has brought a dramatic boost in digitalisation: we have moved beyond the physical boundaries of companies to work in the comfort of our own houses, raising ours and business’ productivity. This equates to great opportunities, but also to big risks. Risks that we can’t ignore.
Since March 2020, the number of cybercrimes has increased by 600%. New types of cyber-thieves have popped up, and ransomware has been crowned the king. Ransomware is the ultimate threat of 2023: it gets into your computer, encrypts all your private information, and demands a fee to “unlock the prisoner”.
That’s why in this fast-paced era it’s critical to choose the safest cloud storage on the market. Fast and easy collaboration is no longer an option, so is the importance of securing your business data in the right place.
On this page, you’ll find:
- The difference between security and privacy as comparison factors in the cloud storage landscape.
- A comparison of pros and cons among the 9 safest cloud storage solutions on the market.
- Why mainstream U.S.-based cloud storage solutions are inherently insecure.
- The winner.
Which cloud storage is the most secure?
Before we move on to the analysis of the safest cloud storage services, let’s specify the aspects that can help us evaluate them.
- Security: we will start with mainstream services that offer a basic level of encryption all the way up to more innovative clouds designed in a way that not even the service provider can access the stored data. In addition, we'll look at data breaches they’ve experienced.
- Privacy: we will notice how some services offer seemingly “free” products by trading off users’ privacy for a place to store and access their own data. This aspect will also be tied to the privacy laws of the country in which the service is located, sometimes allowing the government to enforce the reading of private data.
Let’s now consider the alternatives on the market!
1. How secure is Google Drive
Everyone knows Google Drive: a great cloud for collaboration, but less for providing security to your data. It certainly offers a lot of features, but as the saying goes when a service is free, the end-consumer becomes the product. This means that Google monetizes their users’ information (including emails) to deliver targeted ads connected to your habits as they make you sign up in their policy document.
"Google monetizes their users’ information (including emails)"
Google Drive is GDPR compliant, but it sticks with it and does not go beyond. Moreover, Google is US-based. This means it falls under not-so-privacy-friendly legislation with types of laws like the Patriot Act where if requested the government is allowed to read your saved data. As they admitted in their report, 340,000 was the number of information requests by the governments and courts in the first half of 2020 alone: Google replied by providing info in 76% of the cases.
Related reading: How to protect your privacy online: 5 actionable tips!
Let’s now focus on security: Google drive uses basic in-transit (256-bit SSL/TLS) and at-rest encryptions (126-bit AES), without offering any additional layer of protection. In this scenario the server can access your private data, this means that a centralized server attack could lead to a data leak. This is what happened in 2018 with the exposed data from 52,5M users. Also, because of the intuitiveness offered by this service, everything within Google portfolios is integrated, resulting that if you share your data with a colleague and someone external accesses their server (legally or illegally), he can read your files.
Security: 2.5/5
Privacy: 1/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Although Google Drive offers a 15/GB plan for free, it asks for a lot of money when you expand the storage, these are the plans:
- 15/GB User - Free
- 100/GB User - €1.99 x month
- 200/GB User - €2.99 x month
- 2TB/ User - €9.99 x month
2. Is Dropbox safe for confidential files?
“Is Dropbox safe for confidential files?” Definitely not. Dropbox follows the lead of Google Drive: trading your security in exchange for the many services offered. They say that your files will be safe on the cloud, but data uploaded on Dropbox is only protected by in-transit and at-rest encryption and, as in the case of Google Drive, a simple server attack can provoke a data leak. That’s what happened in 2012 with the accounts of 68M users compromised.
At the privacy level, Dropbox can access your information for marketing purposes and to fulfill external requests as they state in their transparency document, responding to 84.2% of legal requests.
Security: 2.5/5
Privacy: 2/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Speaking about storage space, Dropbox’s plans for businesses are very generous:
- 5/TB User (3 accounts minimum) - €12 x month
- Unlimited-storage User (3 accounts minimum) - €18 x month
3. Cubbit cloud review
We’ve analysed two well-known cloud services. Let’s now consider Italy-based Cubbit, a zero-knowledge cloud storage.
Cubbit is the world’s first distributed cloud, and thanks to its distributed p2p infrastructure it offers the most secure alternative currently on the market. Cubbit is zero-knowledge, end-to-end encrypted and this means that no one, (not even Cubbit!) can access the uploaded data. Privacy is also 100% respected: being Cubbit an italian based company your private information will not be subject to government enforcement, nor will it be used for marketing purposes.
"no one, (not even Cubbit!) can access the uploaded data."
But how does it work? Whenever a file is uploaded on Cubbit, it is encrypted (AES-256 military grade protocol), split into redundant chunks, and distributed across the zero-knowledge network. Moreover, providing 2-factor authentication means adding a 2nd step to identity-verification that protects you from strangers knowing your password and brute force attacks, by generating a random-seed that changes every 20 seconds.
Complete security is always associated with immovable imagery, like the one of a fortress or strongbox. What’s thrilling here is that safety is reimagined.
Cubbit changes the collaboration game, allowing you to store, sync and share your files in a “drag and drop” style, while you are one click away from adding colleagues and decide who has access to what. With the Cubbit Private Links feature, you can associate a key to the file you want to share. We recommend sending the document through a channel (e.g. email) and the access key through another one (e.g. Telegram).
"What’s thrilling here is that safety is reimagined."
Cubbit for Teams is the SaaS offer for businesses searching for 100% security of their data. Thanks to its distributed architecture, Cubbit doesn’t need a data-center to run. This is why this zero-knowledge cloud storage is significantly cheaper than similar offerings from the big brands: its pricing starts at €6/month, while both commercial and encrypted competitors start at around the double. Moreover, Cubbit’s distributed model allows savings of more than 70% compared to centralized data centers, see our green paper (or take a look at our article).
Security: 5/5
Privacy: 5/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Speaking about storage space, Cubbit for Teams’ plans are very generous:
- 1TB/User €6 x month
- 2TB/User €7 x month
- 5TB/User €12 x month
You can activate a 30-day free trial by clicking here: Cubbit for Teams Secure Business Cloud Storage.
Otherwise, if you don’t need too many accesses (4 users maximum), there is an option which comes with a one-off payment and no subscription: take a look at our Cubbit Cell - one time payment cloud storage - you can try it for 30 days and get a full refund if you change your mind!
Are you curious but not yet convinced? Check out Cloudstorageinfo's review of Cubbit!
4. Is One Drive private? Let’s see!
OneDrive is the cloud offered by Microsoft, it’s a nice option for simple collaboration and the portfolio is integrated to improve users interoperability: this time your Word and Excel files won’t be victim of formatting after the upload!
This sounds good, but as is the case with all integrated platforms you can’t make this benefit coexist with privacy. Microsoft OneDrive encrypts your files with in-transit and at-rest, but the company can still read them and make the data available to improve its other services. Aside from the privacy issue, when the server can access the data it’s easier for a hacker to provoke a data breach and this has happened to Microsoft Azure (the backbone of OneDrive) resulting in more than half a million exposed customer records.
Another big issue is the fact that Microsoft is headquartered in the United States. Laws such as the Patriot Act, allow agencies to ask companies for private information. In fact, as they admitted in their report, in the first half of 2020 Microsoft received government requests to disclose users’ information from 50,000 accounts: they provided them in 65% of the cases.
Related reading: Cloud storage privacy & security: 7 things to consider
Security: 2.5/5
Privacy: 2/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
As with Cubbit and Dropbox, OneDrive plans for businesses are very generous:
- 1/TB User - €4.22 x month
- Unlimited-storage User - €8.43 x month
5. Zero-knowledge cloud storage Tresorit
Here we have another zero-knowledge cloud storage to consider: Tresorit, a premium solution based in Switzerland that prides itself on the level of security it can provide. Plus, the 2-factor-authentication feature further protects your company’s weak points from breaches.
But this protection doesn’t come without backlash:
- Tresorit is expensive, very expensive (the cheapest premium plan is €15 per month, it gets you just 200GB of storage, and for any feature you want to add you have to pay more money).
- They stores their data on Microsoft’s data-center: keeping data in one single location means that if the data-center goes down you cannot access your files anymore. Moreover, data is stored in Microsoft’s Azure data-center, which had many security problems in the past.
So, what’s the point of paying so much money when there are other services on the market that offer the same level of security, but have fewer issues and cost half of the price?
Security: 4.5/5
Privacy: 5/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Differently from Cubbit and the alternatives we saw above, Zero-knowledge Tresorit plans for businesses are very expensive:
- 1/TB User (3 accounts minimum) - €15 x month
- 2/TB User (3 accounts minimum) - €20 x month
- Enterprise plan from 50 licenses - €25 x month (x User)
6. What is SugarSync cloud storage
SugarSync is a good cloud storage service for security-aware people, but it comes with a hefty price-tag. Moreover, Sugarsync is not a zero-knowledge cloud storage, and it encrypts files in-transit and at-rest.
Here we can notice a clash: the company promises to provide maximum security while still accessing user data as it states in its Help Center. On the privacy side: Sugarsync is not GDPR compliant!
Related reading: How to protect data in the cloud: 9 best tips of 2023
Security: 3.5/5
Privacy: 2.5/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Unlike Cubbit and the alternatives we saw above, SugarSync’s only plan for businesses is very expensive:
- 1/TB 3 Users - €46.37 x month
7. MEGA security
Speaking about the safest cloud storage solutions, MEGA’s name is sure to come up. This zero-knowledge cloud storage service offers up-to-date data encryption, a nice portfolio, and it delivers great value for their customers.
Two main issues come with MEGA:
- It runs on a centralised data center (i.e. polluting and expensive).
- Their cloud is closely connected with piracy and hacking issues.
But that’s not all. The terms of use apply to MEGA for Business, if you need to store a lot of data or edit your files often, you may need to check first if the bandwidth limit applies to avoid finding surprises or getting your work stuck.
Although protected by zero-knowledge, end-to-end encryption MEGA offers you the option to save a backup recovery key in case you lose your password. This equates to weak points for hackers to attack. In fact, MEGA has been victim of attacks more than once. In 2018 the Chrome extension was hacked to steal logins. This fact makes us evaluate their security level lower than Cubbit and Tresorit services.
Regarding privacy, MEGA’s data centers are based in good countries like Germany, New Zealand and Canada. They are all outside of U.S. laws, but none of them are on the list of the best cloud privacy laws countries.
Security: 4/5
Privacy: 4.5/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
Although the price is average, MEGA cloud storage offers a very generous plan for businesses:
- 15/TB User - €10 x month
8. SpiderOak cloud storage
SpiderOak is more of an online backup service rather than a zero-knowledge cloud storage provider. It still offers sharing and syncing features, but only with backups of your files. The service offered is zero-knowledge encrypted, protecting each folder and file with a different key that allows you to access even older versions of your saved data.
SpiderOak has two main problems:
- Zero-knowledge encryption doesn’t apply to files and folders you’ve shared with other people.
- A very hefty price tag.
Speaking of privacy, SpiderOak was mentioned by Edward Snowden as a secure cloud alternative to Dropbox. Another plus point it's their clear and simple privacy policy. SpiderOak’s servers are based in the US, because of this fact law enforcement can happen, however SpiderOak uses zero-knowledge encryption, this means that not even if forced it can read your files (apart from the shared ones).
Security: 4/5
Privacy: 4/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
These are the (expensive) SpiderOak’s cloud storage plans for businesses:
- 150/GB User - €5.06 x month
- 400/GB User - €9.27 x month
- 2/TB User - €11.80 x month
- 5/TB User - €24.45 x month
9. pCloud security review
pCloud is a secure cloud storage solution that allows you to use zero-knowledge encryption as an add-on (“pCloud Crypto”). This involves paying over €47/year per user on top of the subscription price, a detail that cannot be considered irrelevant on your budget.
Apart from the extra-cost, even if you pay for the additional layer of security, your employees can decide whether to zero-knowledge encrypt the data or not. While this fact may offer flexibility on non-sensitive media (i.e. if you do not encrypt a video you can preview it easily), it leaves the final decision up to the employer, allowing for human error which is the cause of a data breach 90% of the time.
Another problem can arise from the fact that pCloud only offers 1TB plans to Businesses. This means that if you need to store larger data you have to add more than one user and store information in +2 different accounts. As for privacy, pCloud’s servers are based in the U.S., this equates to the fact that unencrypted files can be accessed by law enforcements.
Security: 4/5
Privacy: 3/5
Price: Very Expensive - Expensive - Average - Affordable - Very Affordable
pCloud offers only one plan for businesses which is quite expensive considering the storage space:
- 1/TB User - €9.99 x month
What’s the safest cloud storage of 2023? The winner
Throughout the article we’ve looked at 9 different alternatives to secure your private data, but which cloud storage is the most secure in the end?
Here’s our personal recommended top 3:
- Cubbit for Teams (Safest-cloud rating: 10/10 - Price: Very Affordable)
- Tresorit 9.5/10 (Safest-cloud rating: 9.5/10 - Price: Very Expensive)
- MEGA 9/10 (Safest-cloud rating: 8.5/10 - Price: Very Affordable)
Cubbit and Tresorit are almost at the same level of security and privacy. However, Tresorit has some issues with the price and the uploaded data is stored in Microsoft’s centralized data-center, which is why Cubbit is the safest cloud storage winner. MEGA follows as the third most secure service: it is zero-knowledge encrypted, but has been the victim of data breaches in the past.
SpiderOak and pCloud still offer high levels of security, but as you have noticed they have some issues when looking under the hood!
What’s your opinion? You can try Cubbit for free for 30 days, with no credit card required.