The year 2021 dramatically boosted digitisation: we have moved our physical workplace online, and in this fast-paced world, the movement of data has become more fluid than ever before.
However, this scenario is not without risks: the University of Maryland has estimated hacker attacks at the rate of one every 39 seconds this year. That's why more and more people are employing secure file sharing solutions to collaborate.
On this page, you’ll find:
- What secure file transfer is and why it's a 2021 game changer.
- 5 alternatives when it comes to collaborating and sharing files securely.
- 3 best practices to protect yourself from data breaches.
- What Cubbit private links are and how they can help you.
What is secure file transfer?
People send files every day without even thinking about the risks involved in the chosen channels. That’s why it often happens that private keys are sent via email or unsecure tools like Wetransfer.
In 2021, hopefully people and companies are getting into the habit to share files securely. But what does this term mean?
Secure file transfer is not just the “pure” act, but a series of practices that ensures digital documents are shared safely. It allows sharing files between different organizations/users and protects data from access by unauthorized external parties.
Some of these practices are:
- use the right (zero-knowledge encrypted) tools.
- Enable 2-factor authentication.
- Creating a unique password.
- Many more that we’ll delve into throughout the article...
Now that we’ve covered what secure file transfer is, let’s move on and find out why it’s so important.
Why sharing files securely is crucial for you
Share files securely is very important, especially now that the workplace has moved to an online environment. Below are some of the benefits involved:
- Data security: secure file sharing means that the documents you send cannot be involved in a data breach. By using a zero-knowledge encrypted service no one can access the shared files except by those you authorize (not even the service provider!).
- Privacy: unlike protecting yourself from external attacks, with privacy we consider the control you have over your information and how it’s handled. You can use a service that is compliant with the law (i.e. GDPR & CCPA) or decide to go beyond it with privacy by design & by default, putting a premium on private data.
- Easy collaboration: secure file sharing tools are also innovative ones, which means the physical workplace is reimagined into a more efficient online version. Combining security and intuitiveness improves productivity while working with peace of mind.
- Flexibility: as you might have guessed, this doesn’t just relate to the topic of collaboration. What is also very elastic with secure file sharing tools, is that you can work and manage data of any client in the world you want, as you’re meeting the highest security (and privacy!) standards.
Now that we’ve seen the key advantage points when it comes to secure file transfer, let’s move on to look at some examples.
Secure file share options
There are several types of file sharing options available. Below we'll look at some of them, from the most basic to the modern ones.
USB flash drives
USB flash drives are among the most basic options for sharing files: you insert the pen-drive, upload and transfer the data you need to your computer, and that's it. The exchange happens physically - you own the pen-drive and give it to another person.
Examples: USB flash drives, external hard-disk drives...
When it comes to online file sharing, the first choice always goes to email - who doesn't have a free Gmail account today? Just log in, type and attach what you need and then click to send. You can even set priority and open receipts.
However, email is neither encrypted (at least the supposedly "free" ones - check Tutanota for a secure email service), nor does it allow you to send large files.
Examples: mainstream “free” services as Gmail & Hotmail or encrypted ones as Protonmail & Tutanota.
P2P networks have always been associated with online media piracy - in the 00s Napster and eDonkey2000 were built specifically for this purpose. The concept of P2P networks is to transfer files between network connections instead of going through the central server, every time you send data.
However, peer-to-peer technology has changed, and created a very secure method of file sharing for confidential documents. You can learn more here: What are P2P networks and why they are not just for illegal activities.
Examples: BitTorrent, Shareaza, eMule, Kazaa.
Document collaboration softwares
Document collaboration tools go beyond file saving and ease of use. These tools shape the way we interact and collaborate remotely with our colleagues in real time and on the same document. However, most of them are not very secure.
Examples: Microsoft 365, Trello, Basecamp.
Cloud storage services
Cloud storage, often referred to simply as "the cloud", offers an easy way to store and manage data in an off-site location (most often someone else's data center) that anyone authorized can access remotely over the internet. Unlike document collaboration tools, here all data is managed online.
This option is the most adopted when it comes to storing, collaborating and sharing documents. So common to the point that people have become accustomed to unsafe practices such as storing confidential data on less-than-secure cloud storage services, incurring “unexpected” data breaches - this was the Dropbox case in 2012 with 68M leaked accounts.
However, there are a number of innovative companies employing cutting-edge technology to enable discerning businesses to deal with their confidential documents. One innovation evolving in 2021 is the “distributed cloud” (which leverages p2p networks) - you can read more about it here.
Examples: Dropbox, OneDrive, Cubbit.
Wondering which cloud storage provider is the most secure in 2021? Check out the list, along with pros and cons, in this article from Cloudstorageinfo!
We've considered the main alternatives when it comes to sending information. Now let's take a look at the best tips for share files securely.
How to secure file sharing
As you may have noticed from the previous sections, online file sharing entails various benefits. However, it also comes with some risks that can't be ignored. In this section we'll take a look at some main points to consider when it comes to secure file sharing, especially when it's done on “the cloud".
Encryption level of the file sharing platform
One of the key elements to consider is the level of encryption of the platform being used. The goal is to make sure the information is unreadable except for authorized parties. Almost every collaboration or cloud platform today is encrypted (even Google Drive!), but what differs is the level of encryption.
Below are some definitions:
- in-transit encryption: data is secured while it is being transmitted between two parties.
- At-rest encryption: information is only protected when it is stored on the server.
- End-to-end encryption (e2ee): files are protected all the way from one user to another. The server does not own the key, which means no one but the user reads the data.
- Zero-knowledge encryption (ZK): recycling the concept of e2ee, with zero-knowledge technology not even the service provider can read the access key. What changes here is that you can only apply the previous encryption on communication systems, while you can apply ZK to any service (e.g. cloud).
While on mainstream services such as Dropbox, the in-transit and at-rest encryption layers are combined, they do not guarantee the needed security and privacy for the user. Instead, you should look to zero-knowledge, end-to-end encrypted services to securely share files with your colleagues. Learn more about the different types of encryption - here.
Craft an ecosystem to transfer files securely
Security is not only about the layers adopted by the service provider. 90% of data breaches are caused by human errors and that's why there are also some tips on how to behave and what to do to avoid unexpected events.
- Create a unique password: use a silly scheme to make passwords: hard for a hacker or computer to guess, but easy for you to remember - here you can find some tips.
- Enable 2-factor authentication: this adds an extra layer of security, consisting of a second step of verifying your identity when you log in - learn more about 2-FA here.
- Minimize human error: only share data that really needs to be shared, and use role-based authorization and document access levels (i.e. minimize the attackable surface!).
These are some of the top tips when it comes to creating a secure ecosystem beyond the platform used to share files.
If you want to dig deeper into this topic you can check out the article: How to protect your privacy online: 5 actionable tips!
Use Cubbit Private Links: zero-knowledge end-to-end encrypted sharing on a p2p-based cloud
Cubbit Private Links are a unique feature of Cubbit - the first distributed cloud storage in Europe.
This is an ultra-secure file sharing option while being super-easy to use:
- upload the data you need to share in “drag and drop” style.
- Click on the menù and choose “get link”.
- On “private link” you’ll see a url - send it to your colleague (e.g. email).
- To be 100% sure, send the encrypted key on another channel (e.g. Signal).
- That’s all! You’ve shared the file/folder in complete security.
P.S. Files uploaded on Cubbit are zero-knowledge, end-to-end encrypted. No one, not even the service provider, can access the data.
You can start sharing safely today: try Cubbit for free for 30 days (with no credit card required!)