Practical privacy and simple cybersecurity.
TheNewOil.org

The Best Private & Secure Cloud Storage in 2024

Cloud storage has become ubiquitous in modern society. The most widely-used example, I think, is the one that comes prebundled with our phones in the form of Google Drive or iCloud, but many desktop devices also come preloaded with iCloud or Dropbox (and we often add our own like Google Drive). We use them as a backup, as a way to share large or groups of files (such as a photo album from an event or vacation), and more. But not all cloud storage is equal. By default, mainstream offerings like Google Drive, iCloud, and Dropbox have access to your files. The consequences of this have ranged from insider threats snooping on files they shouldn’t be to people having their content or even entire accounts deleted, often for minor or no infractions and with little or no recourse. Those concerns aside, even big tech giants like Google have had problems with losing user data. So regardless of whether you’re storing sensitive, personal documents like taxes or sharing benign photos of the latest trip to the aquarium, it’s important to safeguard your personal data. And thankfully, in today’s landscape, users are awash with lots of solid, user-friendly choices who can easily take your privacy and security to the next level. So this week, let’s take a look at some of the top choices out there for secure cloud storage.

Disclaimers

As usual, there’s a couple disclaimers worth addressing before we begin. First, as always, threat modeling. The risk of using a cloud service – any cloud service – must always be weighed against what you’re storing and sharing. For the vast majority of average users storing and sharing low-risk files, I would argue that if it's safe enough for a mainstream provider then it's even safer in one of these selections. If you’re whistleblowing against a government or major corporation, on the other hand, you probably shouldn’t be using the cloud at all. Other situations will likely land somewhere in between. Nothing is perfectly secure, so always be mindful of that. Second, some of these services I’ve linked here offer affiliate links. If you decide that any of these services are right for you, it would be appreciated if you used said link as it helps us out, but as always the direct link is also provided if you’d rather not. Finally, with the exception of the first and last entries on the list, all entries are in alphabetical order and not order of recommendation.

The Ideal Choice: Nextcloud

Nextcloud screenshot
Photo courtesy of Nextcloud

I believe the preferred option, in a perfect world, is Nextcloud. Nextcloud is so much more than cloud storage: it’s got a calendar, contacts, notes, to-do list, photo management, RSS reader, and pretty much anything else you can think of. Nextcloud is the golden standard in the privacy community when it comes to owning your data and breaking your dependence on Big Tech.

However, Nextcloud is not without drawbacks. For starters, end-to-end encryption on Nextcloud is so disgustingly broken, it may as well not exist. It only works on the desktop app, and even then it’s unstable and not user-friendly. I don’t recommend it. As a result, this means that Nextcloud is not a zero-knowledge platform, so you’re still trusting someone else with your data like a regular cloud provider. If you use a public instance, you’re trusting those admins to protect your privacy. If you self-host on a VPS, you’re trusting the hosting provider in the same way. But even the ideal scenario – self-hosting at home – exposes you to different risks: outages, the risk of not properly securing it if you expose your instance to the wider internet, the inconvenience of not having realtime access if you leave it isolated to your home network, etc. If you’re confident in your self-hosting skills and willing to put in the time and resources to make it work, Nextcloud is definitely the best option that comes with so much extra functionality to help you own your data, but due to the high cost of entry and considerable number of caveats, I can't simply recommend Nextcloud to the masses. If you're one of those people who lacks the resources for Nextcloud, I invite you to read on.

Filen screenshot
Photo courtesy of Filen

Filen is a relative newcomer in the cloud storage space, but they offer a modern interface, apps for all operating systems, and 10GB of storage for free. I’ve used Filen a few times mostly for testing purposes and have nothing bad to report. It’s easy to use and very user-friendly in that features are where you would expect them to be. Sharing files is – to my knowledge – reliable and easy.

Filen isn’t without hiccups, however. Most notably, they’ve been accused of not always using the best implementation of encryption or cryptographic practices. However, many people swear by Filen as a user-friendly option, and like every other option on this list it can be hardened with Cryptomator (discussed below). If you’re not using any sort of secure cloud provider, I believe Filen would be an improvement.

Mega screenshot
Photo courtesy of Mega

Mega has been around for a long time and is a trusted name. Most notably, Mega offers a whopping 20GB of storage on the free plan, which is more than any mainstream unencrypted cloud provider on the market currently. Personally I was never a huge fan of Mega’s interface, however this kind of stuff is subjective and others may enjoy it.

Unfortunately Mega has had some pretty bad screw ups. At one point, it was discovered that their code would’ve allowed for possible insider access, and as a result of examining this code many experts went on to call it sloppy and convoluted. Another of my readers also noted that Mega’s name turns up in a list of “experts” who were consulted on an anti-privacy legislation in the EU. While this alone doesn’t mean they were in favor of this legislation, the other names on the list are definitely not defenders of privacy so Mega’s inclusion doesn’t look good. For now, however, Mega’s apps remain source-available, allowing us to continue to ensure that they have fixed known issues and are continuing to encrypt our data. For those on a budget who need a lot of storage, Mega is a service worth considering.

Proton Drive screenshot
Photo courtesy of Proton

The biggest thing privacy giant Proton brings to the table in any offering, in my opinion, is their ecosystem. A Proton account gets you not just the service in question – in this case, cloud storage – but also email, a VPN, a password manager, and a calendar, all highly reputed, private, secure, and free (though of course you get better features with a paid plan).

Being a newer player, Proton is still catching up to the more established players in some areas, most notably apps: there is a Proton Drive app for Windows, but Mac is in beta and Linux is nowhere to be seen. Proton is also notorious for inconsistent feature parity. For example, the Android app can also double as a photo backup and management app, but this feature is missing on iOS. The Windows app also behaves a bit strangely, creating a unique folder for the device in question, making it a bit of a challenge to seamlessly sync between multiple devices. I believe they’re working on fixing this, but until they do the desktop apps function more as a backup solution than an actual sync solution. Still, Proton tends to move very quickly with their development, and for those value the ecosystem proposition, Proton can be a powerful choice to consider.

Honorable Mention: Cryptomator

Cryptomator screenshot
Photo courtesy of Cryptomator

With all the security concerns raised in nearly every product on the list, it can be tempting to not to make a move at all. Personally I think it’s still worth making a switch, if for no other reason than to demonstrate a consumer demand for privacy. Fortunately, there’s a way to have your cake and eat it, too – to make the switch and add another layer of security just in case. I’m speaking of Cryptomator, which creates encrypted vaults that sync across all your devices. Cryptomator is available for all operating systems and offers an easy-to-use interface that helps you protect your data even from non-encrypted providers like Google or Dropbox. Cryptomator does require a one-time paid license to use on mobile, but is otherwise free and limited only by the space in your cloud storage. If you are unable or unwilling to switch from your current cloud provider – or want to add an extra layer of security to your chosen secure cloud provider – then Cryptomator is the way to go.

What About iCloud’s “Advanced Data Protection”?

With the rollout of Apple’s Advanced Data Protection program, there are certainly those will ask if that’s an acceptable cloud storage solution. My short answer is “probably but I’m not a fan.” First off, the Advanced Data Protection program is proprietary, meaning that there is very little transparency into the security or implementation of the security. While I personally don’t believe that Apple would intentionally insert backdoors into the program, we have seen time and time again that big, complicated code like that can easily contain bugs, vulnerabilities, and other opportunities for improvement. Closing off the source code means it will take longer for those to be found and fixed, and in the meantime bad guys might find and exploit them. Furthermore, the Advanced Data Protection program locks you into the Apple ecosystem, which makes it harder for you to take your data to a new platform if you ever decide to in the future. I prefer open source solutions that are available on a wide variety of operating systems, giving you the agility to easily pivot for any reason and the assurance of transparency. That said, if you have tried the solutions above and they don’t work for you, then turning on Advanced Data Protection is certainly better than not using it. Be sure to read up on it first and know the limitations.

Regardless of how benign the data you’re sending to the cloud may feel to you, it’s still worth taking a few extra seconds to protect it. The big tech companies may offer a lot of storage and easy integration, but as you can see here many of these services can compete on both storage space and user-friendliness. You're only cheating yourself by letting inertia keep you in their offerings. By switching to an encrypted cloud provider, you'll have taken an easy step to improve your privacy and security and I believe you'll quickly find that the tradeoff was virtually nonexistent. Take a few minutes now to help protect your data so you don’t have to worry about the fallout in the future.

Tech changes fast, so be sure to check TheNewOil.org for the latest recommendations on tools, services, settings, and more. You can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...