Viivo encrypts files automatically before they are synced with the cloud
Cloud storage and security has certainly come a long way since its humble beginnings. It is appreciated by users across the globe as a way to sync data between devices, and to make data available on the Internet so that you or others can access it at anytime.
One of the main issues that I have with cloud storage is that you give up control of your data. Companies like Google, Dropbox, Amazon or Microsoft promise to keep your data safe but most appear to scan your data for a variety of reasons.
Update: Viivo is no longer available. We suggest you use BoxCryptor or the self-hosted solution OwnCloud instead. End
Microsoft for instance banned users of its SkyDrive service (now called OneDrive) in 2012 after automated scans found partially nude pictures uploaded to a private folder of the user's account.
But encryption does not only prevent services from scanning or accessing files uploaded to their servers. It is also preventing third-parties from accessing them should they be able to hack into the account or servers.
Back in 2011 I suggested that users either encrypt important data before they upload it to the Internet or, and that may be the better solution, don't upload it at all.
One of the services I recommended back then for the encryption part was SecretSync. The service, now called Viivo, is still around; reason enough to take another look at what it has to offer.
Viivo is offered as a free, pro and enterprise version. The free version supports most features with the exception of multi-factor authentication, extended customer support an administrative console access.
You do need to create an account to get started, but that can be done during installation. Please note that you need to verify the email address to complete the process (and thus the installation. The password you set during setup will be used to encrypt all files so make sure it is a secure one.
Viva supports the popular cloud syncing services Dropbox, OneDrive, Box and Google Drive.
To create your first locker (out of five supported by the free version), select one of the supported providers from the list, pick a source folder that you want to place the encrypted contents into, and click next.
You are then asked whether you want to keep decrypted copies of your files on the local system. If you select that option you are asked to pick a location to sync the unencrypted files with.
The program displays an overview of the selected settings on the last page of the process before it takes you back to the lockers screen of the application.
Syncing encrypted files with the cloud
This is actually very easy. Simply copy files into the folder that you have selected as the locker location in the cloud. Viivo detects new files and folders automatically and will encrypt those before they are uploaded to the service.
If you have selected sync, decrypted versions of all files and folders are copied to the selected location as well.
All synced files appear with the .viivo extension while folder names are not changed at all.
Accessing files
You can access files directly by executing them, just like you would do normally. If you have synced an image for instance, you can simply double-click on the file to open it in the default image viewer of the system provided that Viivo is running on it.
This works well for standalone files but you may run into compatibility issues. That's one reason why Viivo added a filter option to each locker. You can use it to prevent that certain files are encrypted by the program.
Another option that you find there is to enable filename encryption on top of that. This can be useful if you don't want others to see names of encrypted files in that folder.
Sharing and Security
Other users can be added to lockers so that they can access contents of them as well provided that they too use Viivo.
Viivo provides the following information about security:
- Each Viivo user has a Private Key that is encrypted with AES-256. The key is generated from your password using PBKDF2 HMAC SHA256
- For shared folders, there is a Share Key that is exchanged via RSA encrypted 2048
- All of your files are encrypted with AES-256
Viivo states that it cannot reset passwords that a customer has forgotten or cannot remember. There is however an option to reset the password, but it only works from previously authenticated devices.
Closing Words
Viivo is an easy to use product that works automatically once you have set up at least one locker. What I like specifically about it is that you don't have to juggle around with files as you work with the local cloud folder just like before. All the encrypting and optional syncing happens in the background.
Viivo is available for Windows and Mac OS X desktop operating systems, and iOS and Android.
Check out: BoxCryptor, another program that encrypts data before it is synced.
I’d be curious how Viivo stack sup against SpiderOak, who I use for my customers and my own secure off-site data backup needs.
There’s a big use case difference between backup services (SpiderOak) and cloud services (which Viivo affects). Backups tend to have loads of specific controls (pick and choose what you want to backup), versioning, higher security requirements, and runs once a day. Cloud storage is usually simpler, focused on ease of access, collaboration, and very active (e.g. when you save something it auto-updates your phone and any other devices).
You can obviously use cloud services a backup tool and backup services as a (sort of) cloud but only in rare circumstances. So for example, if you really don’t trust your device to crash or fail, it’s a good idea to have it save continuously to the cloud rather than a backup service.
I do not see any cloud service icons when creating a new locker…
Viivo is a US based service sobom by default it cannot be se cure.
Viivo vs BoxCryptor
For anyone that uses both, any thoughts?
I have not used BoxCryptor in a while so keep that in mind, here are my findings.
Boxcryptor supports filename encryption as well, just not on the free tier.
Right, I was only comparing free versions of both programs.
Another option for Windows is CryptSync (http://stefanstools.sourceforge.net/CryptSync.html):
“CryptSync is a small utility that synchronizes two folders while encrypting the contents in one folder”.
There is no direct integration of cloud services, but you can handle this, if you connect to the cloud space as a directory (net use …).
It is open source and works very well!
Totally agree. The program uses open standards, you don’t have to have CryptSync on the other computer to view your files, and it uses some of the best compression out there (7-zip has won multiple compression analysis efforts I’ve seen).
Martin highlighted it back in 2013:
https://www.ghacks.net/2013/03/27/cryptsync-upload-only-encrypted-files-to-online-storage-services/
Did Viivo fix its CPU problem?
I uninstalled it about 9 months ago because it was working all the time. Drove me crazy.
another closed source app to put your trust in? no thanks. open source or go home…