Resources

Boxcryptor alternative

To help you identify a Boxcryptor alternative, we’ll break down a bit about what Boxcryptor does as well as share what you should look for in a Boxcryptor alternative, including the one provided by Sookasa.

About Boxcryptor

Boxcryptor started in 2011 to bring additional security to the cloud. Boxcryptor works as a virtual hard drive that encrypts data using AES-256 and RSA encryption. Boxcryptor encrypts data stored in a directory of your choice. That means you could choose a directory that is synced to the cloud, like your Dropbox folder. If Boxcryptor does not meet your needs for a cloud security provider, here’s what you should look for in a Boxcryptor alternative.

Boxcryptor alternative feature 1: Password recovery

With Boxcryptor, the password is the key to verifying a user’s identity and accessing encrypted data. But because BoxCryptor never sees or stores user passwords, there’s no option to retrieve or reset it. Passwords, password keys and file keys never leave the users’ devices and are never transferred to anyone. Practically speaking, this approach makes very little sense for businesses seeking control over their corporate data. If a user forgets his or her password, those documents are gone forever.

Boxcryptor alternative feature 2: Centralized dashboard

Often, security is really about control. Any Boxcryptor alternative you seek should provide a centralized dashboard for team administrators to revoke access from users or devices. This dashboard should also give admins an easy way to get up to speed with what’s happening with their organization’s most sensitive information. Sookasa’s web-based dashboard was designed with exactly these uses in mind. It also gives quick access to encrypted files in emergency situations.

Boxcryptor alternative feature 3: No dual-folder approach

To work with Boxcryptor, users are supposed to assign a drive letter specifically for Boxcryptor, so that files dropped to the drive will be encrypted before syncing to the cloud. This means, however, that if users work through the native Dropbox folder, they will upload unencrypted data to the cloud. This is very confusing to users, even causing them to mistakenly store files unencrypted. What’s more, when Boxcryptor is running, the encrypted files are exposed in plaintext in a virtual drive. So if malicious actors have full access to a computer, Boxcryptor’s protection is of no use. Sookasa’s Boxcryptor alternative solution seamlessly integrates with Dropbox to preserve the native user experience.

Boxcryptor alternative feature 4: Mitigated risk of uploading unencrypted data

Boxcryptor does not monitor the encrypted folders using the cloud service API. Files uploaded through native web or mobile interfaces will remain unencrypted. In contrast, Sookasa’s Boxcryptor alternative encrypts any file uploaded to the cloud service through its API. Files are encrypted before they reach the cloud, and Sookasa monitors the API to encrypt new files.

Boxcryptor alternative feature 5: Seamless sharing

Boxcryptor relies a single folder key to share all files in a folder across users. Moving files between shared folders requires reencryption. Boxcryptor’s performance is also hindered if users take an encrypted file out of its original folder. Boxcryptor alternative Sookasa uses both team and file keys to protect files and preserve sharing. In this way, collaboration settings are preserved because encryption is always “on.”

Boxcryptor alternative feature 6: Easy user revocation

Boxcryptor mixes keys with access control measures. In doing so, it also compromises user revocation features. Failure to erase the single folder key from a lost device will not prevent decryption of new files. Sookasa users can block users or device with the click of a button on the web-based dashboard.

Boxcryptor alternative feature 7: No confusing configuration file

Boxcryptor’s approach is to insert a file into the normal Boxcryptor folder with all the information it needs to decrypt the directory. But it’s not explained, and all too easy to delete. Doing so, however, results in the loss of access to encrypted files. Sookasa does not rely on this approach.

Boxcryptor alternative feature 8: HIPAA compliance audits

Facilitating compliance in the cloud is extremely important, but services should provide users not only with BAAs but also evidence that they have stress-tested their solutions to ensure the highest security standards. Boxcryptor has not made any third-party audits public. Sookasa submits its solution to rigorous third-party audits to ensure that its solution provides the highest standards of security.

Boxcryptor alternative feature 9: Support for emailing encrypted files

Email is a critical workflow for many, and we’ve seen countless times that security programs fail because they do not align with the way that people prefer to work. For this reason, it’s important that your Boxcryptor alternative provides some support for emailing. Boxcryptor’s encryption mechanism does not support sharing links to encrypted files via email. Boxcryptor alternative Sookasa preserves Dropbox’s shared links workflow with encrypted files via its proprietary File Delivery platform, and even allows Sookasa users to receive encrypted files from non-users of Sookasa or Dropbox.

Boxcryptor alternative feature 10: Automatic logoff

Laptops are all too frequently lost or stolen, which means that applications storing sensitive data need to have built-in safeguards in place, including automatic application logoff. However, Boxcryptor only asks for the password on startup (and also has an option to remember the password). When a machine goes to hibernate and then resumes, it does not log users out or ask users for the password, a significant security flaw. Sookasa automatically logs off users after a set period of time, which admins can set for their teams.