What is Client-Side Encryption?
When you enable Client-Side Encryption in PhotoSync, each photo & video is encrypted on the client (your mobile device running PhotoSync) before it's sent to your transfer destination. The data is then stored encrypted on the target (NAS or cloud service). The encryption process uses a cryptographic algorithm (you can choose between Rclone or OpenSSL based encryption) to convert the photos & videos into a form that is unreadable to anyone who does not have the encryption key. The encryption keys are stored securely on your device, so you can seamlessly access encrypted photos & videos in PhotoSync. Accessing encrypted photos & videos in PhotoSync requires authentication with FaceID, TouchID, or a custom passcode. We recommend that you backup and securely manage your encryption keys so that you can access your photos & videos without your device.
There are several advantages of using Client-Side Encryption:
- Enhanced Security
Since the data is encrypted before it is sent, it is protected against interception during transmission. Even if the data is accessed while in storage, it would be unreadable without the decryption key.
- Control Over Data
You have full control over the encryption keys and, consequently, your data. You can decide who can access the data by choosing to share (or not share) the decryption keys.
- Secure Cloud Storage
Client-side encryption is particularly beneficial for cloud storage services, as it lets you leverage the cloud for storage while mitigating the risk of the cloud service provider accessing your sensitive data.
- Protection Against Server-Side Attacks
If a server is attacked and data is exposed, the information remains safe if it has been encrypted client-side. The attackers would gain access only to encrypted data which would be unreadable without the encryption keys.
- Regulatory Compliance
For businesses, client-side encryption can help in complying with privacy regulations, as the data is protected from the point of origin.