TesTeq;79759 said:
That's great, but how can you verify Google, Evernote, etc.?
2 sorts of verification are needed, Data Integrity and Data Security.
Data integrity can be verified by using checksums, comparing files and multiple layers of backups reviewed regularly for potential errors and problems. Data integrity is easy to verify and not really an issue with any of the cloud systems, you can easily implement a verification system for the integrity of your data.
Data security can be verified by checking out the level of encryption provided, monitoring the security of the servers and using masking or code techniques if you send stuff in the clear. (Things like variations on the Navajo Code Talkers stuff from WW II, a code not a cipher, to mask what is really being stored and sent. 1 time pads are also an option but require more hand labor.) Evernote does provide a simple cipher encryption system as does MobileMe. But I won't put really critical data out in either service unless it's also coded into innocuous forms or hand encrypted on top of machine encryption. Instead I keep it in an encrypted volume on my own machine backed up to multiple places and in several separate physical locations. I do some coding on that stuff as well but I don't usually use any additional hand encryption or ciphers on it.
Google OTOH is not encrypted at all in any stage and is far more porous and insecure to me.
Another portion of data security is monitoring all your data windows (bank account, e-mail and other on-line transactions) for any unauthorized uses and also monitor the security bulletins regarding data breaches at those places.
Compartmentalization also helps. Don't put all your money into a single bank or single account, that way if one is compromised you have the others while you lock down the one in trouble and fix it. Don't put all your personal and private data into a single location, keep multiple copies and multiple access points and use multiple services with types of data separated by service.
