End-to-end encryption (E2E) is a term you might often encounter. Browse through the website of any company handling sensitive data, and you’re likely to see it mentioned. But what does end-to-end encryption really mean?
Let’s first consider basic encryption. When you open a website in your browser, a connection is created between your computer and the server hosting that website. By default, this connection is unprotected, meaning that any data sent from your computer could be visible to others.
Fortunately, early internet pioneers developed a way to secure this process: Secure Socket Layer (SSL) technology. SSL enables your computer to create a protected connection with the server, making the transfer of data secure.
The foundation of SSL is encryption. Think of encrypting data as placing it inside a locked box. Without the key, it’s impossible to access. SSL wraps your data in a “lockbox” before sending it over the internet, with only the intended recipient having the key to unlock it.
This basic encryption allows us to use the internet without worrying about others viewing our activities. However, SSL only protects data while it’s in transit. Once it reaches the recipient, they can access it easily with their key.
This is where E2E comes into play. With E2E, before placing your data inside SSL’s lockbox (which the recipient has the key to), you add an additional layer of protection by placing it in your own personal lockbox (which only you have the key to). Essentially, your data is now in a lockbox within another lockbox.
Even though the recipient can open the first lockbox, they can’t access your personal lockbox. E2E offers stronger protection than SSL alone, securing your data during transit and after delivery—keeping it safe from both strangers and the recipient.
SSL provides significant security, often enough for many situations. However, some scenarios require an extra layer of security. When you don’t fully trust the other end of the connection, E2E is preferable.
For certain online services, E2E isn’t always feasible. For example, online banking requires access to your original data, making E2E impractical. But for online computer backup services, such as GotBackup.com, direct access to your data isn’t necessary.
A reliable online backup company doesn’t need to access your files directly; it’s simply there to securely store and return them upon request.
E2E and SSL aren’t the only data privacy options. There are alternatives, one of which is E2E with shared key ownership, or Shared-E2E. This method is relevant in computer backup services.
With Shared-E2E, you place your data in two lockboxes (like in E2E), but the key to the inner lockbox is shared with the recipient. While the recipient has access to both lockboxes, they still have an extra layer of protection.
At first glance, Shared-E2E might seem to offer little extra privacy over SSL, but it does provide added security. For instance, companies using Shared-E2E often restrict access to the inner lockbox key to select, trusted employees, enhancing security.
Shared-E2E is a common approach among online backup services and may be sufficiently secure for many users.
At GotBackup.com, however, we believe companies should have access only to the data they need to provide their service. GotBackup.com employs E2E encryption. Unlike online banking, whether we can see your data or not is irrelevant to our ability to deliver a dependable backup service. Your files remain securely encrypted, with access limited to only those who have the password—namely, you. Neither our employees nor potential hackers can access your data without your unique password.