Prologue

Having lived in the information era for quite some time, we got too used to it and now tend to underestimate the importance of actually owning our own data. While large corporations like Google, Apple, or Microsoft provide services of unprecedented quality for absolutely free (or for almost free), these come with certain risks that must be understood and mitigated properly.

Your digital life

To people like me who didn’t have any access to the Internet during their early ages, digital assets don’t usually seem like some big deal. What we usually fail to realize is that the Internet is no longer a mere toy: file storage, social network profiles, emails, etc., have long since become an integral part of our everyday and very real lives. While losing access to some of these might result in minor inconveniences, compromised bank accounts or crypto wallets can leave you either broke or even imprisoned. That’s why it is important to treat your data like any other real-world property — say, a house or a car — when it comes ownership.

Ownership itself is indeed quite a complex term that is defined in many different ways. The particular ownership that I’m talking about in this post is the ability to:

  • access your data any time and from any place;
  • copy, modify, and delete your data as you wish (NB: at least your private data, as some of the public data will likely never be deleted — Internet remembers everything);
  • restrict access to your data by other people.

If any of the conditions above are not met, you might be setting yourself up for an unpleasant experience of either leaking your data or losing it. You wouldn’t want that to happen to your family photo archive, but even more so you wouldn’t it to affect your documents and money.

Risks

Let’s have a brief look at some of the most probable risks that most of us face:

  • forgetting a password to your account;
  • getting your account hacked;
  • cloud provider becoming unavailable due to stopping service, getting banned in your country, etc.;
  • data getting corrupted beyond recovery due to a human mistake, faulty software, etc.

This list is not exhaustive, but in my opinion it covers the most common risks for average people like you and me. There are certainly some more factors (like, for example, physical security: someone might straight up beat you up to get your data) that I won’t be covering due to their low probability.

Protecting yourself

Let’s now have a look at what you can personally do in order to take ownership of your data and protect yourself from the risks listed above (in no particular order).

Use a password manager

Apart from using strong encryption, it also must work with local password files and be open source. One good example for such a manager is KeePass and many of its subsequent forks. Make sure to make the master password long enough and actually remember it by heart. Maybe print out a recovery code as well if you have a physically safe place to store it (note that a sticker on your screen is not a suitable place).

Apart from that, it is important to store the binary (or source code) of the manager itself reliably so that you are always able to decrypt your passwords even if you have no access to download the manager.

Use strong passwords

Create a separate one for each website, device, wallet, etc., using a generator (this might come with the password manager). Make sure that these are of good enough length and entropy.

Back everything up

Each of the files that you consider important should exist in multiple copies. Use 3-2-1 rule for backups and encrypt them (just like with a password manager, keep a binary to decrypt in case something goes wrong). Also make sure to use versioning in order to protect yourself from accidental deletion. A great tool that I personally use is Kopia with S3 storage — apart from a local copy, I store the files in two different cloud providers.

Buy a domain

Purchase a domain for your own needs — these can include file sharing, emails, etc. They’re really not that expensive.

Rent a VPS

Ideally you should obtain your own physical server, but I do realize that owning one is an actual pain (they are expensive and loud). What you can do instead is just rent a cheap virtual one that will cover most of your needs for private hosting. Just make sure to tighten its security and automate its deployment as much as possible so that you can move away to any other server without problems at any moment. Ansible is a great tool for that purpose.

Schedule your backups and recovery

Use your server to automate syncing the data between different storage backends, as well as report its state periodically. Simple cron jobs are enough.

Host a private file storage

Do not use services like Dropbox or iCloud exclusively. In addition, create your own cloud storage with some combination of rented servers and S3. Just like with backups and passwords, you need to choose a tool that is open source and can encrypt its data. A great one that I found recently is Yeetfile.

Use TOTP as the second authentication factor

Where possible, add 2FA with time-based codes. Make sure to back these up as well.

Epilogue

With the steps listed above, you can gain complete control of your files for as cheap as $10 per month. Of course it’s up to you to decide whether it’s worth your time and money, but please consider the actual value of your data when making such a decision. Chances are, it’s higher than you are used to think.