Jump to content

Welcome! You're currently a Guest.

If you'd like to join in the Discussion, or access additional features in our forums, please sign in with your Evernote Account here. Have an Evernote Account but forgot your password? Reset it! Don't have an account yet? Create One! You'll need to set your Display Name before your first post.

Photo

REQUEST: Additional encryption options for notebooks and syncing

other evernote security windows encryption notes encrypting

  • Please log in to reply
786 replies to this topic

#461 JMichael

JMichael

  • PipPipPipPipPip
  • Title: Explorer
  • Group: Members
  • 2,375 posts

Posted 03 February 2012 - 09:31 PM

While encypting the Note Content but not the metadata might not satisfy some users, it might be just enough security for many other users.
Seems like a good balance to me.

#462 Metrodon

Metrodon

  • PipPipPipPipPip
  • Title: Bankrobber
  • Group: Members
  • 4,789 posts

Posted 03 February 2012 - 10:28 PM

Or just don't do it at all, tell everyone that you aren't going to do it and then let users decide for themselves what they want to do.

A halfway house will just lead to confusion I'm sure.
  • dlu likes this

#463 dlu

dlu

  • Title: Evernote Employee
  • Group: Evernote Employee
  • 2,415 posts

Posted 03 February 2012 - 10:53 PM

For All. I said password and encryption, but didn't form the thought fully for you. I was interested in password encrypted notebooks in the cloud. As someone picked up, my alternative right now is to password encrypt the pdfs. But this does remove some functionality. I would love to click on a certain notebook called "medical", type a strong password, and have all my notes, records, and such pop up with full functionality. As a first step, the pin function now available on IPAD for all devices would help.


Heather's mentioned this, but if the whole notebook was encrypted, then we wouldn't be able to offer full functionality on it. Or we'd do some hardcore encrypting decrypting all the time for all the data in there. If we just offer password protection, your files are still on your hard drive and accessible outside of Evernote.

There is the possibility of encrypting note content (note body, attachments) and not the metadata (note title, tags, created date, creation source, etc). It is a interesting middle ground. I'm not sure it is something that I'd be completely happy with, but maybe I'd use it sometimes
If you have a serious issue with Evernote, you can submit a support request here. Evernote employees read the forums, but it is not run by customer support or a way to directly get customer support.

Check out our Knowledgebase.
View our User Manuals here: Mac or Windows
Check out the Getting Started Guide
Still need help? Submit a support request here.

#464 dlu

dlu

  • Title: Evernote Employee
  • Group: Evernote Employee
  • 2,415 posts

Posted 03 February 2012 - 10:54 PM

Or just don't do it at all, tell everyone that you aren't going to do it and then let users decide for themselves what they want to do.

A halfway house will just lead to confusion I'm sure.


Yeah there is the concern that we'd say we do encryption and someone doesn't realize note titles will be available and accidentally exposes sensitive information. Tough balancing act
If you have a serious issue with Evernote, you can submit a support request here. Evernote employees read the forums, but it is not run by customer support or a way to directly get customer support.

Check out our Knowledgebase.
View our User Manuals here: Mac or Windows
Check out the Getting Started Guide
Still need help? Submit a support request here.

#465 GrumpyMonkey

GrumpyMonkey

  • Title: 不機嫌な猿
  • Group: Evernote Evangelist
  • 10,218 posts

Posted 03 February 2012 - 11:34 PM


the title (120203 grumpy monkey bowel movements) would not necessarily have any sensitive data in it. the metadata just tells where i made the note, the tags, and so forth. i would prefer if this wasn't hidden. i guess i consider the metadata to be separate from the actual content of the note (text or file attachment).


:o TMI.

I can appreciate if people want all their data in one place. But IME, that's rarely, if ever happened & probably never will. I don't store most of my photo scans/digital photos in Evernote. That's on my hard drive & my Amazon S3 cloud. The photos are organized with ACDSee Photo Manager.

My passwords are not in Evernote. They are stored in SplashID - been using that app for about five years.

My home movies/videos are not in Evernote. Primarily due to size. Most of them aren't backed up in the cloud again due to size. The sheer volume & size makes uploading from a Cox high speed internet access in a residentail home prohibitive and the pricing/cost as well. So no cloud for them. However, they do get backed up to Western Digital Passport USB drives & stored in my safe deposit box.

My music is not stored in Evernote. iTunes is the organizer & the music is uploaded to my Amazon S3 cloud.

I'm one who prefers to use the best tool for the task. Yes, it would be nifty to have everything in one app. But like I said, I've never had the luxury of being in that position & don't see it happening anytime soon. So I fully agree with Heather when she says "If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's."


bm documentation ok (hopefully, with titles and metadata--you and heather may not get the value, but i do!).
bm photography, so-so.
bm videos no.
bm physical specimens, no.

i can live with that :)

#466 BurgersNFries

BurgersNFries

  • Title: Moderator
  • Group: Evernote Evangelist
  • 12,184 posts

Posted 03 February 2012 - 11:41 PM

bm documentation ok (hopefully, with titles and metadata--you and heather may not get the value, but i do!).
bm photography, so-so.
bm videos no.
bm physical specimens, no.


Oh.

OH.

OHHHHH!!!!

(No wonder Monkey is grumpy! :o )
I'm not affiliated with Evernote. Evernote is an integral part of my life.

Submit support requests toward the bottom of the help/support page here. If you do not receive an auto reply email with a case #, it did NOT get submitted. Premium users will receive a reply within one business day, California time. Free users receive a reply as time permits.

#467 anjoschu

anjoschu

  • PipPipPipPipPip
  • Title: Browncoat
  • Group: Members
  • 249 posts

Posted 04 February 2012 - 09:40 AM

While encypting the Note Content but not the metadata might not satisfy some users, it might be just enough security for many other users.
Seems like a good balance to me.


Signed.

#468 ZonicBoom

ZonicBoom

  • Pip
  • Title: Member
  • Group: Members
  • 20 posts

Posted 08 February 2012 - 07:39 AM

I've been waiting for Evernote to take security seriously for over one year. Until now, I've only taken the liberty to set a couple of YouTube users straight (privately) about the serious security implication of using Evernote for business purposes without DB encryption in the back-end. But nonetheless, non-technical users seem to ignore the true depth of risks and liabilities for increasingly using cloud-based applications even when news of network penetration and identity theft become more common.

I'm a Network Administrator, currently striving for a specialization in network security. Not an expert by a long shot, but I have to follow the industry trends up on a regular basis.

I remember seeing in the WSJ an article about the CEO of Evernote asking users why they don't use his application more. I tell you why users shouldn't use it yet... security.

I regrettably read that lots of users in this thread claim security is not their priority. Good for them. However, security shouldn't be an "add-on" feature. Instead it should be built into the most basic design from inception. Otherwise, you'll end up like the DoD, losing millions of dollars of equipment and possibly technology patents because they failed to implement encryption (on drones recently hacked and stolen by Iran). I bet someone in the defense contractor company said, "we just don't understand the usefulness" of encrypting our drones. I'll show you how your privacy might be at risk only by following the suggestions of Evernote's team besides the occasional condescending argument.

Not long ago, I saw a testimonial video from a K-12 student who claimed he used Evernote for everything in his last year in HS. I hope he didn't use it to keep FAFSA related info, or scholarship applications.

Then another video of a teacher who encouraged his class to submit assignments and give lectures, etc. The Mountclair Kimberley Academy seems to be increasingly using Evernote in their curriculum. Evernote is becoming a collaboration tool, much like SharePoint or AlFresco is used in the enterprise world. But yet, it seems that the devs haven't grasped at the idea of how their tool, as simple as it is, can someday become the default document sharing and archiving application. I wouldn't call it a platform yet, simply because unlike SharePoint, security it's not an integral part of the mix but rather a secondary feature around here. I hope you do explain to these fine institutions and users who appear in video that any and all data is clear in the back-end and therefore understand the risk of putting their name and reputation out there.

Let me ask you, how would you like your kid to send an athletic, administrative or academic application via Evernote with his/her S.S.N. on it and end up leaked out when one of your servers gets hacked or penetrated by an insider? Please don't attempt to explain how an inside job can't happen because of your physical security measures, any security consultant will argue that although less likely to happen statistically speaking, it can be far more devastating than an external attack if it ever does happen. Not only that, but as Sony's PSN fiasco of 2011 showed, as soon as an external attack gets past the firewall, (lots of times thanks to the unintended help of employee's computer practices), finding and exploiting non-encrypted data is fair game.

On the "8 Great Ways Couples Can Use Shared Notebooks" article, you suggested to upload and share the following:
  • Traveling Plans: Really... users should feel safe having itineraries, route maps, and other documents for easy access without encryption in the back end? Governments as well as criminal groups would have a field day if they can get access to DBs full of this info about their dissidents and people of interests; just ask Google and their Chinese government run-in a couple of years ago. Also, the icons on the website show an image of a passport, and although it's not enumerated in the lists, some people might feel encouraged to scan their passport into an unencrypted DB.
  • Shopping and To-Do-Lists: It may sound like low risk, think about people who might actually put their medication list on EN to remember have them picked up at their pharmacy. Now, that's something lots of people won't want to share with the world.
  • Sharing information about your kids... " class rosters to sports practices, vaccinations to everything in between": Really?... Seriously? I bet those parents who had their kids taken away legally wouldn't mind getting a hold of these. I'm sure it escapes everyone's minds since we never hear about this but "there are" people out there under witness protection who's privacy is paramount.
  • Doing your taxes: This is why I was mostly interested in EN. I wouldn't mind paying to have receipts OCRed and then indexed by year for my sales taxes, medical expenses or education expenses deductions. But guess what? Should I mention why having tax information in Evernote is a bad idea? It runs along the lines of clear non-encrypted DB.
I shouldn't mention to those small business owners (specially in healthcare and accounting fields) that entrusting their client's information in a company that is not HIPAA or Sabares-Oxley compliant is a very bad idea. They would be liable for damages if their information is compromised. Evernote as a company could also be liable for suggesting and promoting the use of a service that could potentially endanger institutions and companies.

I would also suggest inventors in need of taking notes to stay away from applications which could make them vulnerable to patent, copyright and trademark losses. It's their livelihood that's at stake and it would really suck if someone gets a hold of their next big idea before they are able to lock them on their name.

So how many types of users did we just excluded or alienated there?

As you can see, there are many "useful" instances where encryption and user privacy protection is of utmost importance. Now, encryption should be simple enough to be done at the client side before it leaves to the server. Yes, it would stop you from going through the user's data, but that's the whole point of privacy right? :) Indexing and OCR can be done at the client-side while the password/token is on memory. It's true what Heather mentioned, there are other programs that can do this much better than EN... at least in the small business and enterprise environment. But it's not your indexing that separates you from the crowd, it's the inability of EN to do encryption, OCR and Indexing seamlessly at the same time. Now, what makes EN most attractive to users like myself it's the fact that an individual can use the tool, without committing hundreds of dollars in a server-client application that we would have to maintain.

Client-side PDF encryption is a good 1st step, but still a workaround. Workarounds are not true solutions, but rather they should be seen as temporary fixes to those issues we don't have the expertise to resolve yet.

I (in my narrowly limited mind) only see two solutions to this issue: 1) Get better engineering to put security at the forefront of the application for the sake of those (regardless of how many) who use it in the ways you suggest, or 2) get a hell of an attorney and have it on a call basis.

#469 Metrodon

Metrodon

  • PipPipPipPipPip
  • Title: Bankrobber
  • Group: Members
  • 4,789 posts

Posted 08 February 2012 - 10:28 AM

Or let users know what is available and let them decide for themselves whether the service meets their requirements. If it doesn't then of course they should and are able to go and use something else.

#470 jbenson2

jbenson2

  • PipPipPipPipPip
  • Title: User # 142,683
  • Group: Members
  • 5,603 posts

Posted 08 February 2012 - 03:02 PM

For a consumer based software program, I found this article on Evernote to be helpful and easy to read.
Is Your Data Safe In Evernote
http://michaelhyatt....n-evernote.html

The takeaway line: "There are no absolute guarantees in the world of digital media and cloud storage, but this is compelling enough to me."
He also mentioned that If you need more security, try TrueCrypt

Back on March 26, 2009 Evernote employee Dave Engberg mentioned the following:

"I personally feel that Evernote is appropriate to store things that you'd be willing to send over email via a high-end email provider. I.e. if you have something that you absolutely would never want to be stored "in the Internet" anywhere, then you wouldn't send it to someone via email, and you wouldn't store it in your Evernote account."

.
My interpretation of similar comments is that Evernote is for personal use. Corporations might use it, but need to be cautious. It is not an enterprise type software program.

#471 ZonicBoom

ZonicBoom

  • Pip
  • Title: Member
  • Group: Members
  • 20 posts

Posted 08 February 2012 - 03:12 PM

Or let users know what is available and let them decide for themselves whether the service meets their requirements. If it doesn't then of course they should and are able to go and use something else.


That scenario is covered under my 2nd option as they would still need a lawyer if breach happens.

If that's the option they decide to take, then they need to make sure the suggested use of the application won't put users at risk. At this moment, it just doesn't look ethical or even honest to tell your users to put tax or any of the other information in their servers with no encryption protection. It just creates a false sense of security, which is much worse than non-security.

@ Reaver, I've read the http://michaelhyatt....n-evernote.html article before. I think I've commented there before. Simply put, the person who wrote the article is not a security expert as the issue of database encryption was completely ignored... again creating a false sense of security when the issue is a huge red target on Evernote's servers.

Using Evernote in a local database, encrypted in the local HDD takes away from the attractiveness I mentioned of the server-client architecture cloud provides. If the answer to server security is, "don't use our servers" again it falls under option #2 of my first post.

The CEO should have realized by now that security is the awkward blue elephant in the room for many Evernote would-be users. Not whether their aging Blackberry or HP WebOS device can access the service. If he doesn't' realize this is a valid reason for users not to flock to his service as an integrated document archiving service, then too bad.

#472 BurgersNFries

BurgersNFries

  • Title: Moderator
  • Group: Evernote Evangelist
  • 12,184 posts

Posted 08 February 2012 - 03:34 PM

Iregrettably read that lots of users in this thread claim security is not their priority. Good for them. However, security shouldn't be an "add-on" feature. Instead it should be built into the most basic design from inception.


While I find security a priority issue with me, I find your post not applicable to Evernote, no matter how much you want it to be. IMO, yes, a USER should ultimately be responsible for his/her own data. Not each & every individual app they may use. Additionally, security must be balanced with usability. I could live in a steel lined cave with a gazillon locks on the door in order to feel safe. But would I? No. Pretty much everything else I have to say on the subject has been already posted so I'm not going to repost them intertwined with your postings.


Until now, I've only taken the liberty to set a couple of YouTube users straight (privately)


Yay for you.

get a hell of an attorney and have it on a call basis.


This gets the drama queen vote for the week.
I'm not affiliated with Evernote. Evernote is an integral part of my life.

Submit support requests toward the bottom of the help/support page here. If you do not receive an auto reply email with a case #, it did NOT get submitted. Premium users will receive a reply within one business day, California time. Free users receive a reply as time permits.

#473 heather

heather

  • Title: Support Maven
  • Group: Evernote Employee
  • 1,936 posts

Posted 08 February 2012 - 04:01 PM

Security and privacy are extremely important topics for Evernote users, and for good reason. Evernote would like to provide a single service to manage your memories for many years. To achieve this, we must provide a very high level of system and data security while offering users a variety of choices to manage their own privacy requirements. Here's a high-level overview of some of the ways in which your data is protected by Evernote.
  • When you add a note to the service, it is secured like your email would be at a high-end email provider. This means that your notes are stored in a private, locked cage at a guarded data center that can only be accessed by a small number of Evernote operations personnel. Administrative maintenance on these servers can only be performed through secure, encrypted communications by the same set of people. All network access to these servers is similarly protected by a set of firewalls and hardened servers.
  • User data is not publicly accessible (e.g. via search engines) unless a user explicitly publishes one or more of their notebooks, in which case they may be accessed by other users.
  • Your login information is only transmitted to the servers in encrypted form over SSL, and your passwords are not directly stored on any of our systems.
  • And, for all of our members, all note data is transferred over SSL, not just your login credentials.
We also offer enhanced privacy options that would not be available from services like email:
  • If you have sensitive text that you would like to remember (passwords, PINs, credit card numbers), you can encrypt that text in our clients using a passphrase that is never transmitted to Evernote. This encrypted text can only be decrypted and read on one of your computers after you’ve re-entered the encryption passphrase. The sensitive text is not readable on our servers or on your computer by anyone who does not know the passphrase.
  • If you have some notes that you only want to access from a single computer, you can place these into a “Local Notebook” on our Windows or Mac client. Notes in a Local Notebook are never transmitted to our service, so they aren’t accessible from the web, or from your other computers. This may allow a greater level of privacy for some notes, at the expense of the accessibility and reliability you would get from a private note on the service.
We recognize that user choice is an important component of privacy and security. We believe that no single option is going to meet the needs of all users, so we aim to offer a set of tools that let people balance their needs for accessibility, privacy and control.

Several of the company's founders (myself included) come from a strong encryption background (founders of CoreStreet, acquired by ActiveIdentity). For Evernote's consumer product, the current encryption algorithms are chosen more for exportability under the Commerce Department rather than strength, since our software permits the encryption of arbitrary user data with no escrow.

We'd be interested in offering something stronger in the future when we have the staffing to fight the lengthy export battle, but until then, we continue to advise users to use an external encryption solution to encrypt important files and then add these encrypted into Evernote.

Check out our Knowledgebase | View our User Manuals here: Mac or Windows or iOS or Android | Check out the Getting Started Guide | Still need help? Submit a support request here.


#474 ZonicBoom

ZonicBoom

  • Pip
  • Title: Member
  • Group: Members
  • 20 posts

Posted 08 February 2012 - 04:13 PM

While I find security a priority issue with me, I find your post not applicable to Evernote, no matter how much you want it to be. IMO, yes, a USER should ultimately be responsible for his/her own data. Not each & every individual app they may use.


User should not be responsible of data once it leaves their client-side. There is no way a user can predict or prevent a breach in the server-side. That demarc point is important, specially in court.

Additionally, security must be balanced with usability. I could live in a steel lined cave with a gazillon locks on the door in order to feel safe. But would I? No.


You seem to think that security of any kind is just futile. Although it is well known that even perfectly layered security is penetrable one way or the other, the whole purpose is to discourage attackers by making it hard to get through. Database encryption with 128 bits would force the attacker to guess between 1 and 1^38 (1 followed by 38 zeros) or 149.7 trillion years to brute force the crypto key. Now... would it be worth it for anyone to spend 150 trillion years to do this? NO. :)

I offered a suggestion worth pursuing about doing OCR and Indexing when the key is on the clear at the client side. That's what LastPass, DocsVault and even DA Document Manager for WHS (in a limited way) do. Again, there are solutions when they are pursued, not when they are shutdown with a lazy excuse of the it's "not practical" kind.

Yay for you.


What kind of comment is that? I tell you which one, a condescending one. Ignorance is bliss.

This gets the drama queen vote for the week.


Another ignorant comment that doesn't add to the discussion of a serious concern. Maybe you should stay away from contributing in this type of discussions. It certainly doesn't make other users welcome to your community, something the OP predicted.

------------
@ Heather: Unfortunately, no one is putting data transmission or physical access to the servers in doubt. The problem is, without database encryption, it doesn't matter what type of measures you have in place physically or in client-server transmission. If only one node of your servers is compromised, it's all over. Just look at Sony's example I provided. Then all the info your company suggested by admission for your users to upload to those servers is compromised. I'm aware of the work Phil did in Engine 5 and CoreStreet, and that's even more reason why it amazes me database encryption seem to be such a hard nut to crack in EN. In addition, I'm not sure if you are aware that many companies decide to offer strong encryption to US/Canada users only, to avoid export issues. Bringing the standard down across the board seem as much of a bad idea as no encrypting databases.

#475 BurgersNFries

BurgersNFries

  • Title: Moderator
  • Group: Evernote Evangelist
  • 12,184 posts

Posted 08 February 2012 - 04:36 PM

Yay for you.


What kind of comment is that? I tell you which one, a condescending one.


Matches your original statement.


The problem is, without database encryption,


This is deja vu all over again.
I'm not affiliated with Evernote. Evernote is an integral part of my life.

Submit support requests toward the bottom of the help/support page here. If you do not receive an auto reply email with a case #, it did NOT get submitted. Premium users will receive a reply within one business day, California time. Free users receive a reply as time permits.

#476 heather

heather

  • Title: Support Maven
  • Group: Evernote Employee
  • 1,936 posts

Posted 08 February 2012 - 04:56 PM

Our work at CoreStreet (and previously, with other branches of government), actually made us *truly* understand the concept of personal liability.

You mention the Sony Playstation issue - there are other famous cloud security breaches as well. There seems to be another every week. We're very transparent here at Evernote. We are honest and up-front about our limitations. We attempt to clearly explain the limitations of cloud security to our users, loudly and often. Not just for Evernote, but for all cloud companies.

And for this reason, we explain to users the importance of thinking about what they're placing in the cloud, whether it be in our service or another, and explain how to take the personal responsibility to protect their data when they do so.

Check out our Knowledgebase | View our User Manuals here: Mac or Windows or iOS or Android | Check out the Getting Started Guide | Still need help? Submit a support request here.


#477 ZonicBoom

ZonicBoom

  • Pip
  • Title: Member
  • Group: Members
  • 20 posts

Posted 08 February 2012 - 05:09 PM

Our work at CoreStreet (and previously, with other branches of government), actually made us *truly* understand the concept of personal liability.

You mention the Sony Playstation issue - there are other famous cloud security breaches as well. There seems to be another every week. We're very transparent here at Evernote. We are honest and up-front about our limitations. We attempt to clearly explain the limitations of cloud security to our users, loudly and often. Not just for Evernote, but for all cloud companies.

And for this reason, we explain to users the importance of thinking about what they're placing in the cloud, whether it be in our service or another, and explain how to take the personal responsibility to protect their data when they do so.


Yet, you recommend users to upload tax information (and all other information I mentioned in my first post) in your program. That just doesn't make sense. Could you please explain why are you recommending users to upload taxes, location (trip itinerary and routes), identifiable documents such as passports and also recommend schools to put our kid's info in an application that by your own admission is "limited" in security? http://blog.evernote...ared-notebooks/

I highly doubt the MK Academy will be able to make sure students don't add personal identifiable information in Evernotes, but I guess that's their problem if you get breached.

#478 JMichael

JMichael

  • PipPipPipPipPip
  • Title: Explorer
  • Group: Members
  • 2,375 posts

Posted 08 February 2012 - 05:20 PM

@heather: In light of this recent discussion, do you have any comments on my idea to provide for encrypted Note Content for user selected Notebooks?

The way I am reading your statements in this thread is that we should NOT put any info into Evernote that could cause us harm if it were obtained by an unauthorized party.
  • The potential harm is difficult and time consuming to determine on a case by case basis.
  • So I think this means just EXCLUDING ALL financial, legal, medical, business sensitive, and personallly sensitive documents and information.
This likely covers a big chunk of our "memories" that we would like to store in Evernote, but we are now afraid to do so.


As for password protected notebooks - one of the major benefits of Evernote is our indexing system. That is what sets us apart from everyone else in the industry. If we can't index your data for searching, we honestly don't understand why you would want to use our product instead of anyone else's. It basically just turns us into file storage.


I'm not sure what password protecting a notebook fully implies, but let's assume for a moment that it means you encrypt the Note contents, but NOT the Note metadata.
If so, then EN searching could still be very powerful/useful as you can search for tags, title, dates, and other metadata.

So, we could have a Notebook whose Notes contents are more secure while still allowing useful searching.

Just a thought.


There is the possibility of encrypting note content (note body, attachments) and not the metadata (note title, tags, created date, creation source, etc). It is a interesting middle ground. I'm not sure it is something that I'd be completely happy with, but maybe I'd use it sometimes


EDIT: Added a huge category of "memories" I forgot: Medical

Edited by JMichael, 08 February 2012 - 05:41 PM.


#479 BurgersNFries

BurgersNFries

  • Title: Moderator
  • Group: Evernote Evangelist
  • 12,184 posts

Posted 08 February 2012 - 05:58 PM

You seem to think that security of any kind is just futile.


It's clear you've not read the posts I've made about security. Even the ones in this thread.
I'm not affiliated with Evernote. Evernote is an integral part of my life.

Submit support requests toward the bottom of the help/support page here. If you do not receive an auto reply email with a case #, it did NOT get submitted. Premium users will receive a reply within one business day, California time. Free users receive a reply as time permits.

#480 heather

heather

  • Title: Support Maven
  • Group: Evernote Employee
  • 1,936 posts

Posted 08 February 2012 - 06:01 PM

I store all of these documents you've mentioned within Evernote (and you can find me saying so on these boards, all the way back to 2008, when I first got here.) Anything text that I deem sensitive, I encrypt. Any PDFs that I would consider sensitive, I encrypt before adding. I've also recommended all of this, many times on here, and have directed my Support team to do the same. Our Evangelists also recommend the same "mantra", not because we've asked them to (they're they're own people), but because it's just good sense.

There are "cute" posts on our blog, and there's also our tech blog, and more security centric posts. Not *every* post we make needs to remind everyone to practice common sense.

Check out our Knowledgebase | View our User Manuals here: Mac or Windows or iOS or Android | Check out the Getting Started Guide | Still need help? Submit a support request here.






Also tagged with one or more of these keywords: other, evernote, security, windows, encryption, notes, encrypting

6 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


    Bing (5)
Clip to Evernote