Local data file - could someone else open it?

[Cheddar_Brett 0]

Hi - I've been using Evernote for about five years.  I understand that on the Windows/Mac version of Evernote (talking the program, not the web version), a local database file is created.

Could someone else, without my logon credentials, open and view the content of such a file?  Or is it encrypted?  I am trying to decide whether to put the application on my work computer, but there is personal data in my Evernote also, and I wouldn't want to leave that data on my work PC should I get laid off or leave my employer.

Thank you in advance!

[DTLow 5,736]

On 7/27/2020 at 5:50 PM, Cheddar_Brett said:

Could someone else, without my logon credentials, open and view the content of such a file? 

The database file(s) are stored in your user home directory; generally not available to other users of the computer 

No, they are not encrypted.    
I've turned on file vault encryption for my computer (Mac); the entire disk is protected
 

[gazumped 11,661]

22 hours ago, Cheddar_Brett said:

I am trying to decide whether to put the application on my work computer, but there is personal data in my Evernote also, and I wouldn't want to leave that data on my work PC should I get laid off or leave my employer.

Hi.  Not generally a good idea unless you simply create a new free account for work use and (maybe) share a notebook with your personal account so you can pass information between the two.  Anything stored on your work computer is open to access by IT staff and yes,  the unencrypted database could be read outside Evernote,  although the presentation would be compromised.  If you have and can use a mobile device there,  it's an option to use the mobile app for personal stuff too...

[CalS 5,280]

22 hours ago, Cheddar_Brett said:

Hi - I've been using Evernote for about five years.  I understand that on the Windows/Mac version of Evernote (talking the program, not the web version), a local database file is created.

Could someone else, without my logon credentials, open and view the content of such a file?  Or is it encrypted?  I am trying to decide whether to put the application on my work computer, but there is personal data in my Evernote also, and I wouldn't want to leave that data on my work PC should I get laid off or leave my employer.

Thank you in advance!

If you want only one premium account your personal data will be safe if you create local notebooks on your home device and move all your personal notes to them.  Then only work notes would appear on your work computer.  You have to backup the local notebooks on that local device.  Backups are a good idea in general as protection from accidentally deleting a note.

Otherwise get a second account that is either premium or basic for work.  And use a browser to access whichever notebooks you sync on your home device when at work.

  

[PinkElephant 8,091]

How do you say: It depends ...

If on your work computer the usual safeguards are in place, your whole data (not only the EN data base) should be encrypted. The System tools are Bitlocker on a Win10-PC, or the FileVault equivalent on a Mac, where this is standard and run through the T2 chip that handles encryption. You can check in your computers settings if encryption is applied.

The EN data base in itself is not encrypted. This means, if your computers disk is encrypted, your EN data is encrypted as well as long as the computer is locked. However, when it is unlocked, the EN data can be accessed, even by another user with the necessary rights. An admin user for example can access all of your data, even if the drive is encrypted, because he has a master key. He can not open your EN account (unless he knows the login data), but he can go directly to the data base, copy it and review manually what is in there (especially the attachments).

In general I would not install and run a private EN account on a computer owned by my employer. In some companies it is even forbidden to install private cloud services on company computers, due to security and data theft reasons. I would use a mobile device to go to my EN data while at work, or (but only with great restrain) open it via the web client in a private browser session. If I need EN for my work, I would use an account separate from my personal account.

If the employer decides to use EN Business, it does come with an additional Premium account for every business user. This account is personal and can be split away from the business account, for example when leaving the company. It is separated from the business account, so the companies data will stay with the company, and the personal data with the employee.

[CalS 5,280]

On 7/27/2020 at 7:50 PM, Cheddar_Brett said:

I am trying to decide whether to put the application on my work computer, but there is personal data in my Evernote also, and I wouldn't want to leave that data on my work PC should I get laid off or leave my employer.

Out there a bit, but if your employer allows it you could use something like VeraCrypt to create an encrypted volume (their parlance for a drive, m: for example) on the work computer and put your EN data on the drive.  As long as you close VeraCrypt appropriately no one would be able to access your EN data without the VeraCrypt credentials. 

This also works nicely for those wanting to encrypt their EN data base on a home computer.  Juice not worth the squeeze for me with EN but nice for Quicken.

[Wanderling Reborn 185]

Installing Veracrypt on a work computer could raise a few eyebrows, depending on the company and the kind of information you are working with. What’s required is encryption at rest built into the program itself. I agree, using a personal phone and not letting any info sync to a computer that you have zero control over is the best approach.

[CalS 5,280]

3 hours ago, Wanderling Reborn said:

Installing Veracrypt on a work computer could raise a few eyebrows

Hence the ...if your employer allows it... bit.  Personally I would not have any personal data in any form on a work computer.  But the OP asked...

[Wanderling Reborn 185]

4 hours ago, CalS said:

Hence the ...if your employer allows it... bit.  Personally I would not have any personal data in any form on a work computer.  But the OP asked...

Well, it depends on the field, company, individuals involved etc. An employee trying to install a supposedly unbreakable encrypted volume on a company’s computer (that’s I assume connected to the corporate network) is going to make some more protective / paranoid people interested. Is he stealing IP? Does he keep porn on it ? Is he exposing us to any kind of  liability? Even if the issue is easily explained, that’s not the kind of attention I’d want to attract.

[PinkElephant 8,091]

And quite easy to resolve: The Admin just puts a keylogger and a screengrabber on your work computer, and after the next time you opened your vault you will find out how long the superencrypted vault stayed superencrypted on a Computer out of your Control. No longer than it takes to read this forum post, be assured.

It is very simple: To use private resources during not-so-private time, use a private device over a network that is not under control of the guy who signs your paycheck.

[Wanderling Reborn 185]

On 8/15/2020 at 8:15 PM, PinkElephant said:

And quite easy to resolve: The Admin just puts a keylogger and a screengrabber on your work computer, and after the next time you opened your vault you will find out how long the superencrypted vault stayed superencrypted on a Computer out of your Control. No longer than it takes to read this forum post, be assured.

It is very simple: To use private resources during not-so-private time, use a private device over a network that is not under control of the guy who signs your paycheck.

This.