Feature Request: Data Encryption at Rest + In-Note Encryption Beyond Text

[R3ctivision 1]

As a user who stores a lot of sensitive information in Evernote, I would appreciate the capability for enhanced security beyond what is currently provided.

 

1) Data encryption at rest. I haven't found any information on this, but it seems to me our personal data is stored on the servers in "plaintext" form, and is only encrypted during transmission to/from the clients and servers. Are there any plans to implement full end-to-end encryption of data in all phases? I understand that Evernote needs the keys in order to support a lot of its useful features. Perhaps there could also be a user-selectable mode where only the user keeps keys locally (much like the in-note text encryption already available), perhaps compromising Evernote features but enhancing security.

 

2) In-note encryption for all data formats. Right now, we have the ability to encrypt text segments at will using local private keys, which is a welcome feature. I would appreciate this capability to be extended for all data types, e.g. audio, photos, and other file attachments. Are there plans to support this feature?

 

Thanks!

 

 

[gazumped 11,664]

Hi.  I can appreciate the need for encryption,  and there have been plenty of calls for variations on the theme;  but Evernote are not normally very informative about their future development plans,  and are likely to be even less so about security matters.  I'd suggest you accept the status quo and either look for work-arounds or alternatives until Evernote announce something relevant.  No one can tell if or when that might be.. 

[GrumpyMonkey 4,319]

They could be working on it right now, but I doubt it, and we haven't heard anything since the CEO mentioned "sexy encryption" would be coming by the end of 2013. No sexiness yet, I'm afraid. I don't see any point in encryption if Evernote holds the keys, and Evernote has suggested in the past that they don't want to do this and offer a false sense of security.

[DutchPete 247]

Gazumped mentions workaround: 1 way could be to keep all your sensitive notes in a local non-synchronised notebook. 1 important issue to bear in mind with that is that internal links between notes in a local notebook are broken if you do an uninstall/reinstall, which Evernote support often advice if you have a problem.

 

As a user who stores a lot of sensitive information in Evernote, I would appreciate the capability for enhanced security beyond what is currently provided.

 

1) Data encryption at rest. I haven't found any information on this, but it seems to me our personal data is stored on the servers in "plaintext" form, and is only encrypted during transmission to/from the clients and servers. Are there any plans to implement full end-to-end encryption of data in all phases? I understand that Evernote needs the keys in order to support a lot of its useful features. Perhaps there could also be a user-selectable mode where only the user keeps keys locally (much like the in-note text encryption already available), perhaps compromising Evernote features but enhancing security.

 

2) In-note encryption for all data formats. Right now, we have the ability to encrypt text segments at will using local private keys, which is a welcome feature. I would appreciate this capability to be extended for all data types, e.g. audio, photos, and other file attachments. Are there plans to support this feature?

 

Thanks!

[evernote-fan 34]

Google Apps uses encryption at rest (https://support.google.com/work/answer/6056693?hl=de), Dropbox does and Todoist does.

I really think Evernote should follow.