Skip to main content
  1. Home
  2. Computing
  3. Evergreens

Google Drive, iCloud, or OneDrive: Which cloud storage is most private and secure?

By
Add as a preferred source on Google
Google Drive, iCloud, and OneDrive are open on a PC monitor.
Google Drive, iCloud, and OneDrive are open on a PC monitor. Alan Truly / Digital Trends

Cloud storage is convenient, syncing your files and photos between devices, but is it secure enough to keep your data safe? And how much private information are you sharing when you use Microsoft OneDrive, Apple iCloud, and Google Drive?

If you’re paying for the best antivirus software to protect your computer, you want to safeguard your data that’s in the cloud. Likewise, the best VPNs hide your identity, but some cloud storage providers lack the end-to-end encryption that ensures privacy.

Recommended Videos

Cloud security

A digital encrypted lock with data multilayers.
Getty Images

Cloud security is challenging, particularly for services integrated into devices that have millions of users. The massive data stores of Google, Microsoft, and Apple face ongoing attempts by hackers, some using AI to bypass defenses and unlock your personal data.

Fortunately, all three have excellent security and good track records with minimal issues in the recent past. One of the most publicized leaks happened 11 years ago when hackers gained access to steal private information, including private photos, from 50 iCloud and 72 Gmail users. The 2014 Celebgate attack made headlines despite affecting so few since the accounts belonged to celebrities.

A 2018 breach of Google’s short-lived social media platform briefly exposed private data of 500,000 Google+ users. Since the same login unlocks Google Drive, hackers could have gained unauthorized access to files.

Microsoft hasn’t suffered any significant customer data breaches, but serious issues have been found as recently as 2023. A security researcher devised a Bing search engine exploit that hackers could have used to download OneDrive files, read Outlook emails, and more.

Google, Apple, and Microsoft have resolved all known security issues and try to anticipate new threats. Still, staying ahead of advanced hacking techniques and identifying vulnerabilities is a continuous challenge for such large targets.

Cloud encryption

Google Drive encrypts every file I upload.Google Drive encrypts every file I upload.

Cloud storage providers reduce the risk of unauthorized file access by encrypting your data. Even if hackers find a way in, files should be unreadable without the decryption key.

Google Drive and OneDrive encrypt files with AES 256-bit. iCloud encrypts with AES 128-bit and AES 256-bit. While AES 256-bit is much harder to crack than AES 128-bit, security experts deem both quantum-resistant. Without a key, current technology would require billions of years to decrypt using known methods.

As long as your computer isn’t hacked and your logins are secure, your data should be safe from hackers once it’s stored in the cloud. During transport, Google, Apple, and Microsoft use TLS/SSL encryption to prevent spying at network hubs.

The remaining concern is internal vulnerabilities. Devious cloud storage staff, a disgruntled employee, or even an undercover operative might gain access to your account’s decryption key if security slips or undiscovered issues arise.

Cloud privacy

Apple's Advanced Data Protection for iCloud enhances privacy.
Apple’s Advanced Data Protection for iCloud enhances privacy. Digital Trends

Your privacy could be at risk if hackers or scammers steal your cloud login. Google, Apple, and Microsoft support multi-factor authentication (MFA) that helps protect your account. But even if your cybersecurity is perfect, your cloud storage provider might still be able to open and read your files.

This Microsoft account has two-step verification disabled.
This Microsoft account has two-step verification disabled. Digital Trends

The solution is end-to-end encryption, which means files are encrypted on your computer before they’re uploaded. Since your cloud storage provider doesn’t have the decryption key, your data should be safe anywhere.

Apple stands out in this regard with automatic end-to-end encryption of some data. A total of 15 types of information have this extra protection by default, including your iCloud keychain, transactions, messages, and health metrics.

Apple iCloud defaults to end-to-end encryption for some types of data.
Apple iCloud defaults to end-to-end encryption for some types of data. Digital Trends

iCloud files and photos aren’t on the list, but it’s easy to switch on Apple’s Advanced Data Protection (ADP). With ADP, 11 more data types are locked with keys stored only on your trusted devices.

Unfortunately, Google Drive and Microsoft OneDrive lack end-to-end encryption. While there are third-party encryption tools, the extra step removes the convenience of using your computer’s built-in cloud solution.

Which cloud provider is best for you?

Based on Apple’s enhanced privacy with end-to-end encryption, it might seem like iCloud is the clear winner. However, it’s more complicated than that. iCloud works best with Apple devices.

There’s no iCloud app for Android, and the iCloud Windows app is known to affect PC performance. Apple’s ecosystem favors Mac, iPad, and iPhone owners.

Google Drive and Microsoft OneDrive have good cross-platform support, even on Apple devices. They offer good encryption during upload and on the server, but you don’t hold the key.

Fortunately, you don’t have to settle for Google Drive or OneDrive if you’re concerned about privacy or security. There are third-party cloud storage solutions that offer end-to-end encryption.

If you only need complete privacy for around one to 10 gigabytes of data, the best password managers include file storage with end-to-end encryption and work cross-platform.

Alan Truly
Alan Truly
Computing Writer
Alan Truly is a Writer at Digital Trends, covering computers, laptops, hardware, software, and accessories that stand out as…
Topics
The Mac Pro is dead at Apple, and I’ll miss the cheese-grater powerhouse
RIP Mac Pro. The Mac Studio is taking the throne, and we're okay with that.
Electronics, Computer, Pc

Apple has officially discontinued the Mac Pro. It’s been removed from Apple’s website, and Apple has confirmed to 9to5Mac that there are no plans to release a future version. The buy page now redirects to Apple’s Mac homepage, where the Mac Pro no longer exists.

Why did Apple kill the Mac Pro?

Read more
March Madness, Revisited: The AI Model Did Well. But Mad Things Still Happen
Stills from NCAA games.

(NOTE: This article is part of an ongoing series documenting an experiment with using AI to fill the NCAA brackets and see how it fares against years of human experience. The original article is as follows.)

A week ago, I wrote about entering an NCAA tournament pool with a more disciplined process than I usually use.

Read more
A simple coding mistake is exposing API keys across thousands of websites
Security gaps that are easier to miss than you think
Computer, Electronics, Laptop

After analyzing 10 million webpages, researchers have found thousands of websites accidentally exposing sensitive API credentials, including keys linked to major services like Amazon Web Services, Stripe, and OpenAI.

This is a serious issue because APIs act as the backbone of the apps we use today. They allow websites to connect to services like payments, cloud storage, and AI tools, but they rely on digital keys to stay secure. Once exposed, API keys can allow anyone to interact with those services with malicious intent.

Read more