Best options for storing private adult/sensitive content?
Without getting too into the specifics, I shoot content for 'creators' as well as shoot my own content for/with my partner. I also maintain a substantial archive for my photography side-hustle, which is ever growing.
All the videos/photos are all stored on my 16tb home server. While I'm not too fussed with the storage sizes at the moment, I'm more concerned about protecting both the models/my partner (and myself) against any form of hack, or even burglary.
I'm paranoid that if someone physically steals my server, they will gain access to a bunch of sensitive information, and I'm paranoid that if someone gains access to some sort of cloud storage I am looking at purchasing.
I currently have Backblaze unlimited backup which is great, but it's also quite a chore to go through to find content to download. To me, it's more of a total backup solution. I was wondering if it's worth maintaining the backblaze as a backup solution, while getting some sort of cloud storage (I've been looking at filen/pcloud) meaning me and my partner can access and quickly view the content we make, making organisation/posting far, far easier.
Does anyone encrypt locally? (Is that a thing? I'm fully new to this), so if someone physically had my server, they wouldn't be able to get it. As well as have some sort of sync solution/cloud storage that allows me to access the storage folder in explorer (and on mobile devices), making life easy for me.
I personally believe every scrap of data should be encrypted. Doesn't matter if it's NSFW or an archive of the weather report. Everyone should be encrypting their hard drives so they're easier to securely erase when you need to decommission them. Aside from forgetting the password, there's virtually no downside to you at all.
Veracrypt, FileVault (or APFS encrypted storage) and BitLocker, are all perfectly solid encryption options. I'm not up on my Linux options.
To back up to the cloud, use a tool that allows you to manage the encryption locally, like Rclone, Duplicacy or Arq Backup. Never upload anything unencrypted to the cloud and never keep any unencrypted hard drives around.
This has been my strategy. Keep my encrypted data at home and upload it in encrypted form to the cloud.
Linux has Luks which is very effective, all my machines are encrypted using Linux LUKS, I don't really ever use Windows for encryption I know bitlocker exists but I've read articles on how people can still get access to the drives.
To keep people off certain folders, drives, you would need to setup user or group permissions. I do this in Linux as well, only I have access to the 18+ stuff.
Hardware wise you can find enterprise drives that have encryption built into it. I know some WDC drives have it.
Here is an link to WDC drives that have AES-256 encryption built into it: WDC Drives I would expect them to cost a bit more, but if you really need the protection I would build a machine with Linux as the main OS, and then configure the drives under luks with passwords, hell even a passkey file using random 2048 string can be configured. Run Windows under Virtual Machines, I have a 10/11 VM that can read/write to the drives, but you still need a password to open the VM's.
I'm sure there is a solution for you. Just like I've found one for me.
I would like to offer my services as an offsite backup source.
openssl can do encryption on a file basis. So you could write a looping script that would encrypt each file recusively. Then you can unencrypt each file as needed. Or a reverse loops that would unencrypt the bunch.