This was buried in the same letter from Fidelity which announced free trades on 5 additional iShares ETFs:
- Manage your and your family’s finances by safely storing, organizing, and accessing digital copies of important financial, legal, and personal documents.
- Share info with the people you trust, only when you choose. www.fidsafe.com
I’ve been using FidSafe for over a year now. I didn’t write about it because it was in beta. I wasn’t sure if it was going to become an official product. Now that Fidelity officially introduced it, albeit quietly in a letter that also announced quite a few other things, I have higher confidence it’s here to stay.
Online Safe Deposit Box
As the blurb from Fidelity describes, I think of FidSafe as an online safe deposit box. In the old days you put your important paper documents in a physical safe deposit box at a bank branch. With paperless statements, downloadable tax forms, and everything going digital, we need a safe deposit box for those digital documents.
Here comes in FidSafe, which serves as your online safe deposit box. You upload your important documents to FidSafe for safekeeping. You can also write and edit notes directly in FidSafe, which is similar to putting notes in Google Doc or Evernote.
The FidSafe service is free. You don’t have to be a Fidelity customer to use it. You get 5GB of storage. That’s plenty for just financial and legal documents.
You register a mobile phone. Every time you log in, you get a one-time code by text message. You have to use both your password and the one-time code to log in.
If you are a Fidelity customer, you can also use your Fidelity login. If you enabled security token on your Fidelity login, it will use the same token.
Folders and Tags
You organize your documents and notes in FidSafe in folders and subfolders. They can also be tagged. For example if you organize your tax documents into folders by year and you tag your W-2’s with a “W-2” tag, browsing by the “W-2” tag will find all your W-2’s in different folders.
Following the safe deposit box metaphor, you explicitly upload documents to FidSafe. You download documents only when you need them. There’s no automatic syncing between FidSafe and a local computer. You don’t want to carry the complete content of your safe deposit box with you all the time. This also prevents accidentally overwriting or deleting a document in FidSafe when the local copy is overwritten or deleted.
FidSafe just released an iPhone app. It’s compatible with iPad but not optimized for it. No Android app yet. They said the app doesn’t store any document on the phone. I take it as it’s read-only through a built-in viewer. You can also log in from the browser on your mobile phone or tablet.
You can share specific documents in FidSafe with another FidSafe user. I don’t use it now but I see how sharing can be used with a CPA, attorney, or a family member. You just have to persuade them to also use FidSafe.
You can also designate another FidSafe user to take over your documents and notes after you die. When that designated person presents your death certificate, he or she gains access to your documents and notes.
How safe is it to store sensitive financial and legal documents online in the cloud? Document uploads and downloads are going over SSL. Fidelity says the documents are encrypted before they are stored to disk. Because Fidelity manages the encryption keys, you will have to trust that Fidelity manages the keys securely.
I feel comfortable enough with letting Fidelity store documents for me securely. You will have to read what Fidelity says about security and make the judgment yourself.
Other Cloud Storage Services
Can you do the same with another cloud storage service such as Google Drive, Microsoft OneDrive, Amazon Cloud Drive, Dropbox, or Box? You probably can.
Securing documents during transport via SSL is relatively easy. The critical question is whether the documents are encrypted when they are stored “at rest.” Dropbox and Box say they store files encrypted at rest. I don’t know whether it’s also the case with Google Drive, Microsoft OneDrive, or Amazon Cloud Drive.
From Dropbox: What does Dropbox do to protect my stuff?
To protect file data in transit, Dropbox uses SSL/TLS for file transfer, creating a secure tunnel protected by 128-bit or higher AES encryption. Dropbox file data is stored in discrete file blocks that are fragmented and encrypted using 256-bit AES.
From Box: Is My Data Encrypted?
Content uploaded to Box – from a single user with a Personal account to our largest Enterprise accounts – is encrypted in transit when sent through Box’s website and Box-created applications, using high-strength TLS encryption. Content is also encrypted at rest by Box using 256-bit AES encryption, and is further protected by an encryption key-wrapping strategy that also utilizes 256-bit AES encryption.
If you don’t sync, you can do the same upload and download with Dropbox or Box. It comes down to whom you trust more to keep your documents safe.
Given that Fidelity is offering the service specifically for sensitive documents and that Dropbox and Box have many other features they need to pay attention to, I personally trust Fidelity. On the other hand, FidSafe is created and run by a small tech arm at Fidelity, whereas Dropbox and Box are large companies dedicated to cloud storage.
Encrypt With Your Own Key?
If you are technically competent you can encrypt your files with your own key before you upload them to a cloud storage service. When you use this type of end-to-end encryption then it doesn’t matter which storage service you use.
In such case you have to make sure you always have your encryption key. If you lose the key, nobody will be able to read the files. You also have to make sure when the files are needed, you still have the necessary software for decrypting them. Both can be a challenge if you have to train a non-technical family member.
How are you storing and securing your sensitive financial and legal documents now? Do you think FidSafe is potentially a good solution? Or do you think it’s a bad idea to store sensitive documents online no matter what, and it’s better to keep the files on a flash drive in a drawer?
[Photo credit: Flickr user -JvL-]