I’ve been syncing one DTP database to DTTP via dropbox, and so far it’s been working well. But some colleague have suggested using more more secure syncing interfaces that don’t involve dropbox (though some have suggested using it with “Boxcryptor”).
What’s a better, more secure sync DTP / DTTP setup? And are there other measure users could suggest, in general, to provide more security for DTP - and my databases?
Thanks!
Absolutely speaking the only secure location is your HDD, regularly backed-up, and synced via local WiFi…
If you need something more ubiquitous you have to make some compromise… Dropbox was my choice not because of security, but because of my workflow.
I would surely have gone with iCloud, but, unfortunately, there’s still no way of syncing iOS version with Apple’s cloud, and I need to use my iPhone a lot…
So I had to go with DropBox, the cheapest among DTPO’s supported services.
I have no real “secret” data inside my database, and this allows me to be quite peaceful with my data and any possible violation of my account (the most an hacker would find is some of my ongoing research and papers/books I use for it, nothing that a good “Google” can’t show): you have to think about the privacy of your data.
Hope it helped 
The synchronization uses AES-256 encryption optionally, that’s very secure. Therefore the actual location of sync stores doesn’t really matter and you should choose the service depending on speed, available space, price etc.
Thanks very much for your feedback. My material isn’t sensitive yet, but some of it could be in the future and so I want to be sure I’m using the best security possible – or at least amplify the security I currently have in place.
Would using the Local Sync Store location offer better security? Are there any other options one can use to bolster syncing security?
Another thought: Given the level of DTTP’s security, it seems like it would be best to move my DropBox folders within a synced DTTP database. Wouldn’t that bolster syncing security?
Thanks!
DEVONthink does NOT encrypt your databases. It transmits AES-256 encrypted when you specify an encryption key for a given Sync location.
You could put your databases in an encrypted sparsebundle disk image, close the database, and eject the disk when you’re done working with it.
A local syncStore is more secure since you’re storing it on your hardware, even on your network. And specifying an encryption key for it would give the same results as specifying an encryption key for a cloud service.