Backing up important physical data


Last week we talked a bit about virtual storage and backups for digital files.

This week I’m going to hit up a new service that aims at backing up your important physical data. has built a secure storage network for your vital personal information like medical records, drivers license copies, passports, wills, credit card copies, financial records, insurance papers, basically everything in your wallet and personal filing folders that you deem important.

The service allows you to scan and upload documentation to your Online Safe Deposit Box through a web browser. Is it secure? KeepYouSafe says they employ military grade encryption to keep data safe. There are also multiple servers worldwide so that if anything happens; there will always be a copy available.

If you are looking for a substitute for your standard banking safety deposit box that can be accessed anywhere in the world, this might be something to look into. says it will be free if you are an “active” member, though what that means right now is unclear. Supposedly you will have enough space to store your most important information.

There is also a larger storage option for $36 per year. Look out for actual file sizes when they officially launch on Jan. 23. Other options for scanning in and storing your important data online would be to password protect your files when you zip or stuff them, and use well-known online storage services like or Xdrive.


Eric Wolbrom

Mike was kind enough to give us the opportunity to respond to this post on his personal blog. Here is a copy of what was posted there:


Hello, Eric Wolbrom, Co-Founder of, here. Just wanted to respond to some of the issues you raised in your comment on our Secure Online Safe Deposit Box service.

Sorry that we got your “spidey sense tingling.” You do raise some good points, thanks, and we appreciate the opportunity to address them.

>1. Nowhere on the site is there any identifying information – there’s no information on the company founders, no information about the background of the company, and generally, no identifying information at all. And nothing in the domain registry info, either.

You’re absolutely right. In the last minute rush to get our site launched, (the service itself has been fully tested and retested and vetted, the site is still just a bit under construction) we haven’t put up all of the planned public web pages yet. We focused more on the technical information than the personal info, because that’s what we personally gravitate to when we’re evaluating a service.

Our bios were added to the site early this afternoon. We’ll also be adding information shortly about our company and our board of advisors, many of whom have backgrounds in law enforcement or network/data security. As you can now read in our bios, both myself and my partner are CISSP’s (certified information system security professionals) and have been since 2000. Our company, Information Survival, LLC, is a member in good standing of the NYECTF (the New York Electronic Crime Task Force, run by the Secret Service).

Regarding the domain registry info, it was just a matter of keeping it brief to avoid spam and other annoyances.

>2. Their terms of use abdicate all responsibility – Okay, so, surely, they’re going to take responsibility for the information, right? Much like a bank, there’s going to be some sort of insurance that if they lose my data, they’re going to pay for it, right?

I’ve yet to see any company/enterprise/government agency whose TOS states that they will take financial responsibility for lost data.

Our TOS states we’re not responsible for data loss to provide protection against potential user-caused losses. We want to avoid long, drawn-out legal battles over whose fault it was if someone gives out their password and their data is exposed. That said, we have complete faith in our security systems – and will happily answer any questions you or others might have about them.

>Even more important to my security spidey sense was their technical white paper about their security architecture. It’s worth a read – it’s just about the perfect document that could give someone who has never done any security a complete sense of false security.

This is a little too vague for me to respond to – I’m not sure exactly what you found in our “perfect document” that concerns you? Please feel free to contact me at so we can discuss further, if you like.

Mike Murray

Wow. That’s just about the most dangerous thing I’ve ever seen.

As someone who has spent their career in information security, protecting against privacy breaches, this site makes me shudder all the way down to my core.

Let’s see: I provide a copy of my social security number, birth certificate, passport and important banking information to a company that is both nameless AND faceless – note that on their website, there is absolutely NO identifying information about the principals of the company or who they are. Their domain registration is private, and their address is in a small town in New York state.

As an aside, there’s a great clause in their “terms of service”:


In other words, store all of your private data with a company that doesn’t tell you who they are, and completely at your own risk.

If I was an identity thief, this would be a great way to gather information on a massive scale. I’m sure that Eric Wolbrom is an up-front guy, but this service is terrifyingly sketchy.

If you want a safe deposit box, go to a bank. Seriously.

Comments are closed.