Data Security

Computer security is becoming an increasingly difficult and complex area, even for home users, never mind large corporate business!

Most people store a surprising amount of personal information on their home computers - emails, names and addresses, bank and doctors details etc.

The top two things which are are vitally important to secure your PC: backups and encryption.

Normally, the worst case scenario is that someone steals your computer. If this happens, it results in two other things happening simultaneously: you have lost all your email, work, pictures, music etc and the thief has access to everything on your PC.

How do you solve this dilemma?

Basically, you can recover your data from a backup. Right?

You did do some kind of backup? Well that's good, now all you have to worry about is the thief looking through all your personal information!

Identity fraud is fast becoming a major focus for the criminal fraternity.

To stop this from happening, only one clear method exists - encryption. This is basically the scrambling of all your data, such that only you can read the information, using a decryption key.

This could be a password, passphrase (like a sentence for example) or even a file.

Encryption software can be installed on your PC and converts all your data, using a password, or passphrase you supply and only you know. There are many different types and methods, but by far the most common are file encryption and full disk encryption, or FDE for short.

Full Disk Encryption

FDE encrypts everything on your computer including the operating system - it encrypts the whole disk. This is a particularly sophisticated form of data protection and should not be undertaken lightly - as there are many consequences and it is technically difficult to understand.

Laptop users who travel frequently could consider this option vital, but it's much better to use this only with the support of your company technical support.

File Encryption

The rest of us can use basic file encryption with spectacularly good results: it is exceptionally difficult to crack modern ciphers, without the use of government resources. To all intents and purposes this puts your data out of the reach of any criminal.

So, how do you 'encrypt'?

The solution is relatively easy, but you need to grasp a few basic concepts first:

• Your encrypted data will become lost forever, if you lose your 'key'!
• You must have a backup in place, to avoid 'key' loss AND data loss: if encrypted data becomes corrupted, you may well lose everything!! Whether you have your key or not.

That said, the current top pick for file encryption is TrueCrypt - you will need to 'read the manual' but it is very straightforward. TrueCrypt uses the concept of 'encrypted containers', which are a fixed size that you specify upon creation. My recommendation would be to create, lets say, a 10 gigabyte container for all your documents, then configure TrueCrypt to automatically open (or 'mount') the container when you start up your computer.

Containers are given passwords upon creation and from that point onward, no one can look inside a container without typing the correct password.

The Container just looks like a file on your hard disk.

You can then move all your data to this new container, and configure your backup to include the new drive letter, but not the container file. (Saves space on the backup - if you have backed up the contents of the container, there is no need to backup the container as well.)

Tip: Encrypt your backups using the backup software, which will protect you from any TrueCrypt failures and also protect from theft.

So, there you have it! Simple but effective encryption to secure all your private and personal information.

Software

Alternatives to TrueCrypt exist and are listed here as they all have particular uses to secure your data.

Windows EFS - 'Encrypting File System' is a part of the Windows operating system, (versions from Windows XP) and can encrypt files and folders. However it is not easy to use and requires some considerable technical understanding to implement safely. (Note: Microsoft's new Vista operating system comes with a more advanced form of EFS called BitLocker, but this too, needs careful understanding prior to use).

TrueCrypt - currently the best open source encryption available bar none. Encrypted containers of any size can be created to hold sensitive documents and many sophisticated control options exist  - you can even mount an encrypted volume from a batch file. More importantly, a form of two factor authentication can be used for the ultra paranoid - i.e.. a password or passphrase and a keyfile is required to open a container.

AxCrypt is a sophisticated Open Source file encryption program, that is loaded with useful features and like Locknote (see below) is relatively simple to use.

Steganos LockNote  has the ability to encrypt a single 'Note' and also make it 'self decrypting', meaning that you double click the encrypted file and are prompted for a password to decrypt. This is a very useful product to quickly and efficiently manage lists of passwords and other sensitive data. However,

Blowfish Advanced CS has been around forever, and is a simple but very effective tool for securing any amount of data. You can highlight a folder and have BfACS encrypt everything inside the folder - on-the-fly.

Keepass though it is not actually file and folder encryption, does deserve a mention as it is a most useful password manager. It allows you to keep lists of passwords and associated information, text, websites etc locked in a secure database that only you can access.

Physical Security

It is important to mention that physical security is the number one consideration to protect your data - it may seem obvious, but theft is the number one source of data loss for mobile laptop users for example. It is therefore important to mention that laptops especially, represent a significant risk of theft - so make sure you follow these simple steps:

1. Never leave laptops 'on view' from either house or car window.
2. Try to avoid 'obvious' laptop style bags.
3. Never leave laptops in a car - even in the boot!