Encrypting Everything Full-disk encryption protects everything on a hard drive even if the drive departs in someone else's pocket. BitLocker, a utility built in to Vista Enterprise and Vista Ultimate, provides such protection. You'll find the program in the Windows Security Control Panel.
Other Windows users-and Mac and Linux aficionados¬have options as well.TrueCrypt is a free, easy-to-use open source encryption product maintained by an active development community. If you feel more com¬fortable working with commercially supported, full-featured software, consider PGP Desktop, For encrypting USB thumb drives, Windows users can nab the free Rohos Mini Drive download.
File encryption protects only the files and folders you specify, of course. Typically you'll set up a folder or virtual drive to encrypt any files saved inside it automatically; as long as you haven't left the relevant folder or files open, a thief won't be able to access the protected data. In contrast, if you set up your PC with full-disk encryption enabled, you have no protection once you log in and unlock the drive.
File encryption can also protect against "d'ohl" moments such as accidentally sharing more than you meant to with a misconfigured file-sharing program, for example. The draw-back, compared with full-disk protection, is that if you unthinkingly save a sensitive file outside an encrypted folder, it's fair game. If you want maximum protection, you can use both full-disk and file encryption on the same drive.
Setting It ALL Up
To set up file or folder encryption with a program such as TrueCrypt or PGP Desktop, first open the utility and elect to create a virtual disk (which receives its own drive letter in Explorer) or an encrypted folder. You'll have to choose a good password and a type of encryption (usually the default is fine).
After creating the virtual drive or folder, you can access it whenever you want: Simply double-click it, supply the password, and save data to it as if it were any other drive folder. Mac as x users can use the built-in FileVault to encrypt the home directory through the Securi¬ty component of System Preferences. In addition, FileVault can create encrypted virtual disks (which you can move to a USB thumb drive or another storage device) via the Mac's Disk Utility.
BitLocker doesn't allow file encryption but a file encrypted with third¬party software in one operating system can be decrypted in others-convenient if your workplace runs multiple ass. E-mail encryption isn't widely used outside specific industries. It involves an extra key-exchange step with recipi¬ents. Both PGP and the open-source Gnu Privacy Guard project can handle e-mail encryption.
No Slowdown, but Drawbacks
A fast computer today can handle encryption and decryption processing without suffering a noticeable slowdown. But protecting data with encryp¬tion does require you to remember yet another crucial passjNord, and losing the key is like losing the combination to an unbreakable safe: You may never recover the encrypted data.
Another vulnerability arises if you copy or save unencrypted files to a USB drive or other backup media, and you don't encrypt your backup drive.
"A lot of us have drives beyond the computer," says John Dasher, a market¬ing director for encryption firm PGP. "It doesn't make much sense to encrypt your main drive if all your important files are sitting on a USB thumb drive sitting in your desk drawer."
Finally, even the best encryption system doesn't protect against all data¬theft threats. If an online intruder infects your PC with a keylogger, the malware can steal online banking data and passwords as you type, or even capture and transmit screen shots, regardless of how that data is saved or sent (though the intruder wouldn't be able to get into your encrypted files without that password). Use a good antivirus program and keep all of your software-not just your OS-up-to¬date to protect against malware threats.
Reply With Quote
Copyright Techfuels
Bookmarks