Whenever the subject of file/disk encryption comes up when talking with my non-technical friends, I often get the oddest looks and the strangest comments. These comments generally revolve around the fact (my friends’ facts), that only someone with something to hide would need to encrypt files.
Well, they’re right; but not for the reasons that they suggest.
The real world shows us continually, that financial data and other confidential information can easily be subject to intrusive viewing by others not authorized to do so.
Two examples of how this might occur:
Internet malware attack: Statistics have shown, more and more, that financial data is targeted by hackers/information thieves, for the purpose of identity theft. The reality is; there is no such thing as a totally secure Internet connected computer. All Internet connected computers are subject to attack and compromise.
Lost or stolen Laptop: How often have we read/heard the following – 200,00 (insert your own number here), bank account numbers, Social Insurance Numbers, names, addresses and dates of birth were on a laptop stolen/lost earlier this week. In too many of these cases, negligently, the data is unencrypted. Certainly Laptop theft or loss is not restricted to organizations; it can just as easily happen to you.
To reduce or eliminate the security threat of sensitive data exposure then, the most prudent course of action is data encryption. Essentially, data encryption is a secure process for keeping your sensitive and confidential information private. It is a process by which bits of data are mathematically jumbled with a password-key. The Encryption process makes the data unreadable unless, or until decrypted.
TrueCrypt is an outstanding free open source software system, (one I have using for the last several years) for establishing and maintaining an on-the-fly-encrypted volume. On-the-fly encryption simply means that data are automatically encrypted or decrypted just before they are loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/correct encryption keys.
TrueCrypt uses 11 algorithms for encrypting private files in a password-protected volume. You can store your encrypted data in files, partitions, or in this latest release (March 17, 2008), a portable storage device such as a USB flash drive.
Once your encrypted files are mounted to a local drive with your password or key, you can manipulate those files, i.e. you can open, copy, delete, or modify them. When you have completed working on those files, you then dismount the volume and the files are then safely secured from unauthorized access.
As I stated earlier I have been using TrueCrypt for a number of years and I have developed a lot of confidence in this outstanding application. If you determine that encryption of your sensitive data is a priority, I highly recommend that you give TrueCrypt a try. Indicative of this application’s popularity is the fact that it has been downloaded 5,837,372 times.
- Creates a virtual encrypted disk within a file and mounts it as a real disk
- Encrypts an entire hard disk partition or a storage device such as USB flash drive
- Encryption is automatic, real-time (on-the-fly) and transparent
- Provides two levels of plausible deniability, in case an adversary forces you to reveal the password – Hidden volume – No TrueCrypt volume can be identified (volumes cannot be distinguished from random data)
- Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS
- Ability to encrypt a system partition/drive (i.e. a partition/drive where Windows is installed) with pre-boot authentication (anyone who wants to gain access and use the system, read and write files, etc., needs to enter the correct password each time before the system starts
- Pipelined operations increasing read/write speed by up to 100% (Windows)
- Mac OS X version
- Graphical user interface for the Linux version of TrueCrypt
- XTS mode of operation – XTS is faster and more secure than LRW
Download at: Download.com