Encryption: say no to data theft*

If your laptop is stolen, will the thief be able to read your vital statistics and personal info? They will if you haven’t used encryption. They’ll have your passwords as well. Do you keep any confidential business files on your computer — like some doctors and Veteran’s Affairs employees do?

As I mentioned in my series on the NTFS file system (click here), Windows has the ability to encrypt your stored data as well as controlling access from networked computers. Enabling encryption is easy, and acts invisibly to the user (you) — and by that I mean your files will look like they always do, but to an “unauthorized user” they will look like a garbled alphabet soup of nonsensical gibberish.

Tip of the day: Encrypt your My Documents folder for top-notch security. To encrypt files and/or folders in Windows you must be using the NTFS file system, which most of you will already have on your machines (use the link above to read how to check, and convert to NTFS if neccessary). There are a few different ways to use encryption; you can encrypt individual files; you can encrypt entire folders and, by default, their subfolders; and, you can encrypt your hard drive (of import for laptop owners). The process for the first two are the same, while the third requires a different method.

[Vista Users: Microsoft says, “EFS is not fully supported on Windows Vista Starter, Windows Vista Home Basic, and Windows Vista Home Premium.” Of course, what they mean by that is “NOT supported; and if you want it, spring for Ultimate Edition”. I recommend using the free TrueCrypt to encrypt your data.]

The simplest method to provide encryption to your personal data is to encrypt the My Documents folder, which I will use for purposes of demonstration — as I mentioned, doing so will encrypt all the files inside and also encrypt the contents of any subfolders. Start by right-clicking on the My Documents folder and selecting Properties…accessing the folder may be as simple as clicking the Start button or finding its icon on your desktop or you may have to click Start >My Computer >Local drive C:, depending on your settings and preferences.

When the My Documents folder’s Properties window opens, click on the “Advanced” button.

As you can see, my My Documents is set to “compressed”, but is not encrypted yet. Compression is another feature of NTFS that was very, very much sought-after in the days before giant hard drives (back then, we hadn’t heard of digital ID Theft) and is a method that uses an algorithm to shrink file sizes. You cannot, however, use encryption and compression at the same time, and today the value of the former far outweighs the latter. Fortunately, switching from one to the other requires no effort on your part, simply select “Encrypt contents to secure data” and the rest is automatic.
Now click “OK”, and then “Apply”. Whenever you encrypt a folder, you will be asked if you want to apply encryption to just that folder, or all the files and subfiles and folders; you want the latter, which is the default.
That’s it. You’re done. Your documents are now safe from “unauthorized” eyes.

That is true, unless the person trying to access your data has their hands on your machine and is able to ‘crack’ your User password (you have given your User Account a password, haven’t you?) which may be the case if your laptop is stolen. To prevent data loss in that type of a situation, you want to encrypt your whole startup process and password protect it…which in essence encrypts your whole hard drive. To do so, click Start >Run and then type in “syskey” (no quotes). Now click on the “Update” button.

Select the top radio button, “Password Startup” and enter a good, strong password. Then enter it again for confirmation. Be sure to write down your password and keep it in a safe place — should you ever forget it, it is not an easy task for even an experienced tech to get you back in to your machine.

A final thought: I think it only fair to tell you (what you may have already guessed/know) that a very knowledgable Evil Doer, if they have physical access to your machine, can often get around whatever security you have in place. The hacker expression is, “if I can touch it, I own it.” So please don’t be careless with your, or your company’s, vital data. Also, you may want to consider a more powerful, 3rd Party encryption tool like TrueCrypt.

Today’s free link: most of you already know that the World Wide Web is a wonderfully rich resource for researching information, but did you also know it is an excellent resource for digital images? Need a picture of the Golden Gate bridge to put into your child’s homework assignment? The place to start looking is Google Images.

Copyright 2007-8 © Tech Paul. All rights reserved. post to jaanix

Share this post :

September 23, 2008 - Posted by techpaul | advice, computers, converting to NTFS, encrypting files, file system, how to, PC, security, software, storage, tech, Vista, Windows, XP | encrypting, Encryption, file, files, folders, ntfa, privacy, security, system