TrueCrypt: Powerful Personal Encryption
I'm sure you'll recall the headlines from a couple years ago. It seemed as though there were daily stories of large corporations and government agencies suffering data breaches by way of loss of laptops or hard drives. These losses put customers and employees at risk of identity theft. Simply relying on a Windows password wasn't good enough anymore. These entities have realized they may not be able to prevent loss of equipment, but they can eliminate the ability of data thieves to retrieve valuable data from recovered equipment. Fortunately, now you can as well...
TrueCrypt (a free and Open-Source application) now enables you to protect yourself the same way these corporations do. Corporations use solutions like PGP Whole Disk Encryption or a solution from McAfee. All of these software packages offer slightly varied solutions on the same theme. Fortunately, WikiPedia has a great entry that details all the differences for you.
All of these enterprise applications perform essentially the same task. Once installed on a Windows system, the software wizard asks you a few questions. You'll create a secure passphrase, and (along with some other encryption algorithms) all data on the hard drive is encrypted. A special pre-boot utility is installed on the hard drive, requiring the previously created secure passphrase to be entered before the drive is unlocked (unencrypted on the fly) thus allowing the operating system to boot.
When the drive is encrypted, the data on the hard drive becomes data gibberish. That means if your laptop is lost, someone can't boot without this passphrase. They won't be able to remove the hard drive for installation into another computer and make sense of the data either. All data access depends on the previously mentioned secure passphrase. No passphrase match, no data access, period.
With TrueCrypt, the benefit doesn't end there. TrueCrypt can easily perform a similar action (it can encrypt entire partitions or create encrypted containers) on removable (think USB) drives. Since TrueCrypt is free, you can easily install it on multiple computers (it works transferring secure files from Linux to Windows for me as well) and keep your portable data secure. Now, at least if the drive is physically lost somewhere - you won't worry about someone being able to recover your personal data.
You may think that overhead for on-the-fly encryption would slow your performance down. There's likely a little bit, but on modern day systems - the difference is negligible. Simply set aside a few hours aside for about 100 GB of data to be encrypted on a latop. The encryption does not impede any other application (unless you go out of your way to make it do so). Scandisk, defrag, and system hibernate files all act normally.
Many users have an anti-virus application or Internet firewall application installed. It's probably time to look into protecting your data with strong encryption in case of physical loss.
UPDATE: Check out the "howto" video I've included in a later entry.
Syndication
Leave a comment