Thursday, August 02, 2007

Encryption - An easy way to protect your data

Human beings are forgetful. We forget dates, books and certainly IT equipment as well. For example, the US Department of Commerce has acknowledged that 1100 laptop computers have been lost or stolen in 5 years since 2001 (see the link).

USB memory drives are trendy and useful devices easy to forget or get stolen. They are very handy and currently they can store several gigabytes. Doctors (see the link), military staff (see the link) and most of us have already experienced how practical they are and the risks run when patient, defence, financial information (or just our family photos) stored on them is made available to other parties.

We will keep on being forgetful; there is no doubt about it. However, there is a way to avoid that data stored in a lost laptop or a stolen USB memory becomes accessible to the person finding the laptop or stealing the USB memory drive. We can encrypt all data beforehand. At least, the data we cannot afford being read by a stranger.

In the past, encryption was normally linked with complexity and cumbersome steps. Currently, we can benefit from some “user-friendly options” listed below in order of complexity:

How to encrypt a MS Word document:

- If you need to encrypt an MS Word document or a MS Powerpoint presentation, go to Tools > Options > Security, press the button Advanced and select RC4, Microsoft Strong Cryptographic Provider (usually one of the options at the end of the list) with a minimum key length of 128 bits and select also to encrypt document properties.

- To encrypt an MS Excel spreadsheet, you need to go through a similar path, but you will not have the possibility to select key length or encrypt document properties.
Other Office software packages such as OpenOffice provide comparable possibilities to encrypt documents. Undoubtedly, the strength of the password you select will define the protection level of your encrypted file.

How to encrypt any file:

Winzip, the popular compression software offers the possibility to encrypt files while compressing them. When you add a file to a “.zip” archive, simply select the option “Encrypt added files”, then press “Ok” in the Winzip caution message and finally in the “Encrypt” menu insert a strong password and select the last “Encryption method” offered i.e. 256-Bit AES encryption.
The encrypted file will appear within the Winzip archive with a star ‘*’ symbol. This means that the file is encrypted and the password you inserted will be required to access the file. However, be aware that everyone with access to the zip archive can read the name of the encrypted file.

How to create an encrypted volume:

If you need to encrypt many files, there is a more advanced (but a little more complex) possibility: create an encrypted drive using TrueCrypt (free available from truecrypt). After following the steps presented by a wizard in Windows (or some commands in Linux), you can use a drive that will be fully encrypted and also password-protected.
By using any of these options, if your USB memory drive is lost or stolen, there are good chances that the data contained is not read! And remember, keep the password you chose in your password management (see So many passwords! article so that you have access to your encrypted files at any time.