![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
Private parts
Got something to hide?
There are a number of encryption software programs available to download that will make files, folders or containers completely inaccessible and readable to anyone other than the password holder. There are various encryption techniques used by such software using Department of Defence encryption standards and up.
The question is why, unless you have something to hide?
The answer is in the question, I have something to hide and therefore I will encrypt it, but by doing so am I making it look like I have something to hide? No doubt, there are a number of dubious characters that are storing some dodgy files, (illegal MP3's, pornography etc,) downloaded from the net into a folder and encrypting it just in case. Legitimately encrypting personal information, because it is private can make someone feel a little uneasy as it may look like they are hiding something. For this reason people shy away from encryption because of its more sinister association.
Nevertheless, there are plenty of reasons why people who use PC's especially in a network environment should use encryption and should not feel guilty for using it.
Take the network infrastructure implemented at my University. Each user has a network account and by logging in has access to a shared drive (drive letter S) and a home drive (drive letter H). The S: drive is for shared and collaborative files and I would see different folders depending what folder permissions I have. My H: drive is for personal information which only I can see, containing the My Documents folder and other profile information.
The advantage of storing files in one of these network drives S or H, rather than my PC's hard drive C and D is because I can access, download or upload these files from any PC connected to the Internet. The university uses webdav technology to make these folders accessible via a web browser. It is a highly convenient way of managing file storage.
On my H drive I store personal files because of the convenience of accessing them. This include stuff I don't mind people seeing if they really want to (such as pictures of my kids etc) as well as files I definitely don't want anyone else to see - for example my current account and budgeting spreadsheets. Although my H drive is supposed to be secure and inaccessible from anyone else, there are always network administrators who can. Also, with its web enablement there would always be the would-be hacker trying to get hold of your files, no matter how secure a network is. The last thing I need is for someone else to get hold of my bank details.
Best practice would be to securely password protect such files for the additional security measurer as well as for peace of mind - and I should not be ashamed to do so!
So what do I use? My favourite tool is CryptoExpert by SecureAction Research. The section from its ReadMe file gives a good overview of how it works...
"CryptoExpert uses an on-the-fly encryption system to encrypt and decrypt data. Data is stored in the encrypted form, but when it is requested by any application, it gets decrypted on-the-fly. Conversely, unencrypted data to be stored is encrypted instantaneously and then stored. The CryptoExpert system mounts a volume file to create a "virtual drive" that appears to applications and users like any other physical drive. Any data that the user attempts to write to this drive is intercepted by CryptoExpert, encrypted, and written to the volume file. Attempts to read from this volume are also intercepted, and the relevant data is read by CryptoExpert from the volume file, decrypted, and presented to the application trying to read the data.
Dismounting the CryptoExpert "virtual drive" ensures that data cannot be read from or written to it. All data is stored encrypted within the "container". As far as windows is concerned, there is a 'new' disk that has suddenly appeared. When the program exists or the volume is unmounted, the file system stays encrypted and there is absolutely no way anyone can recover/get the data without the pass phrase."
The advantage of using CryptoExpert for file encryption is that its just like having another drive letter, such as E: and you can work on these files as you normally would once the container is mounted. When you log of your PC or unmount the folder, they are securely locked away in an encrypted container file - this can be stored safely on my H drive, USB stick or any other media. As long as I can get to this file and have the CryptoExpert loaded onto my PC/Laptop I can securely work on these files. That way I am confident that my collection of personal files will be for my eyes only. Oh, and there is a free to use version of CryptoExpert with the limitation of a maximum of 50MB container file - more than I need for my spreadsheets.
The down side of storing a 50MB container file on my H drive is the need for a good speed network to get to it via the web interface. There are plenty of other, perhaps easier methods of encrypting files such as stand-alone executables that work like notepad, except when you close the file it is all stored encrypted.
A comprehensive list of encryption tools from Snapfiles.
Network administrators and IT Directors should encourage file encryption across the organisation but unfortunately it is still a taboo subject, mainly because of its sinister association with hiding illegal content and the fact that, ultimately no one unless they know the password, has any hope of accessing any encrypted files - and Directors don't seem to like that. This is particularly so in the Public Sector yet these organisations especially should be more security conscience. The consequences of personal data (whether customer or patient information and staff private files) getting into the hands of criminals would be severe.
There are a number of encryption software programs available to download that will make files, folders or containers completely inaccessible and readable to anyone other than the password holder. There are various encryption techniques used by such software using Department of Defence encryption standards and up.
The question is why, unless you have something to hide?
The answer is in the question, I have something to hide and therefore I will encrypt it, but by doing so am I making it look like I have something to hide? No doubt, there are a number of dubious characters that are storing some dodgy files, (illegal MP3's, pornography etc,) downloaded from the net into a folder and encrypting it just in case. Legitimately encrypting personal information, because it is private can make someone feel a little uneasy as it may look like they are hiding something. For this reason people shy away from encryption because of its more sinister association.Nevertheless, there are plenty of reasons why people who use PC's especially in a network environment should use encryption and should not feel guilty for using it.
Take the network infrastructure implemented at my University. Each user has a network account and by logging in has access to a shared drive (drive letter S) and a home drive (drive letter H). The S: drive is for shared and collaborative files and I would see different folders depending what folder permissions I have. My H: drive is for personal information which only I can see, containing the My Documents folder and other profile information.
The advantage of storing files in one of these network drives S or H, rather than my PC's hard drive C and D is because I can access, download or upload these files from any PC connected to the Internet. The university uses webdav technology to make these folders accessible via a web browser. It is a highly convenient way of managing file storage.
On my H drive I store personal files because of the convenience of accessing them. This include stuff I don't mind people seeing if they really want to (such as pictures of my kids etc) as well as files I definitely don't want anyone else to see - for example my current account and budgeting spreadsheets. Although my H drive is supposed to be secure and inaccessible from anyone else, there are always network administrators who can. Also, with its web enablement there would always be the would-be hacker trying to get hold of your files, no matter how secure a network is. The last thing I need is for someone else to get hold of my bank details.
Best practice would be to securely password protect such files for the additional security measurer as well as for peace of mind - and I should not be ashamed to do so!
So what do I use? My favourite tool is CryptoExpert by SecureAction Research. The section from its ReadMe file gives a good overview of how it works...
"CryptoExpert uses an on-the-fly encryption system to encrypt and decrypt data. Data is stored in the encrypted form, but when it is requested by any application, it gets decrypted on-the-fly. Conversely, unencrypted data to be stored is encrypted instantaneously and then stored. The CryptoExpert system mounts a volume file to create a "virtual drive" that appears to applications and users like any other physical drive. Any data that the user attempts to write to this drive is intercepted by CryptoExpert, encrypted, and written to the volume file. Attempts to read from this volume are also intercepted, and the relevant data is read by CryptoExpert from the volume file, decrypted, and presented to the application trying to read the data.
Dismounting the CryptoExpert "virtual drive" ensures that data cannot be read from or written to it. All data is stored encrypted within the "container". As far as windows is concerned, there is a 'new' disk that has suddenly appeared. When the program exists or the volume is unmounted, the file system stays encrypted and there is absolutely no way anyone can recover/get the data without the pass phrase."
The advantage of using CryptoExpert for file encryption is that its just like having another drive letter, such as E: and you can work on these files as you normally would once the container is mounted. When you log of your PC or unmount the folder, they are securely locked away in an encrypted container file - this can be stored safely on my H drive, USB stick or any other media. As long as I can get to this file and have the CryptoExpert loaded onto my PC/Laptop I can securely work on these files. That way I am confident that my collection of personal files will be for my eyes only. Oh, and there is a free to use version of CryptoExpert with the limitation of a maximum of 50MB container file - more than I need for my spreadsheets.
The down side of storing a 50MB container file on my H drive is the need for a good speed network to get to it via the web interface. There are plenty of other, perhaps easier methods of encrypting files such as stand-alone executables that work like notepad, except when you close the file it is all stored encrypted.
A comprehensive list of encryption tools from Snapfiles.
Network administrators and IT Directors should encourage file encryption across the organisation but unfortunately it is still a taboo subject, mainly because of its sinister association with hiding illegal content and the fact that, ultimately no one unless they know the password, has any hope of accessing any encrypted files - and Directors don't seem to like that. This is particularly so in the Public Sector yet these organisations especially should be more security conscience. The consequences of personal data (whether customer or patient information and staff private files) getting into the hands of criminals would be severe.
