Data Encryption — How to secure your data
Most of us, if not all, of our vital life records (Financial records, academic records, transcripts, health records, birth certificates, pictures, etc.), are stored on our computers. Some of us even make the extra effort to digitize the records that only exist on paper. This means that having access to our computer gives access to our data. Therefore, our privacy means securing the data stored on our devices. In some situations, when we lose our computer, our primary concern is not losing the device itself. But the fact that we are not in control of our data. The most worrisome concern is the possibility of others getting access to our data.
Today, most average computer users back up their essential data. Either by using local external storage (like External Hard Drives, NAS, and Thumb Drives) or a cloud storage service (like Google Drive, Dropbox, etc.).
Although backing up our data as often as we can is a good practice, it also exposes our data. The more places we back up our data, the more places we need to secure. When our computers get into the wrong hands, it puts all our data at risk, including our cloud-stored data, if synced with our computers.
Protecting our computers with OS passwords stops an average user from accessing our user accounts on that OS. OS passwords only protect our Home Folder, not our whole disk. (C:/ in Windows OSs’, or Macintosh HD and Library in Mac OSs’). Every superuser knows that bypassing/resetting an OS user password is feasible. And if everything proves hard, all an adversary need is to remove the computer hard drive and use tools like FTKimager or Encase to view our files, and possibly retrieve even deleted files.
In some cases, we don’t have to lose our devices to grant unwarranted access to our data. To comply with the law, we have to hand out our devices for inspection. (Not our data, but our devices). If you have been following the news lately, you have heard about how the Government wants to go through users’ data. Airport security now goes through travelers’ computers at the airport. (I understand this practice is only limited to the US, but it is only a matter of time before other Governments request the same).
So, protecting our data means ensuring that even if someone has access to our computer, they can’t make sense of our data without authorization — whether one has sensitive proprietary data, or just personal data (like pictures). It is of paramount importance that we protect our privacy by securing our data. The best way to ensure our data is protected and secured is by encrypting the data.
What is Encryption?
In simple words, encryption is a method of converting information into a form that is unreadable to anyone but its intended audience. In modern times, this involves protecting data transmitted over the internet, stored on our computers and storage devices.
Encryption is not new; it predates technology. Cryptography is the discipline dedicated to studying how to encrypt and decrypt information. Different computer encryption algorithms exist; some have been broken, and some are yet to be broken. To know more about encryption, read about Cryptography.
How to encrypt your data
Today, most devices come with some Encryption. Almost all the OSs’ can be encrypted by merely turning it on. And user passwords tend to serve as the encryption key. Other devices like Thumb Drive & External Drives needs a little bit more than just turning it on. With External Storage, one can always create an encrypted vault that is only accessible with a password that serves as the key. With this, the chances of an adversary decrypting encrypted storage depend upon the strength of the password. Hence, the need to learn “How to properly set up a password.”
To encrypt:
- Windows OS: Enable BitLocker (this only applies to computers with TPM) — TPM is enabled in BIOS.
- macOS: Enable FileVault
- External storage (thumb drives, external drives, etc.): Create an encrypted vault using VeraCrypt.
- Cloud Service (Dropbox, Google Drive): Create an encrypted vault using VeraCrypt and upload it to the cloud.
Most Cloud Services are encrypted, but the cloud service providers hold the encryption/decryption keys. Meaning they can access the data at any time. So, we need to use a second layer of encryption to keep our data safe. As always, searching for “How to enable BitLocker in Windows” would show lots of results, or preferably one can learn from a YouTube Video.
Tip:
Concerning Internet usage, browsing, and data transmission. If one is using an unsecured network like the WiFi in Cafes or Airports. It is always a good practice to use a trusted VPN. Using a trusted VPN encrypts every outgoing and incoming Internet traffic. Recently the US Congress repealed some of the Internet privacy rules by allowing Internet Service Providers to access and use consumer browsing habits. This means ISPs can sell your web browser history, locations, etc. Using a VPN can help protect your location by masking your IP address. Unfortunately, most of the free web-based VPN’s are slow, and the fast ones charge a small monthly fee. Also, the process of setting up a personal VPN is a little complex. The best option is to use the Free VPN provided with the Opera web browser. It is fast and unlimited. Another tip is using the “HTTPS Everywhere” browser extension. It ensures that website makes use of the most secure connection available.