Data security on the go

Data security on the go

CHIP shows you how to protect your data from prying eyes by encrypting it.

 

There are numerous levels of security that help ensure data doesn't fall into the wrong hands. Some people make their backups on external media and then completely format their drives so that no data is retrievable thereafter. However, with some special tools and little technical know-how, data is easily retrievable. Is there a foolproof way to secure your data? The answer is encryption.

The biggest benefit of encrypting data in your portable drive is that, if the drive is stolen or misplaced, the person who finds it will almost never be able to misuse the data in it—unless he has the password of course.

Encryption, say what?

Think of encrypted data as an ancient language script, which is impossible to understand without having an interpreter. The script is your data and the interpreter is the encryption software. This software translates the intelligible script into an ancient language script and vice versa.

Cryptography is the key to encryption. It is an ancient method of jumbling messages to the extent of making them incoherent to those that do not know the encryption key. Encrypted data is protected by a password without which that data is completely unusable. The power of encryption is exploited everywhere and every day, it’s just that we don’t see it. The list of applications ranges from ATMs to online banking and to many other applicatons.

Why use TrueCrypt

One of the reasons for using TrueCrypt is that it is open source and extremely feature-rich. Its wide variety of options caters to multiple application areas.

Another upside is that you can run it as a portable application which means you do not need to install the software in order to use it. Although there are various options for encrypting data, we will focus on creating an encrypted virtual drive.

Step 1

After you install and launch TrueCrypt, you must create a container to make a virtual drive (volume) which will allow you to copy to and from it while encrypting and decrypting data on-the-fly. Select ‘Create an encrypted file container’. Creating an invisible encrypted volume adds another layer of security.

Step 2

At this stage no files are encrypted. Only a container is created which will accommodate encrypted files. Here, if you select an existing file, that file will be overwritten by the container and will be lost permanently. So create a new file name for the container.

You can choose the encryption method and hash algorithm. For more on this subject read the chapters ‘Encryption algorithms’ and ‘Hash algorithms’ from the built-in tutorial. Otherwise, simply use the defaults.

Step 3

You can allocate space that will be dedicated for encrypted files. Let’s say you have a 120 GB portable drive, you can allocate part of it for encrypted data and the rest can be kept for general storage. One of the most crucial aspects to encryption, a password needs to be set smartly. The simple reason is that the stronger the password the tighter the security. A password in TrueCrypt can be as long as 64 characters, which should have a combination of alphabets, numbers and various special characters. A password with more than 20 characters is highly recommended. TrueCrypt also allows using key files that further tighten security by allowing you to physically protect the decryption key.

Step 4

Files larger than 4 GB might require a specific file system for the encryption volume. So you need to specify whether you’ll be encrypting larger files. Choose what file system the volume will use. Then format the volume to complete the process of creating a container. Creating a 10 GB container on a 2.5-inch portable hard drive took about 7 to 8 minutes—through the USB interface. The time taken for formatting a volume depends on its size.

 

Step 5

Once the container is created, you need to map it to a volume (drive letter) from TrueCrypt’s main window. This will let you use the container as a virtual drive—an encrypted one at that. Go back to the main window, click on ‘Select’ to search for the saved container file and click on ‘Open’.

Your container is now ready to be mounted. Select a drive letter from the list and click on the ‘Mount’ button. You will be prompted for the password. Enter the same password that you used while creating the container in the initial stages. Your encrypted drive is now ready to be used.

Step 6

When data is copied to the volume, it is encrypted on-the-fly. When you access a file from this volume, that file gets decrypted on-the-fly and is ready to use. Once you close the file or shut down your computer, or remove the portable drive, data gets encrypted again (it won’t be lost). Closing the program doesn't dismount a volume, which means the encrypted data can still be decrypted. Therefore, on finishing a task, dismount the volume through the main window and your data will be back to its encrypted state. Alternatively, you can use the auto-dismount feature and tweak it to suit your needs. This workshop shows an easy method to encrypt data. Another option is to encrypt an entire portable drive. Here, you need to select the second option (Encrypt a non-system partition/drive’ from Step 1). Follow the instructions and the rest is easy.