How to secure sensitive files on your pc with veracrypt

VeraCrypt, a successor to TrueCrypt is largely compatible with it enables the complete or partial encryption of data carriers. Like the template, the freeware is distributed under an open-source license.

If you are really concerned about your files on a computer, especially for security, there is hardly anything better than encrypting them. Even if you keep your files on the cloud, encrypting them before uploading ensures the privacy of your data. If you want to upload some private photos of you or other such sensitive files, and you don’t have any other option, other than uploading them to the cloud, encryption seems to be the most viable option. There are a number of ways you can encrypt your data, and if you are on Windows, you might already know about BitLocker, even if you haven’t used it ever in your life.

What is VeraCrypt?

You can find out, how you can use BitLocker to encrypt all your files on a Windows computer here. But if you work across multiple platforms, you need some cross-platform solution. Here comes VeraCrypt, which is an open-source and cross-platform encryption software available for Windows, Mac, Linux, and BSD for securing sensitive data has been further developed taking into account the recently known brute force attacks.

So, whatever platform you are on, VeraCrypt is available. If you have coding skills, you can also get the source code and modify it and build it up to your requirements. It can both be installed, and you can even use it as a portable program, to carry your encrypted files safely everywhere. There are a number of advantages of VeraCrypt, over proprietary BitLocker, and you can find them once you start using VeraCrypt. By default, the software uses 256-bit encryption to make data illegible for attackers.

VeraCrypt is meant for encrypting individual persons files, and should be used as such. The program can be found on all Windows workstations maintained by the Digital Services (Mac- and Red Hat users can install the program themselves). With the program, a user can create an encrypted volume, which appears as a regular disk drive. The files are automatically encrypted when they are stored in the drive, and automatically decrypted when opened.

The user is responsible for the memorization of the passphrase used in the encryption process. The university’s Digital Services does not have a method to retrieve a lost passphrase. If the passphrase is lost, the files cannot be decrypted.

You can find a manual and more detailed information from the VeraCrypt webpage. This guide tells you, how a volume is made on a Windows workstation and how to apply it as a disk drive.

You start using VeraCrypt by creating a file volume (phases 1 through 9) for the encrypted files and connect as the operating system’s disk drive (phases 10 through 12). The file volume can be a regular file, into which VeraCrypt creates a structure for the encryption. The file volume is then formed as a disk drive with VeraCrypt. The file volume must be formed as a disk drive again, after logging off or restarting the computer.

Phase 1: Start VeraCrpyt and choose “Create Volume”.

Phase 2: Choose the type of the volume

In this phase, you choose the location of the volume. In this case, the volume is created in a regular file.

Phase 3: Set the volume type

You have the option to create a standard or a hidden volume. Pick the standard option.

Phase 4: Choose a location and a name for the volume.

Start the creation of the volume by pressing “Select File”. The button starts a file management program, in which you choose the location and the name for the volume.

Phase 5: Choose the encryption algorithm

Choose, which encryption algorithm and hash algorithm is employed. The default options are suitable. More information about choosing the algorithms can be found here:

Phase 6: Setting the volume size

Choose the required size for the volume. In this instance, a 100 MB space has been allocated to the volume.

Phase 7: Setting the passphrase

An important step in creating the volume. In order to keep the files secure, the passphrase should be as strong as possible. Read the instructions carefully.

Phase 8: VeraCrypt creates an encrypted volume

In this phase, the program formats the volume to be suitable for encryption. Move your mouse on the screen so the program can collect enough randomness for the formation of the encryption algorithm. The bar in the lower part of the window turns green when enough randomness has been generated. Choose “Format” in order to start the formatting process. Click “OK” to after the process has ended.

Phase 9: The volume is ready

The volume is now created. Click “Exit” to exit the creation window.¨

Before the volume can be used, it must be connected as a disk drive. The connection is made in the main window of the program.

Phase 10: Choose a disk drive for the connection of the volume.

The list shows all unused letters for the disk drives. You can choose the most appropriate one, in this case, disk drive F.

Phase 11: Choosing the volume that is going to get connected

Choose the file.

Phase 12: Connecting the volume to a disk drive

The chosen volume is connected as a disk drive by pressing “Mount”.

The connection process requires the passphrase, which must be written on the required screen.

You can also pick the encryption method when opening the volume. Knowing this can speed up the connection process. It is sufficient also to let the program recognize the method itself. Write the passphrase and click “OK”.

In the next step VeraCrypt opens the encryption and connects the volume as a disk drive. After the connection process has been completed, the files in the volume appear in the main window of the program and the volume appears as a new disk drive.

The files in the volume can be accessed as you would access a regular disk drive. The files stored in the volume are automatically encrypted, and automatically decrypted when the files are opened. The passphrase is not needed while handling the files, it is required only when connecting the volume. The files on the volume are always encrypted.

Restarting or shutting off the operating system removes the volume from the disk drive. It is also removed when logging off. The removal can also be made from the main window of VeraCrypt by clicking “Dismount”. The volume can be reconnected by going through the phases 10 through 12 in this guide.

Secure Data Encryption on Portable Storage Devices

The LCTCS Office of Information Technology policy on portable device data security states:

All sensitive data that is stored on agency approved portable storage devices (Notebook PCs, USB thumb drives, USB hard drives, CDs, DVDs, diskettes, PDAs, etc.) that are removed from the state premises must be encrypted and consistent with OIT STD 023 (Encryption Standard). — IT-POL-014

So, what can you do to protect data that you have in your possession?

First, let’s start with some possible sensitive data you might have and how you can protect it and yourself. Sensitive data about you, students, faculty members, and employees can live anywhere that you store digital information including a desktop computer, a laptop, a PDA, a flash drive, or other recordable media.

Student data (grades, SSNs, etc.) also needs to be protected and treated as sensitive data. While it’s convenient to copy files onto portable/mobile devices and media, what information do you really need to be with you at all times? Theft of portable devices is a very serious problem and having data stolen is becoming a large problem too.

What is Encryption?

Encryption is a means to encode data. The purpose of encryption is concealment, or more specifically, security and confidentiality. Things like digital signatures are often confused with encryption, but they are not concerned with concealment, rather they deal with integrity and authenticity, or more simply, verifying a sender and that the contents of a message have not been changed.

E-mail sent without encryption is like a postcard; others can see the contents if they use special tools to pry. With the use of encryption, only the recipient of the message can open and view the contents of the e-mail. It’s like putting it in an envelope and sending it by registered mail. Data other than e-mail can also be stored encrypted so that others cannot easily see its contents.

Why should I care about Encryption?

Typically, encryption is not needed for standard, day-to-day activities. In order to determine if you have digital data that needs to be encrypted, here are some basic guidelines that can be used to determine if encryption is worth implementing. If you answer yes to any of these basic questions, then you should to consider using some form of encryption.

• Is my data sensitive? If so, how? If your data contains information that is sensitive only to you, and its disclosure does not impact other people’s privacy, then is it worth it to encrypt data? Conversely, if disclosure would impact other people’s privacy, then you should definitely look at encryption. (Personal information can be defined as an individual’s name in combination with the individual’s social security number; driver’s license or campus-wide identification number; or account number or creditor debit card with security codes or passwords.)
• Are there already safeguards in place to protect my data? If your data is not portable, nor publicly accessible, then physical compromise is likely the only real threat. Is this threat enough to warrant encryption of data? If your data is mobile (i.e. on a laptop), then physical theft or compromise is a very real concern.
• Are there policies or laws currently in place governing the data you have (FERPA, HIPAA, BPCC regulations)? If so, what are those requirements and have you made due diligence in meeting them?

How can I encrypt data?

There are so many different methods, standards, and algorithms used to encrypt data that their discussion falls well outside of this document. Instead, a couple of very basic methods should cover most needs.

Make your data unreadable and unusable—until you enter the password

• Wichita Technical Institute

• Tweet
• Share
• Email

What to Know

• Turn on Bitlocker (Windows) or FileVault (Mac) or download an encryption app to protect your files and privacy.
• Encrypt everything on your computer using a free app such as VeraCrypt or TrueCrypt. They require a password to boot up.
• Encrypt only some of your files using an app such as AxCrypt or 7-Zip to protect a file or archive with a password.

This article explains how to encrypt your files and why you should. It includes information on the apps that come with your computer as well as free apps that protect your entire drive or only selected files.

Why Encrypt Files

When files are encrypted, they’re scrambled to the point that they’re unusable unless they can be decrypted, which is usually only possible with specific software and knowledge of the password used for encryption.

Encrypt the Whole Hard Drive

Your operating system does not encrypt your files automatically unless you’ve turned on disk encryption options like Bitlocker (Windows) or FileVault (Mac). File storage encryption is usually turned off by default.

There are plenty of free disk encryption programs that you can install right now to encrypt everything on your computer—the whole OS, all of your videos, documents, pictures, etc. They work by forcing a user to provide the decryption password before the operating system loads.

Some of them, like VeraCrypt, isolate an entirely different version of Windows within the encrypted disk. This process lets you enter two different passwords when your computer boots—one takes you to your regular OS and the other takes you to a version of the operating system that doesn’t have any sensitive information. This feature offers a safe way out of a situation where someone forces you to reveal the decryption password.

TrueCrypt is a great option for individual PCs, but if you manage a large number of computers that need whole-disk encryption, check McAfee’s Complete Data Protection. McAfee offers both PC and Mac whole disk encryption that can be centrally managed by their ePolicy Orchestrator (ePO) platform.

Other disk encryption programs are useful for building an encrypted file container, which is like a folder or virtual hard drive that stores sensitive files. It can be decrypted to view the files and to add or remove data, and then just as easily encrypted to protect them. This type of encrypted drive is stored on a hard drive but doesn’t encrypt the entire disk.

Encrypt Specific Files

If you just need to encrypt certain files and not the entire computer, you can do that, too. Many freeware programs support file encryption, so we’ll name just a few.

One really popular way to encrypt single files is with AxCrypt. It changes the file extension to have the AXX suffix, and the file can only be opened with AxCrypt if you provide the password used to encrypt it. You can encrypt files on a Windows or Mac computer and even view them on your phone or tablet with the AxCrypt mobile apps.

7-Zip is another file encryption application that has more than one use. Its primary purpose is for extracting files from formats like ZIP, 7Z, RAR, ISO, etc. However, it can also make new compressed files, and when you do that, you have the option to encrypt the file names and protect the whole archive with a password. It won’t survive forensic-level decryption efforts, but to keep files out of non-technical preying eyes, it’s a good solution.

What is the best way to protect sensitive data from being stolen? Can’t enable BitLocker without TPM? VeraCrypt is a good alternative to BitLocker, which lets you create a virtual disk image for securing your sensitive files with password. In this tutorial we’ll walk you through the steps of encrypting files on your hard disk or USB drive in Windows 10 using VeraCrypt.

Part 1: Download VeraCrypt

VeraCrypt is a free open source software for real-time disk encryption, which is available for Windows, Mac OSX and Linux. Just download VeraCrypt (about 34.5Mb) from its official website. The installation is as easy as clicking Next a bunch of times.

Part 2: Create a Protected Virtual Disk Image

When you open up VeraCrypt, you’ll see a listing of unused drive letters. To start, we need to create a protected virtual disk image (aka “encrypted file container”). Click on the Create Volume button.

Choose “Create an encrypted file container” and click on Next.

VeraCrypt supports two different types of encrypted volumes. Here we select “Standard VeraCrypt volume“.

Next, use the “Select File” button to pick a name and location for the virtual disk image you wish to create. This image can be stored on a local drive or an external USB drive.

Choose your encryption options. The default settings of AES and SHA-512 are good enough for most purposes.

Enter your volume size. It must be large enough to hold your sensitive files.

Enter a volume password which will be later used for mounting this virtual disk image.

Select what file system you want to use. It is recommended to choose NTFS so you will be able to use files bigger than 4GB. In order to generate strong encryption keys, simply move your mouse randomly until the blue bar reaches the end. Click on Format.

Once the volume has been successfully created, click on Exit.

Your volume is actually a disk image file which you can view from File Explorer.

Part 3: Mount the Virtual Disk Image

Open up VeraCrypt again, select an unused drive letter and click on “Select File” to locate your protected virtual disk image, and click on Mount.

Enter your password and click OK.

Your protected virtual disk image will be mounted as a new drive. Open File Explorer and you can move your sensitive files onto that drive.

Part 4: Dismount the Volume

Don’t forget to dismount the VeraCrypt volume when you no longer need to work with it. From within the VeraCrypt interface, select the drive letter of your mounted volume and click on Dismount.

Your VeraCrypt volume will be automatically dismounted after you restart or shut down your computer, so your sensitive files will remain protected.

Context

This article is useful for those who want to share an electronic file that contains sensitive information.

Note that if you have whole disk encryption on your computer, the files on it are not encrypted, only the drive on which the files reside. So if you send a file to someone via email or other means, the file itself is not encrypted.

File encryption is different from whole disk encryption. It allows you to put a password on a file or a folder. The recipient needs the key (password) to decrypt the contents of the file/folder.

Using cloud storage, such as Dropbox, that has encryption built in, might seem like a good idea. However, most cloud storage companies also hold the decryption keys, meaning they could decrypt your files should they need to. If you do use the cloud, make sure you add encryption to sensitive files in addition to the encryption already in place.

Warnings

Answer

Below are some of the most common tools that can be used for file or folder encryption. These tools are not licensed by IS&T, and the IS&T Service Desk may not be able to assist you with troubleshooting. You can still contact the vendor directly for support.

VeraCrypt (Windows, Mac, Linux, Free)

A popular free open source disk encryption software for Windows, Mac OSX and Linux by IDRIX. Amongst its many features, it can encrypt an entire partition or storage device such as USB flash drive or hard drive. It’s real-time encryption allows data to be read and written as fast as if the drive was not encrypted making the end user experience completely transparent.

Cryptomator (Windows, Mac, Linux, Free – Pay what you want)

Cryptomator provides transparent, client-side encryption for your cloud (but can also be used in non-cloud situations). Cryptomator is free and open source software, which encrypts file contents and names using AES. Your passphrase is protected against bruteforcing attempts using scrypt. Directory structures get obfuscated. The only thing which cannot be encrypted without breaking your cloud synchronization is the modification date of your files.

Instructions on installing Cryptomator and creating encrypted volumes can be found at Cryptomator for Cloud-Sharable Encrypted Volumes.

GNU Privacy Guard (Windows, Mac, Linux, Free)

GNU Privacy Guard (GnuPG) is an open-source implementation of the famed Pretty Good Privacy (PGP) encryption tool—you can read the very interesting history of PGP and how GnuPG came to be here. GnuPG is a volume and individual file encryption tool with support for a dozen encryption schemes, paired keys, and expiring signatures. GnuPG doesn’t only provide rock-solid local file encryption; it is, thanks to paired encryption and public key servers, a great tool for encrypted communication. Please note, regular old GnuPG is a command line tool. Check out the list of graphical wrappers and application plug-ins for various operating systems here.

Disk Utility (Mac, Free)

Disk Utility is a diverse tool that handles almost any disk-related tasks you’d need on OS X. The utility is capable of creating secure disk images and file volumes encrypted with AES 128-bit or 256-bit encryption. Like most native Mac utilities and applications, Disk Utility and the accompanying encryption blends seamlessly into the OS X experience and makes mounting and un-mounting encrypted volumes a breeze. Instructions by Apple.

7-zip (Windows, Free)

Compared to some of the heavyweights, like GnuPG and TrueCrypt ( no longer available ! ), it might be easy to dismiss the popular file compression tool 7-zip as a lightweight. 7-zip fills a perfect niche for many people, however, by offering simple ZIP container-based encryption. If you’re not interested in encrypting a ton of files or maintaining an entire encrypted volume, but you still want to make sure important documents like tax returns or other Social Security bearing documents are locked up tight, 7-zip sports strong AES-256 encryption. Create a new compressed archive, throw your files in it, and slap a password on. Your files are strongly encrypted and stored right alongside your regular documents.

AxCrypt (Windows, Free)

AxCrypt is a free encryption tool for Windows. Once installed it integrates with the Windows shell and offers simple right-click encryption and decryption of files with AES-256 encryption. Your entire interaction with AxCrypt can take place exclusively from the right-click context menu. In addition to integrating with Windows and offering easy encryption and decryption, you can also use the tool to create self-extracting archives to securely transport files or transfer them to a friend—no AxCrypt installation necessary at the other end.

PGP Zip (Windows, Free with PGP Desktop)

If you have PGP Desktop installed on your machine, you can use a tool that comes included with the software, called PGP Zip. Instructions on how to use PGP Zip, supplied by Symantec.

VeraCrypt

• Home
• Source Code
• Downloads
• Documentation
• Donate
• Forums

Documentation >” />>” style=”margin-top: 5px”> Plausible Deniability >” />>” style=”margin-top: 5px”> Hidden Operating System

Process of Creation of Hidden Operating System

Plausible Deniability and Data Leak Protection

1. It enables the creation of a secure platform for mounting of hidden VeraCrypt volumes. Note that we officially recommend that hidden volumes are mounted only when a hidden operating system is running. For more information, see the subsection Security Requirements and Precautions Pertaining to Hidden Volumes.
2. In some cases, it is possible to determine that, at a certain time, a particular filesystem was not mounted under (or that a particular file on the filesystem was not saved or accessed from within) a particular instance of an operating system (e.g. by analyzing and comparing filesystem journals, file timestamps, application logs, error logs, etc). This might indicate that a hidden operating system is installed on the computer. The countermeasures prevent these issues.
3. It prevents data corruption and allows safe hibernation. When Windows resumes from hibernation, it assumes that all mounted filesystems are in the same state as when the system entered hibernation. VeraCrypt ensures this by write-protecting any filesystem accessible both from within the decoy and hidden systems. Without such protection, the filesystem could become corrupted when mounted by one system while the other system is hibernated.

If you need to securely transfer files from the decoy system to the hidden system, follow these steps:

1. Start the decoy system.
2. Save the files to an unencrypted volume or to an outer/normal VeraCrypt volume.
3. Start the hidden system
4. If you saved the files to a VeraCrypt volume, mount it (it will be automatically mounted as read-only).
5. Copy the files to the hidden system partition or to another hidden volume.

Possible Explanations for Existence of Two VeraCrypt Partitions on Single Drive

• If there are more than two partitions on a system drive and you want to encrypt only two of them (the system partition and the one behind it) and to leave the other partitions unencrypted (for example, to achieve the best possible performance when reading and writing data, which is not sensitive, to such unencrypted partitions), the only way to do that is to encrypt both partitions separately (note that, with a single encryption key, VeraCrypt could encrypt the entire system drive and all partitions on it, but it cannot encrypt only two of them — only one or all of the partitions can be encrypted with a single key). As a result, there will be two adjacent VeraCrypt partitions on the system drive (the first will be a system partition, the second will be a non-system one), each encrypted with a different key (which is also the case when you create a hidden operating system, and therefore it can be explained this way).

If you do not know any good reason why there should be more than one partition on a system drive at all:

VeraCrypt offers open source file-encryption with cross-platform capabilities.

Subscribe now

Get the highlights in your inbox every week.

Many years ago, there was encryption software called TrueCrypt. Its source code was available, although there were no major claims that anyone had ever audited or contributed to it. Its author was (and remains to this day) anonymous. Still, it was cross-platform, easy to use, and really, really useful.

TrueCrypt allowed you to create an encrypted file “vault,” where you could store sensitive information of any kind (text, audio, video, images, PDFs, and so on). Provided you had the correct passphrase, TrueCrypt could decrypt the vault and provide read and write access on any computer running TrueCrypt. It was a useful technique that essentially provided a virtual, portable, fully encrypted drive (except it was a file) where you could safely store your data.

TrueCrypt eventually closed down, but a replacement project called VeraCrypt quickly sprang up to fill the void. VeraCrypt is based on TrueCrypt 7.1a and features many improvements over the original (including significant algorithm changes for standard encrypted volumes and boot volumes). With VeraCrypt 1.12 and later versions, you can use custom iterations for increased encryption security. Better yet, VeraCrypt can load old TrueCrypt volumes, so if you were a TrueCrypt user, it’s easy to transfer them over to VeraCrypt.

Install VeraCrypt

• The defensive coding guide
• Webinar: Automating system security and compliance with a standard operating system
• 10 layers of Linux container security
• SELinux coloring book
• More security articles

Alternately, you can build it yourself from source code. On Linux, it requires wxGTK3, makeself, and the usual development stack (Binutils, GCC, and so on).

Once you have it installed, launch VeraCrypt from your application menu.

Create a VeraCrypt volume

If you’re new to VeraCrypt, you must create a VeraCrypt volume first (otherwise, you have nothing to decrypt). In the VeraCrypt window, click the Create Volume button on the left.

veracrypt-create.jpg

In VeraCrypt’s Volume Creator Wizard window that appears, choose whether you want to create an encrypted file container or to encrypt an entire drive. The wizard steps you through creating a vault for your data, so follow along as prompted.

For this article, I created a file container. A VeraCrypt container is a lot like any other file: it exists on a hard drive, external drive, in cloud storage, or anywhere else you can think to store data. Like other files, it can be moved, copied, and deleted. Unlike most other files, it can contain more files, which is why I think of it as a “vault,” and VeraCrypt developers refer to it as a “container.” Its developers call a VeraCrypt file a “container” because it can contain other data objects; it has nothing to do with the container technology made popular by LXC, Kubernetes, and other modern IT mechanisms.

Choose a filesystem

During the volume-creation process, you’re asked to select a filesystem to decide how the files you place inside your vault are stored. The Microsoft FAT format is archaic, non-journaled, and limits both volume and file sizes, but it’s the one format all platforms can read from and write to. If you intend your VeraCrypt vault to cross platforms, FAT is your best bet.

Aside from that, NTFS works for Windows and Linux. The open source EXT series works for Linux.

Mount a VeraCrypt volume

Once you’ve created a VeraCrypt volume, you can mount it from within the VeraCrypt window. To mount an encrypted vault, click the Select File button on the right. Select your encrypted file, choose one of the numbered slots in the upper half of the VeraCrypt window, and then click the Mount button located in the lower-left corner of the VeraCrypt window.

Your mounted volume is available in the list of available volumes in the VeraCrypt window, and you can access that volume through your file manager as if it were an external drive. For instance, on KDE, I open Dolphin, navigate to /media/veracrypt1 , and then I can copy files into my vault.

As long as you have VeraCrypt on a device, you can always access your vault. It’s encrypted until you manually mount it in VeraCrypt, where it remains decrypted until you close the volume again.

Close a VeraCrypt volume

To keep your data safe, it’s important to close a VeraCrypt volume when you don’t need it open. That keeps it safe from prying eyes and crimes of opportunity.

By Jeandre de Beer / Pc World

Flash drives are easy to lose. And anything lost can fall into the wrong hands.

So if you’re carrying around sensitive information in your pocket, you need to make sure those files are encrypted.

Buy an encrypted drive

You can buy a flash drive with built-in encryption, such as the DataTraveler Locker+ G3. When you plug the Locker+ in, it comes up as a 13MB, read-only drive.

But once you launch the program file on that drive and enter the password that you previously setup, another drive opens up with all the storage space you paid for. That drive, of course, is inaccessible without the password.

The software runs off the drive, and it can be used on multiple computers and operating systems.

But I strongly recommend against using this drive’s optional cloud backup feature. It uses Dropbox, OneDrive, or whichever cloud service you pick, which at first glance seems like a nice convenience.

But this feature uploads the files without its own encryption. That means you’re trusting your sensitive files to the encryption capabilities of Dropbox and similar services, and they aren’t all that secure. Find another way to backup these files—preferably one where you can can control the encryption.

Install specialized software on your drive

If you already have a drive you want to use, consider installing ENC Security Systems’EncryptStick. You have to install EncryptStick onto your main PC, but it runs as a portable program on any other computer.

EncryptStick won’t let you access your encrypted files directly from Windows/File Explorer here. You have to use the program to access your files. From there, you can drag and drop files in and out of the container, open files into their respective programs, edit, and delete them.

One nice touch: The encrypted files take up only the space they need. You can use the rest of the drive for files that don’t need protection.

Use free software that’s not really all that portable

Regular readers know I’m a fan of VeraCrypt, a free, open-source encryption tool. There are several ways to use VeraCrypt, but I recommend creating an encrypted container (also called a volume or a vault).

You can install VeraCrypt as a portable program. Plug in your external drive, and launch the downloaded installation program. On the page immediately after the EULA, selectExtract.

This will put a portable version of VeraCrypt onto your external drive. You can create a vault, of any size, on the external drive.

But there’s a problem. The portable version of VeraCrypt works only if you’re using an administrator-level account or have the password for one.

Or, of course, if the non-portable version is installed on the machine. This seriously limits with which computers you use the program.

IT Experts are specialists in this field.

Contact us for any assistance that you need.

In a matter of minutes we can remotely log into your computer – safely and securely – to assist you with any issues you might experience.

What is remote support? Click here to find out.

Computers Polokwane | Computer Repairs Polokwane | Computer Support Polokwane | Computer Shops Polokwane | Computer Sales Polokwane | Laptops Polokwane | Laptop Sales Polokwane | IT Support Polokwane |

Laptops Polokwane | Laptop Repairs Polokwane | Laptop Support Polokwane | Laptop Shops Polokwane | Networks Polokwane | Internet Polokwane | IT Company Polokwane | IT Companies Polokwane

Computers Limpopo | Computer Repairs Limpopo | Computer Support Limpopo | Computer Shops Limpopo | Computer Sales Limpopo | Laptops Limpopo | Laptop Sales Limpopo | IT Support Limpopo |

Laptops Limpopo | Laptop Repairs Limpopo | Laptop Support Limpopo | Laptop Shops Limpopo | Networks Limpopo | Internet Limpopo | IT Company Limpopo | IT Companies Limpopo | Network Support Polokwane |

Network Support Limpopo | Computers Polokwane

Published 8 May 2018

Anna Okon

Your computer is not as secure as you think. If you use it to store sensitive information like tax forms, legal documents, and other files, you need to take extra steps to keep that information safe from prying eyes.

Protect files on your computer

Stashing sensitive files on your computer is much more convenient than hoarding stacks of papers in filing cabinets. But just as you lock your filing cabinet with a key, you need to lock those digital files so that thieves and hackers can’t access them. Despite what you may think, a regular user account password is not enough, according to If someone has access to your device, they could easily find and steal your files with free and easy-to-obtain software.

In order to protect sensitive files, you need encryption. This technology uses complex algorithms to jumble up the data so that only people with the key – in this case a password – can view the unscrambled version. If anyone were to steal your computer, he or she would see the file, but without that password, its contents would look like a garbled mess.

Both Windows and macOS have built-in tools that will encrypt your files and treat your user account’s password as the key. That way, you enter your password the same as you always have, but it does a lot more behind the scenes to lock down your files.

On macOS

Mac users have it easy: Turn on the FileVault feature from System Preferences > Security & Privacy > FileVault. This will encrypt your entire hard drive, preventing anyone from accessing your files unless they know your account password. If you want to store information on an external USB drive for portability, your Mac can encrypt that too: Right-click the drive in Finder and choose Encrypt.

On Windows

Windows, unfortunately, is a bit more complicated. Some PCs automatically encrypt their files by default. You can check this by going to Settings > System > About and scrolling down to ‘Device Encryption’. If your computer doesn’t have this ability, Windows offers a similar feature called BitLocker, which you access from Control Panel > System and Security > Manage BitLocker. BitLocker can encrypt your computer, as well as your external drives. The latter ability is useful if you want to move files between PCs or lock the data under another layer of security by putting a portable drive in a physical safe.

Note: BitLocker requires that your computer has a special chip called a Trusted Platform Module, and not every PC comes with one. Furthermore, it also requires the professional edition of Windows 10, so if you have the Home version and your computer didn’t come with a Device Encryption feature, you won’t be able to use either of these built-in encryption tools.

Thankfully, you can turn to third-party options. VeraCrypt is a free program for Windows, macOS, and Linux that can encrypt your computer’s entire drive. You can also use it to encrypt certain groups of files inside their own secure “container,” though we recommend encrypting everything.

If you encrypt your hard drive (or put any files in an encrypted container), it’s important that you remember your password. Should you forget it, you won’t be able to access those files at all.

Store files in the cloud

If you want easy access to those files on your other device or back them up in case of hard drive failure, you can keep them safe in the cloud. First, you have to know a little about the security of your storage service.

Read Also

There are many popular file sharing services, such as Dropbox, encrypt your data – but this doesn’t make them completely private.

The Dropbox service can access files to do things like generate previews and allow users to interact with and collaborate on those files.

By making your data accessible to Dropbox itself, the service can provide convenient features like previews—but when it comes to your sensitive files, you may not feel that this is worth the trade-off. While Dropbox performs threat modeling on every feature to probe for weaknesses, it’s still asking you to trust its private security measures.

However, neither service will protect you if some ne’er-do-well actually gains access to your account. If someone else knows your Dropbox password, or breaks into your account through a security breach, your files will all become freely accessible to them. That’s why it’s important that you choose a strong, randomly-generated password and turn on two-factor authentication for every cloud service you use.

As long as you take advantage of those features, a cloud service like Dropbox or Spider Oak is probably good enough to protect most documents. But remember: When it comes to the cloud, you’re always trusting your data to someone else. If you really want an extra layer of security, you can store your files in a Vera Crypt container and then sync them to cloud storage. Even if someone got full access to your Dropbox or Spider Oak account, the bad actor would also need your Vera Crypt container’s password to access the files. Dropbox’s Help Center even recommends this approach when dealing with extra sensitive files.

Send files to someone else

Keeping your files safe gets a lot more difficult if you need to share them with someone else. The most secure way to send those files (besides handing them over in person) is to encrypt them, share the encrypted version, and have the recipient decrypt them on their own machine.

Unfortunately, that isn’t very practical. Your recipient probably doesn’t use Vera Crypt, and asking them to install a whole new program just to read your files is probably going to be a non-starter. So you’ll need to try another route.

If you’re sending documents to a professional who regularly deals with sensitive documents, like a lawyer or tax preparer, they may have a “secure file box” on their website where you can drop the data. You’ll probably need to create an account to use it, but provided its developers have done their jobs, this will likely be your most secure option. (Again, there’s a big “if”: You have to trust the person managing the encrypted cloud storage.)

Without a secure file box, you should turn to your cloud-storage service of choice. Upload the file and use the built-in file-sharing features to send your recipient a link. This is safer than sending the file as an email attachment, since the recipient’s email service may not have strong security.

By sharing the file through something like Dropbox, you at least know it’s traveling over HTTPS, so other people on the network can’t see it, and you’ll be able to remove the file from your cloud storage after the recipient downloads it. This method isn’t perfect (since, again, Dropbox can see your files), but it’s almost certainly better than using an email attachment.

All rights reserved. This material, and other digital content on this website, may not be reproduced, published, broadcast, rewritten or redistributed in whole or in part without prior express written permission from PUNCH.

All rights reserved. This material, and other digital content on this website, may not be reproduced, published, broadcast, rewritten or redistributed in whole or in part without prior express written permission from PUNCH.

VeraCrypt is an open source encryption solution that is easy to use and works on Windows, Mac, and Linux. It can be obtained by visiting veracrypt.codeplex.com and can be a useful tool to help protect Virginia Tech data. The most common way to use VeraCrypt is to create an encrypted volume (file) and then store files inside the volume that need to be encrypted. Steps have been provided below for the creation and mounting of a VeraCrypt volume.

1. Open up the VeraCrypt application and select “Create Volume“.

2. Select “Create an encrypted file container” and click “Next”.

3.Create a name and select a location to save the VeraCrypt volume that you will be creating and select “Next.”

NOTE: It is helpful if you create a volume name that ends with “.vc”. This will associate the volume with the VeraCrypt application.

4. VeraCrypt provides some options for encryption. Select the desired encryption algorithms and select “Next”. VeraCrypt uses the AES algorithm by default and is recommended for selection.

Note: In most cases a 500mb size volume is suitable. However this depends on the user’s need and should be adjusted accordingly.

5. Create the size of the volume that you would like to create. Click “Next”.

6. Create a password for your encrypted volume. Click “Next”.

Note: The longer the password the better it is. It is important to not lose your password. A lost password will make the data unrecoverable.

7. Select the file system and click “Format”. The default is suitable in most cases.

8. Your volume has been created. Click “Exit”

1. Select the VeraCrypt volume that you would like to mount. Select the letter drive location you would like to use. Click “Mount”.

2. Enter your password for the VeraCrypt volume. Click “OK”.

3. The drive is now unencrypted and ready for use at the drive location you have selected. Save files and documents as you would normally do with a mounted drive.

When you really need to keep your files safe and secure, you need encryption. We’ve covered the basics before , and even rounded up your favorite encryption tools , but today we’re putting two of the most popular options for Windows head to head to see which one is the best at keeping your sensitive data safe.

The Contenders

Choosing two encryption tools for this comparison wasn’t easy. Should we consider two similar tools, or two of the most often-used tools? We opted for the latter in this case, and decided to focus on Windows, since—beyond it being the most popular OS in use—it lets us narrow our focus to the two big apps most people would actually choose from, even if there are tons of options with different features available. Don’t worry, if your favorite encryption app or platform isn’t included here, we’ll get to you soon. Now, with that said, let’s take a look at our two big contenders:

• Bitlocker : Microsoft’s own baked-in encryption tool is very popular, partially because it’s effective and built-in to the OS you’re already using (assuming you’re using Windows 7 Ultimate or Enterprise, Windows 8 Pro or Enterprise, or Windows 10 Pro or Enterprise.) Bitlocker supports AES encryption, and while it’s primarily used for whole-disk encryption to lock down your entire computer and not just specific files, it also supports encrypting other volumes or a virtual drive that can be opened and accessed like any other drive on your computer. If you’re looking to encrypt specific data and not everything on your PC, that’s the way to go. When I asked publicly what encryption tools people were using, Bitlocker made more than a few appearances.
• VeraCrypt : Free, open-source (mostly,) and cross-platform, VeraCrypt can handle almost anything you throw at it. It’s a fork of TrueCrypt, which melted down and ceased development back in 2014, but since then it’s been updated, improved its own security , and gotten a lot faster. VeraCrypt supports AES, TwoFish, and Serpent encryption ciphers, and supports the creation of hidden, encrypted volumes within other volumes. VeraCrypt also supports full-disk encryption, including system disks. This makes the tool flexible enough to do both on-the-fly file and volume encryption to keep specific files and data safe, or to encrypt entire systems so they’re only accessed by authorized users. It also doesn’t hurt that VeraCrypt is fast, free, and available on just about any computer you may need it—or your encrypted data—on.

Both options are solid, and you absolutely could (and, if you’re serious, should) use both. We’ll get into the nitty gritty in a moment, but Bitlocker is great for seamless, don’t-even-know-it’s-happening full disk encryption, and VeraCrypt is excellent at encrypting volumes, drives, containers, or specific files for storage or on-the-fly security. If we had to make an early recommendation, we’d say use both that way.

Still, Bitlocker and VeraCrypt are very different tools, and who each one will be best for depends heavily on the type of user you are, and what you have access to. Let’s run down some of the big differences.

A USB drive is a portable device that offers a convenient way of storing and/or transferring your data, though this can come with several security risks. Thankfully, you can encrypt a USB drive and protect your sensitive files and data whenever they’re transferred between different locations.

You should note that encryption doesn’t protect your data and files from password prying methods and password-collecting malware. It’s simply a way of preventing your sensitive and confidential files and data from landing in the wrong hands or being accessed by unauthorized persons via security incidents and data breaches.

We’re going to show you how to encrypt a USB drive in Windows 10 so no one can read or access the data stored in it without entering the right password.

Encrypt a USB Drive in Windows 10

Windows 10 comes with BitLocker, a tool that makes it easy to encrypt your USB drive, but it’s only available in the Windows 10 Pro version.

In order to encrypt your USB drive using BitLocker, take the steps below:

1. Plug in your USB drive into your Windows PC and let the computer recognize the drive. If you see the AutoPlay on your screen, click the “Open folder to view files” option.

2. Choose the drive you’d like to encrypt and then click Manage tab.

3. Click BitLocker.

4. Click “Turn on BitLocker”.

Note: You can also click This PC, right-click the USB drive you want to encrypt, and select “Turn on BitLocker”.

5. Wait a few seconds for BitLocker to setup.

6. Next, check the “Use a password to unlock the drive” box.

7. Type in a password you can remember in the “Enter your password” box, and do it again in the “Re-enter your password” box.

You’ll get a prompt to back up a recovery key. This key allows you to access the USB drive in the event that you lose the encryption password you entered in the previous step. You can save this key or print it out and store it someplace safe instead of storing it in the cloud.

8. Next, select how much of your USB drive you’d like encrypted. Here, you have two options: select the entire drive or the used space only. Choose the method of encryption you’d like to use.

BitLocker has the new 256-bit XTS-AES encryption mode in Windows 10 version 1511, and with the improved algorithm, it also offers integrity support. Older Windows versions don’t have this new encryption mode though, which is why you need to pick an encryption method.

If you’re going to use the USB drive you’re encrypting on the same computer you’re encrypting it on, pick the new encryption mode. However, if you want to use it on other computers running old Windows versions, you can still do so by selecting “Compatible Mode”. This uses the previous 128-bit AES encryption standard though.

9. The next step is to encrypt the USB drive. The speed by which it encrypts you drive may move fast or slow depending on the size of your USB drive, the amount of data you have stored on it, and the system specs of your machine. Click Start Encrypting when ready.

If you open This PC by the lock symbol, you’ll know the drive is securely encrypted. You’ll also be prompted to enter the password you created initially each time you plug in the encrypted USB drive. There are also other options you can pick to automatically unlock the drive on your computer, or if you forgot the password, you can enter the recovery key instead.

Use USB Drive Encryption Software

If you want a different way of encrypting your USB drive in Windows 10, you can use an encryption manager. This is a tool or software that encrypts only the files on your USB drive, but it doesn’t partition the drive in its entirety, which is good because not all your files need protection via encryption.

One of the best USB drive encryption software you can use is VeraCrypt. You don’t have to install it on your Windows PC; just download it to your USB drive directly.

VeraCrypt uses the 256-bit AES encryption, which is very strong and can’t be cracked by brute force. It creates two security levels: a hidden vault that’s protected using a single password and a visible vault or outer volume, which is protected using a different password.

The purpose of the visible vault is to protect the hidden data if someone tries to forcibly get the password from you, but in the real sense, they can’t access the real files as they’re still hidden. However, this decoy vault is only effective against data thieves who don’t know about VeraCrypt, though with a bit of research, they can still find out about it.

Once the software formats your USB drive, you can only access the drive via VeraCrypt. When you plug it into your PC, it’ll appear in Windows Explorer, but you only see the VeraCrypt program and the outer volume or decoy vault.

Wrapping Up

We hope you now know how to encrypt a USB drive in Windows 10. If you have any further questions or you weren’t able to get the drive encrypted, let us know by leaving a comment in the section below.

Related:

Never Miss Out

Receive updates of our latest tutorials.

My passion has always been to share every bit of useful information I find on tech, with the ultimate goal of helping people solve a problem.

hemang

Distinguished

I have purchased a WD Ultra 2Tb external HDD for backups. This has a single NTFS partitition. WD also gives it’s own encryption software which I do not plan to use.

I was already doing backups on another 500Gb HDD which was having a 200Gb encrypted TrueCrypt partition (apart from another 300Gb unencrypted partition) but the space was over in both, so I got a new large one.

I am using VeraCrypt instead of TrueCrypt which I used earlier

My question is :
1) Should I partition the 2Tb HDD and encrypt a say 500Gb partition to store sensitive files? What format to use for the partition, before and after encryption?
2) Should I make a 500Gb container instead of a partition? Is this better than above option? What format to use for container?
3) Should I just go ahead and encrypt the entire 2Tb HDD with VeraCrypt and also store non-sensitive data like backup of my pictures on this encrypted HDD? Is this better than above 2 options? What formats to use?

The HDD will not be used by anyone else. I was also thinking maybe I can make a small partition to store VeraCrypt portable in case I want to see the data on some other computer. Does this make sense?

What is best, entire HDD encryption or partition encryption or container?

Or should I just use the WD encryption instead, not inclined towards it.

Want to improve this question? Add details and clarify the problem by editing this post.

Closed 5 years ago .

I sometimes use a VeraCrypt volume to store personal data (mostly backups from another computer) on a Windows computer I don’t own.

But I learned over the years that modern OSes store users’ data in a lot of unencrypted locations :

• image thumbnails are created and stored somewhere in AppData,
• data that’s in the RAM can end up in a swap file on the disk,
• a lot of softwares save backups of the files they manipulate, often to be able to recover them if a crash occurs.

The only secure setups seem to be : an encrypted external hard drive, which doesn’t contain cache folders, or a fully encrypted system, which has become pretty difficult to achieve with UEFI on Windows.

What is the point, then, of softwares like AxCrypt, VeraCrypt or TrueCrypt, which encrypt single files without encrypting the whole system, if the OS leaks enough information to enable anyone to know what’s in the encrypted volume ?

3 Answers 3

When & How to Properly Encrypt

When deciding where and how you want to apply encryption, it is important to consider what sorts of attacks you’re actually expecting to prevent and whether or not the data you’re encrypting actually needs strong protection in the first place.

This breaks down into three main factors:

• Sensitivity of the data. A database of all your account passwords, specifics about your financial or medical histories, and pictures of your genitalia are all certainly in need of some amount of protection. That funny cat meme that you’re going to post to Twitter, not so much.
• Likely attack vectors. If you want to use encryption to protect your data, it needs to stay protected no matter where it is. This means keeping it encrypted whether it’s on your computer, flying across the Internet, or sitting in some sort of cloud backup. This protects against burglars, state/corporate proxies, and cybercriminals, respectively.
• Capabilities of likely attackers. Odds are, most of the burglars and cybercriminals who are going to want a look at your data will be opportunists. They won’t likely be well-equipped or motivated enough to mess with trying to break or work around at-rest data encryption at all – they’ll just move on to the next target. State-level actors or other APTs might not be so stymied, but they may also have other ways to make your life miserable even if they never get your data.

So, take that all together and here’s what you do:

All Data At Rest on Your PC & Removable Media Encrypt your entire hard drive(s). Don’t leave anything in the clear. This protects the sensitive data in its primary storage location, as well as any local system caches or page files that it might get leaked to. As a side-effect, all non-sensitive data on the same drives is protected as well. (At least, until you send it somewhere else.)

All Non-Sensitive Data Leaving Your Control If you’re posting it on a public forum or social media, consider it already compromised and move on. If that thought makes you queasy, don’t post it.

Sensitive Data That’s Traversing the Internet Make sure proper transport-layer security (not necessarily TLS, but it generally is) is in place to encrypt the connection between your PC and the remote endpoint. Also be sure that you trust the remote endpoint to properly handle and protect whatever data you’re sending to it. If you don’t, see the next section.

Sensitive Data Going to Someone Else’s PC There’s a lot of ways that you might want to pass data to someone else’s computer directly. It is also important to recognize that e-mail and cloud storage reside on “someone else’s computer”. If it’s sensitive, and it’s leaving your control, this is where tools like encrypted containers and files (herein referred to collectively as “file-level encryption”) come in.

Why File-Level Encryption is Important

With file-level encryption, it doesn’t matter whether the data is passing the network over a cleartext protocol or sitting on a computer that doesn’t have whole-disk encryption. Regardless of where it goes, an encrypted file will always have a non-trivial layer of protection around it in its primary storage location.

This is not to say that the file’s contents cannot be exposed while they sit in a clear cache, page file, hibernation file, or RAM. However, accessing these storage locations is slightly more difficult than simply reading the file from primary storage. It also requires a certain amount of luck, as any data stored in those areas is transient by nature.

Ultimately, how other people manage the computers that contain the data you send to them is beyond your control. This is why you shouldn’t release control of sensitive data to people you don’t trust to properly protect it. If you must release your sensitive data though, file-level encryption is about the best you can do to make sure it stays safe. At the very least (since the remote party could ultimately just decrypt the data and leave it in the clear) you’ll be able to say you’ve done as much as you can.

A Note on Encrypting External Drives

Keeping all data on an encrypted external drive does nothing to protect it, that couldn’t be equally accomplished by file-level encryption on an internal drive. As soon as you go to read that data, it’ll get caught up in the same cleartext-by-default locations (caches, pagefiles, RAM, etc) that it would if it were stored on the internal drive. This is why you should apply whole-disk encryption to systems that handle sensitive data wherever possible.

On top of this, whenever the external drive is mounted, the decryption key will also land in those same areas. This is why systems handling data that does warrant encryption should never be put to sleep – only shut down or hibernated – and should have (at least) their system drives fully encrypted.

In this article, I’ve decided to focus on VeraCrypt, the TrueCrypt successor. This open source software allows to encrypt and hide files, or even an external storage device. Following the end of TrueCrypt in 2014, many alternatives have emerged on the Web. Despite promising long-term support and updates, many dev teams have dropped out a few years later. But not VeraCrypt, which is the most popular file encryption software.

Table of Contents

VeraCrypt, the ultimate TrueCrypt replacement

VeraCrypt is an open source project by Mounir Idrassi, a French developer. And it’s mainly funded by donations. However, the cryptography and security expert has managed to develop a cross-platform software. Indeed, it’s available on all major operating systems: Windows, Mac, and Linux.

And Mounir did even better: He managed to strengthen and improve the source code of TrueCrypt. Therefore, if you’re ready to switch to the latest version, you won’t be disappointed.

Why use a disk encryption software? Simply to protect your files by encrypting with powerful encryption algorithms such as AES. And you don’t need to work on a top-secret project to need to encrypt your files. Everyone (including you) should use VeraCrypt for a lot of different reasons if you:

• Need to keep your data private if someone steals your device
• Want to protect your privacy when you share your PC with friends or family
• Work with sensitive documents
• Are not fond of the NSA and other government spying agencies
• Would like to improve your overall computer hygiene

VeraCrypt: Pricing

While I always recommend avoiding free VPN, for justified reasons, it’s different with this freeware. Because you don’t share any data with their team. Furthermore, VeraCrypt has been audited by QuarksLab to confirm its reliability. Is VeraCrypt safe? Definitely yes! So enjoy the software to improve your privacy on your device.

But my point here is that you don’t have to pay anything to encrypt your files! However, if you appreciate the work of Mounir, you can support the development on his site.

Summary sheet for VeraCrypt

The encryption software VeraCrypt in details

A complete interface

While being classic, the interface is very complete. And the first time you launch the software, I’d recommend you to read the tutorial. Because if you’ve never used an encryption tool like this one, you’ll have to get used to it. Indeed, it’s not really plug and play software here. But install, set up and play. I won’t do any VeraCrypt tutorial here, but there’s all the necessary documentation on the official website. And you can create a container within minutes.

Encryption technology

To encrypt your containers, there are several algorithms available in the software. And here the main ones:

• AES: Advanced Encryption Standard, which is used in VPNs
• Camellia: A symmetric key block cipher developed by Mitsubishi Electric and NTT of Japan
• Kuznyechik: A symmetric block cipher defined in the National Standard of the Russian Federation GOST R 34.12-2015
• Serpent: A symmetric key block cipher designed by Ross Anderson, Eli Biham, and Lars Knudsen.

To ensure the encryption of containers, disks, and partitions, you can use three elements: a password, a key file and a PIM (Personal Iterations Multiplier). And you can even combine them.

Plausible deniability

VeraCrypt offers a feature to hide the encrypted volumes it generates. To keep it simple, you can place a container in another, of larger size. And it’s totally invisible unless the hacker launches a complete analysis of your drive.

Review

Free Download

Seamlessly create and conveniently encrypted partitions on your computer to safely store sensitive information using this software solution

What’s new in VeraCrypt Portable 1.25.7:

• All OSes:
• Update translations.
• Windows:
• Restore support of Windows Vista, Windows 7 and Windows 8/8.1.

Read the full changelog

While full-disk encryption is a solid first step to protecting your data, there are times when it may not be enough. If you want to avoid a lot of inconveniences, you should consider using your primary disk as a decoy while cleverly hiding your sensitive file elsewhere.

VeraCrypt Portable is an easy to use utility that enables you to create encrypted volumes that you can easily mount on your system whenever you need to manage the files you want to safe-keep in this location.

Includes a wizard that helps you create encrypted drives

As previously mentioned, the idea behind the application is to assist you create a secure, encrypted location suitable for storing sensitive information, such as financial data and reports, for instance. You will be happy to learn that the program is user-friendly and provides you with a wizard that can guide you through the process.

The utility enables you to mount and dismount the disk whenever you need to manage the data inside using your dedicated password. While the app accepts any passcode you set, it is recommended that you take the suggestion and use a secure password that includes a combination of at least 20 characters. Not only does this restrict access of unauthorized users, but it can also discourage hackers.

Provides you with multiple encryption protocol options

It is worth mentioning that the application comes with several encryption modes and allows you to combine the algorithm so that you can obtain a higher security level for your storage container. To be more precise, the utility works with Twofish, Serpent, various AES standards as well as combinations of them.

On a side note, the tool allows you to perform a test to verify the algorithm before you apply it to your data. At the same time, you should know that the application enables you to format or wipe the drive using equally efficient permanent deletion methods – 256-pass, 7-pass, Gutmann, etc. – so that the files cannot be recovered.

A handy security tool that can help you protect your data

All in all, if you are trying to keep your sensitive data safe from prying eyes, including smart keyloggers that record your keystrokes, and make sure it cannot be accessed easily, then perhaps VeraCrypt Portable could come in handy.

VeraCrypt Video Guide

• Privacy
• Security

Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.

Whether you are an individual or a business, it is essential to protect confidential data.

Sensitive data can be just about anything, as per your priorities. Starting from your personal information to a document with a confidential agreement.

But, how do you keep confidential data secure?

Are there any special security measures that you need to follow to protect sensitive data?

We shall now look at some tips to secure any sensitive or confidential data.

Things to Keep in Mind to Protect Your Sensitive Data 👈

To keep the confidential data secure, you first need to evaluate your data sharing and storage activities.

You need to start making an index of what devices you use, what you connect to (public Wi-Fi or home network), and if you are using any obsolete tech with data on it.

Next, think about what data you work with when going online or share offline via storage drives.

Once you have made yourself aware of all the data you are dealing with and how you interact, it will be easier to prioritize measures to protect them.

Ways to Secure Confidential Data 🔒

Fret not; one does not need to be a security expert in following the tips. However, we recommend you thoroughly review your options before taking any action.

Manage & Organize Confidential Data

To be able to secure the data, you need to handle it efficiently.

Organize folders/files on your smartphone or computer in a way that lets you easily find them when needed.

While it is important to hide it away, it is also important to not mix it with other junk files. You might end up accidentally sharing/deleting it.

If you have something tied with a confidential agreement from your office, do not transfer it to your personal device for easy access. Usually, the office network has a firewall in place and security measures set up for your system.

So, it is best to keep it there.

Encrypt Your Files

If you want to keep anything confidential, you need to encrypt them before moving the data anywhere else.

No matter whether you are uploading things to the cloud or transferring them to a backup storage drive. You should always make sure that the data is encrypted and cannot be accessed by anyone else.

Of course, opting for some of the best free cloud storage services should make a difference.

While you already have several security measures (and encryption) when you upload things to the cloud, it is better to encrypt them locally before uploading them to the cloud.

A tool like Cryptomator or Veracrypt can help you securely encrypt the files/folders. You can follow our guide to encrypt files to protect personal and business data.

You need to note down/memorize the master password (or decryption password) to access them in the future. If you lose it, there is no way to recover the files.

Enable Encryption on Your Devices

When you encrypt your files/folders, you get to move the data safely anywhere.

However, having encryption enabled for your device should prevent unauthorized access to anything on your device. This should come in handy if your device gets stolen or lost.

The method for activating encryption will depend on the platform you use. All you have to do is find the option and enable it.

• For Windows: Settings > Update & Security > Device encryption
• For macOS: System Preferences ->Security & Privacy -> FileVault

For Android and iOS, if you are using a password/passcode, the device is automatically encrypted.

Use a Password Manager & Enable 2FA

Whether you encrypt your files or keep them away in cloud storage, using strong password matters. A password that cannot be guessed.

You can make up your own complex password, but it may not be possible to remember them for every encrypted folder/file or online account that you access.

So, to ensure strong security, using a password manager helps. It is usually available cross-platform, and you will have to remember just one master password instead of several complex passwords.

In addition to secure passwords, you should enable Two-Factor Authentication (2FA) wherever available.

Backup Your Data

It is always recommended to have a backup of your sensitive data if you lose access to the files on your computer or accidentally delete them.

A physical storage drive should be a good solution. However, if you have confidential documents that do not take much storage, storing them on multiple USB drives can be a solution.

Furthermore, you can opt for an unencrypted backup of your data for emergency access if you lose access to the encryption key.

Not having an unencrypted backup may result in a permanent loss of your sensitive files. So, you need to evaluate your priorities and the risks involved before making an unencrypted backup.

Alternatively, if you are ready to spend, you may opt for cloud secure backup like Acronis.

Ensure Physical Security of Devices

No matter what you do, make sure that unauthorized individuals do not have access to your device.

With direct access to your device, you may be vulnerable to some form of tracking or malware, resulting in data theft or loss.

Use End-to-End Encryption

It is always risky to share/transfer files over the Internet. To ensure that your receiver gets access to the files and no one else, use end-to-end encrypted platforms as much as possible.

You can share an encrypted copy of your file through an unencrypted medium like email. However, to share a password for that file, you should opt for apps like Signal messenger or rely on features like Bitwarden Send.

Some of the best secure file-sharing services should help you get the job done.

Use a VPN When On Public Wi-Fi

If you are working remotely and connected to a public Wi-Fi network, there are chances of an attacker snooping on your activity.

So, to encrypt your network connection and make sure no one else taps your network activity, it is best to use one of the best VPNs available.

Keep Your Operating System Up-to-Date

Running an outdated operating system can compromise your data, no matter what else you have in place.

Whether it is a phone or a computer, make sure that you regularly update it to the latest software available for the device.

And, if you own a device that does not receive any software updates, you should not store anything confidential in it.

Your Data is Precious. Take Good Care of it. 👩‍💻

While securing data is important, it can prove to be quite inconvenient for some users. So, it is best to focus on the data you want to avoid sharing with the public or a stranger.

It can be overwhelming to manage passwords, organize folders, memorize the master password, and follow the best security practices. But, it is all worth it!