Click Here!
Evrsoft.com
Article Sections: | Internet Marketing | Web Design | Web Development | Business | Internet and Businesses Online | Self Improvement |  
>> Home > Web Development > Computers & Internet

It’s Time to Sing the Encryption Song – Again

By Michael Ameye
Posted Thursday, November 25, 2004

This article talks about data encryption and why it's important to anyone using a computer. Yes, I'm wearing my encryption hat again. Why you may ask? Well I just finished reading about the newest security hole in Microsoft's latest server product. Then couple that with all the recent hacker activity, new reports from the GAO (that's the Government Accounting Office) that the government can't protect it's own computers and data much less the data WE send them, reports that computer theft is on the rise and news that the FBI is now developing a new computer "worm" (read virus) to spy on citizens, I decided to sing the encryption song again. This time I'll sing a verse about personal data encryption.

So what do I mean by personal data encryption? I mean ANY data on ANY storage medium that relates to you, your family or your business needs to be encrypted. Encryption is the process of scrambling electronic data in such a way that it's unreadable to all but the owner.

For the purposes of this article I'll cover two different ways to encrypt data and the pros and cons of both.

The first way is file encryption. This is the process by which someone identifies what data they want to protect on a file by file basis and then encodes each file using some kind of software encryption tool.

What are the pros of this style of encryption? First, each file can be assigned its own "encryption key". Then, even if one file gets "cracked" open, all the other files will still be safe. Next, only those files you identify and select will be encrypted. This allows for "gnat's behind" level of detail that some folks just are not comfortable without.

What are the cons of file level encryption? Well, at this level of detail, tracking of all the different encryption keys and file locations would be an administrative nightmare! So, unless you have days to spend identifying files and encrypting them or if you are really, really into details file level encryption just isn't practical for most people.

The second way to protect personal data is drive encryption. Unlike file encryption, drive level encryption allows a user to create a reserved area on the hard drive called a container. Once created, this container can be "mounted" or set to act like another fully functional hard drive on a computer. It will appear in the file manager just like any other drive.

What are the pros for drive encryption? This space can be "mounted" using a single encryption key and the key only needs to be entered once. After it's mounted, this virtual drive can contain any data and / or program, just like any regular drive. But when it's dismounted, the virtual drive is no longer visible and the container looks like any other file, the contents of which are completely inaccessible without the encryption key.

What's the down side to drive encryption? If you forget your key, all the data and / or program information in the container is lost. Also, all the information is only protected by a single key. So if your key is compromised, all your information is available to prying eyes.

What's my recommendation? Drive encryption. Drive encryption is far more efficient than file encryption especially if you need to access your data frequently. Drive encryption also allows for the complete encryption of programs, something virtually impossible to do with file level encryption. (Well not impossible but certainly problematic and time consuming!) And by creating an encryption key of sufficient size and complexity, the single key issue becomes almost moot.

One site I visited recently stated that it would take one million computers performing one million operations per second approximately 11 trillion years to crack a 128 bit encryption key! So, by using an encryption key of about 24 random characters, a hacker would need multiple life times to crack open your files.

There are several programs available online for both file and drive encryption. All these programs differ in functionality, price, encryption algorithms and interfaces. The best way to proceed is to do a search from your favorite search engine on encryption tools and read about the options available.

Don?t wait! The day will come when your system gets compromised by some hacker or thief or FBI agent and then you'll wish you had protected your data.

Privacy is your right! Exercise it!

About the Author
Michael Ameye has been developing web sites since 1995. He started writing about online privacy issues to answer questions from family friends and co-workers. Visit (http://www.canyourspam.com) to see his latest work or sign up for PSS Online - a privacy, safety, and security ezine.

 






Click Here!


 

.

  Articles are submitted to EDN and licensed from various content sites.
  To report abuse, copyright issues, article removals, please contact [violations (at@) evrsoft.com]

  Copyright © Evrsoft Developer Network. Privacy policy - Link to Us

Contact Evrsoft