Saturday, December 22, 2007

Secure your Disk

Computer security, including the security of hard disks, is crucial for protecting sensitive data and ensuring the integrity and confidentiality of information stored on computers. It is of utmost importance to safeguard your data and privacy.

Software, computer and network security are all ongoing battles between attacker and defender. Her Majesty's Revenue & Customs in the United Kingdom lost two disks with personal data on 25million British citizens, including dates of birth, addresses, bank-account information and national insurance numbers. A similar event occurred with The U.S. Veteran's Administration with the loss of 26 million personal data of American veterans.

When using an external hard drive or SSD, consider opting for one that offers strong encryption. These drives allow you to encrypt selected files and store them securely. Some hard drives are self-encrypted at the hardware level. 

Cryptography can solve the security of data when it's not in use. Encrypting files, archives and even entire disks. The defender has an inherent mathematical advantage: 
Longer keys increase the amount of work the defender has to do linearly, while geometrically increasing the amount of work the attacker has to do. Unfortunately, cryptography can't solve all computer-security problems.

The reason you should encrypt your entire disk, and not just key files, is so you don't have to worry about swap files, temp files, hibernation files, erased files or browser cookies. You don't need to enforce a complex policy about which files are important enough to be encrypted. And you have a quick answer to regulators and the press if the computer is stolen: "no problem; the laptop is encrypted."

Encrypt everything you don't need access to regularly, archived documents and old e-mails.
You should also encrypt external disks, which means you can secure USB memory device when travelling.

Properly disposing of old hard disks and securely wiping data before decommissioning or repurposing them helps prevent unauthorized access to sensitive information that may still be stored on the disks.

Implementing monitoring and auditing mechanisms allows organizations to track and analyze activities related to the hard disk, detect suspicious behavior, and investigate security incidents.

Although, you are not secure against the authorities telling you to decrypt your data for them.
You can try to convince the authorities that you don't have the encryption key. 

You're also not secure against someone at your unattended computer, a Trojan infected computer or 
someone snatching your laptop while at the local coffee shop. 
 
Computer security is hard; The best defense against data loss is to not have the data in the first place or to minimize the amount of data on your laptop.

Educating users about best practices for computer security, including safe browsing habits, password management, and recognizing phishing attempts, helps mitigate human-related security risks that could compromise the security of the hard disk.

I wish You Great Success.

No comments: