A Simple Way for Everyone to Encrypt Their Data

There has been a lot of talk, particularly recently, about private data falling into the wrong hands. If you’re concerned about people who shouldn’t be able to see your data suddenly gaining access to it (and you should be), then I recommend you start using a free, open-source tool called TrueCrypt.

TrueCrypt is a simple tool to use, but it is also extremely powerful and flexible.  I use it to provide a secure container for my sensitive documents. I put my tax returns and other legal documents, for example, in a TrueCrypt container. That way, even if somebody steals my laptop or secretly gains access to it over a network, they won’t be able to find the files in the container, let alone read them.

How does TrueCrypt protect your data? One of the most popular ways to configure TrueCrypt on a computer is to set it up as a single file, which is called a “volume”. The volume is the container for your data. For example, on my machine, I called the volume “myvolume”. In setting up the volume, I specified a password that will give me access to its contents. If I forget that password, I won’t be able to access the contents of myvolume anymore, as nobody else has a copy of it.

Once you create the volume, you use TrueCrypt’s set up tool to trick your computer into treating it as another hard drive. For example, on my machine, I “mounted” the file (geek speak for “turned into an accessible hard drive”) as drive M:. You have to type in your password you entered when you created the TrueCrypt volume (which, in my case, was myvolume) to complete this step. If you type the wrong password, you won’t be able to mount the volume, and so you won’t be able to access your files.

truecrypt1

Once you’ve “disk-ified” (i.e. mounted) the TruCrypt volume, you can access it just like you would any other hard drive. For example, in Windows Explorer, I now see M: as one of two “hard drives” on my machine, and I can add files of any kind to it. Anything that I add to that “hard drive” will be automatically encrypted using industry-standard encryption when I save it, and anything that I need to read from the “hard drive” will likewise be automatically decrypted so that I can read it.

truecrypt2

I’m also a heavy user of cloud-based storage solutions such as Dropbox. Dropbox is a great way to make your documents available on all your devices, including your laptop, desktop, tablet, and smartphone. I haven’t had to worry about backing up my data since I started using Dropbox several years ago. The problem with Dropbox, however, is that it provides no built-in encryption for your data. So, your files are synced with Dropbox’s servers in plain text, and they are stored on Dropbox’s servers in plaintext, too. Truecrypt provides a great solution for this problem too. You’ll notice that, when I created myvolume above, I saved it to my Dropbox folder. Dropbox will sync this file with its servers in the same way it syncs every other file: by making a copy of it. But this file is readable only within TrueCrypt and only by someone who knows the password. So, you have a cloud-based backup of your encrypted volume, and only you can read it. That’s pretty cool.

We’ve lost a lot of privacy in this digital age. Great tools like TrueCrypt can help you gain some of it back.

 

Ray Klump

About Ray Klump

Professor and chair of Mathematics and Computer Science Director, Master of Science in Information Security Lewis University http://online.lewisu.edu/ms-information-security.asp, http://online.lewisu.edu/resource/engineering-technology/articles.asp, http://cs.lewisu.edu. You can find him on Google+.

Leave a Reply

Your email address will not be published. Required fields are marked *