Encrypt Your Hard Drive
Protecting data stored on hard drives from prying eyes can take many forms. Encryption, the scrambling of data so that only someone who provides the proper key can read it, is a formidable defense against intruders. Here are the pros and cons of encrypting your hard drive... |
Should You Encrypt Your Hard Drive?
It's true that encryption will make the data on your hard drive a lot more secure. But encryption takes a toll on system performance, so you have to strike a balance between security and usability.
Laptop and removable drives are most vulnerable to theft, and therefore are prime candidates for encryption. USB thumb drives are particularly prone to loss, and can be encrypted just like any other drive. Desktop computers are less exposed to theft. Desktops in homes are probably least in need of encryption protection. Of course, only you know what data is stored on your home computer and what might happen if it gets into the wrong hands.
Hard drive encryption software encrypts data on the fly. That is, data is encrypted as it is written to disk and decrypted as it is read from disk. The CPU cycles required to encrypt and decrypt data are system overhead that detracts from other operations. To minimize this performance hit, you should encrypt only data that needs protection.
Application software, the operating system, and user settings seldom need to be encrypted. It's the data generated by applications that is most sensitive. So it is best to partition your hard drive into two or more logical drives, one for sensitive data and the other for non-sensitive data. Encrypt only the drive (partition) that will store sensitive data. Of course, you must make sure that your application software saves and reads data only from the encrypted drive.
Free Encryption Software
BitLocker Drive Encryption is an encryption utility built into the Ultimate and Enterprise editions of Microsoft Windows 7 and Vista, as well as Windows Server 2008. By default, BitLocker uses 128-bit AES encryption. BitLocker encrypts logical drives, which may span more than one physical drive. It's a free tool that does a good job of protecting data.
TrueCrypt is a free, open source encryption utility. It creates a virtual encrypted disk and mounts it as a new drive letter, allowing you to use the virtual disk as if it was a real drive. TrueCrypt works over networks and can encrypt removable media as well as hard drives. Performance is maximized by TrueCrypt's use of "parallelization and pipelining" so that read/write operations happen almost as fast as they would on unencrypted media.
Modern Intel processors support hardware-accelerated AES encryption, which can be 4 to 8 times faster than software-only encryption schemes. BitLocker and TrueCrypt can take advantage of hardware acceleration if the processor supports it.
Individual files can be encrypted using the Encrypting File System (EFS) service built into professional editions of Microsoft Windows. One of the benefits of EFS encryption is that only users who know the decryption key can access EFS-protected data. Under BitLocker, anyone with administrator rights can decrypt BitLocker-potected data.
Personally, I believe that encryption is overkill for most users. It's a security measure that should be reserved only for the most vulnerable data and disk drives. If you travel with a laptop, or you deal with confidential client files, encryption might make sense for you.
Do you encrypt your hard drive? Post a comment or question below...
|
|
Share this article with friends! |
|
Posted by Bob Rankin on 11 Mar 2011
| Need More Help? Try the AskBobRankin Updates Newsletter. It's Free! |
 |
Prev Article: Make Your Laptop Faster |
The Top Twenty |
Next Article: Blue Screen of Death on Windows 7 |
 |
|
Link to this article from your site or blog. Just copy and paste from this box: |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter |
||
|
Copyright © 2005
- Bob Rankin - All Rights Reserved
Privacy Policy -- See my profile on Google. |
||
Article information: AskBobRankin -- Encrypt Your Hard Drive (Posted: 11 Mar 2011)
Source: http://askbobrankin.com/encrypt_your_hard_drive.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Free
Most recent comments on "Encrypt Your Hard Drive"
Posted by:
Acero
12 Mar 2011
I use TRueCrypt and FreeHideFolder to conceal my sensitive data: Truecrypt to encrypt a whole external hard drive and FHF to hide a folder in my internal data drive (D:). Both work wonderful for me and the best thing is ... they're free!
Posted by:
rocks pick 2
12 Mar 2011
Anyone with administrative rights can decrypt BitLocker-potected data? I have tried Bitlocker in Windows 7 Ultimate 64-bit. It produces a key and you need to provide that key to access the BitLocker-protected drive.
Posted by:
Tom S.
12 Mar 2011
First of all put any & all sensitive information on an encrypted SSD (with a secure p/w - numbers, characters & letters) instead of leaving it on your computer & then store it some place where only you know where it is. Secondly, run 'Drive Wipe' (NSA 7 passes) under the Tools heading of CClean 3.01.1327 program to erase the data off of your hard drive. I know its a pain, but then only you will be able to access the data. Works for me ...
Posted by:
Mike
12 Mar 2011
I've been using PGP for individual file encryption for years, but recently started using True Crypt. It's very useful for encrypting email- something I've found impossible or very hard to do otherwise. True Crypt also keeps back-ups on a usb flash drive secure, as well as any sensitive information on my laptops. It's easy to use, and works well.
Posted by:
Igor
16 Mar 2011
Encryption is a definite MUST for me. Besides, I always SHRED the files I delete; and prefer placing my (encoded) personal files on a removable disk which is reformatted every 2-3 months (the relevant data having been transferred to something more permanent, also as encrypted blocks). Why, you might ask? --- I live in Russia, that's why.