mguhlin

Download a la Mode Series – Protecting Your Privacy

Protecting Your Privacy

In this section of Download a la Mode, the following questions are addressed:

  • How do I protect the privacy of confidential documents and emails?
  • How do you monitor outgoing Internet connections to prevent unauthorized Web access?

———————————————————————————————————————————————————————————————————————————————————————————————————————————————–
download_ala_mode_logo_thumbnail.jpg
According to the FBI, ninety-seven percent of stolen computers are NEVER recovered. That means your data could be out there forever, waiting like a time-bomb to explode until someone discovers it and then uses it. As we become more mobile, there is no doubt that laptops will be stolen. The question is, “Do you know how to protect the data on your laptop or desktop in such a way that thieves can’t get in?”

Since it’s important to know what to protect, I encrypt all critical files on my laptop. Any of the following items is considered “critical” from my perspective:

  1. Name, address and birth date. This information can be used in combination with other data to impersonate you.
  2. Documents with social security numbers in them.
  3. Documents with credit card numbers, bank account information, etc.
  4. Any information that might be considered confidential. This can be your spouse or child’s medical information, house insurance, etc.

WHAT DO I DO AFTER I’VE IDENTIFIED CRITICAL DATA?

Once you have identified confidential data, realize that you should separate it from other data on your hard drive. When you do this, you make it easier to protect. Once you have encrypted the data, you can easily move it from one place to another. I often do this with my email. Since I use Mozilla Thunderbird email client—on Windows, Mac, and Linux—I follow these steps to ensure my data is protected:

  1. Move all confidential data files into a common folder.
  2. Use zip compression option (available via the right-mouse click on Windows, Mac and Linux) to create ONE, compressed file with your data.
  3. Encrypt that zipped file with the option to wipe the original zip file.
  4. Make a backup of the compressed,encrypted file to external USB drive (e.g. 120gig or PenDrive, etc.). Include a copy of the program you did the encryption with. There are several encryption programs available for your use.

a) How do I protect the privacy of confidential documents?
For Windows, use GPG for Windows (http://www.gpg4win.org/).I have used this program over the last 2 years and have been very pleased with its relative ease of use. The main benefit of GPG4Win—aside from the fact that it is free—is that once setup, it is incredibly easy to use to encrypt/decrypt files. Aside from being able to encrypt zip files—or any other file you have, whether zipped or not—is that you can also encrypt the contents of your clipboard. This is helpful when sending confidential information via email to others.

It is also nice to have the equivalent of a digital paper shredder, some prefer to use the right-clickable Eraser. Use Eraser to wipe the hard drive free space or to wipe individual files. This is especially important if the drive is being discarded or auctioned off since old confidential data may remain. If you do not wipe your computer using programs like WinPT or Eraser, others can use Free Undelete tools or PC Inspector File Recovery to resurrect your deleted data.

Another complementary tool that you might consider using is TrueCrypt, a free, open-source disk encryption tool for Windows XP/2000/2003. Often, we have to wipe free space on a computer because data remains even after we have deleted it (e.g. emptying the Recycle Bin). The data can remain on the disk unless it is wiped. A safer approach to wiping is to prevent the data from ever being written to hard disk in unencrypted format.

Instead, use a program like TrueCrypt to create a virtual encrypted disk. Your data is saved “inside” this encrypted disk and never touches the unencrypted hard drive. No footprints are left on the hard drive of the original data. While this may seem complicated, it is as easy inserting a USB Flash drive (or memory stick) and having the icon appear in your MY COMPUTER area. TrueCrypt can also encrypt an entire hard disk partition or a device (such as USB Flash drives, 3.5″ inch diskettes, etc).

Mac encryption tools are included below but the best solution is to use TrueCrypt there as well, since Mac tools are a bit clunky (although effective).

If you deal with confidential data on a regular basis, you might consider using a “Boot-n-Nuke” software program to complete wipe your hard drive. This is especially useful when discarding of older computers. In this case, you may have an administrator computer that has housed documents containing sensitive data. Or, it may be one of your own computers. Either way, you need to wipe the hard drive completely.

The ultimate solution for erasing or wiping a hard drive may be a program known as Darik’s Boot-n-Nuke to ensure all previous data was erased from the hard drive. According to their web site, Darik’s Boot-n-Nuke works for both Macintosh and Windows computers. It is a self-contained CD that securely “wipes the hard disks” and will do so “automatically.” To get the boot CD, you will need to download an ISO file and create a CD from it. Not sure how to do this? Use the free BurnCDCC to make a CD from the ISO file. (Find BurnCDCC at ://www.terabyteunlimited.com/utilities.html).

Here are the software tools you can use:

  1. Windows Only
  2. Mac Only
  3. Mac and Windows
    1. TrueCrypt- http://www.truecrypt.org/

Protecting your privacy is critical. Using GPG, Eraser and/or TrueCrypt are only the first step. Everything you do leaves traces of information on your computer that others can access.

In addition to protecting your email privacy, you may also want to consider the following free, Windows utilities available from JavaCool Software, the same folks that made SpywareBlaster.

  1. MRU Blaster: Protect your privacy – find and remove over 30,000 most recently used lists and other stores of hidden information. Get it online at http://www.javacoolsoftware.com/mrublaster.html
  2. ID-Blaster: Destroy tracking tactics by randomizing GUID/Unique ID numbers found on your computer. Only works on pre-Windows Vista computers, like Windows XP. Get it online at http://www.javacoolsoftware.com/idblaster.html
  3. DocScrubber: Removes critical information that you might be inadvertently revealing through your Microsoft Word documents. Get it online at http://www.javacoolsoftware.com/docscrubber.html

———————————————————————————————————————————————————————————————————————————————————————————————————————————————–
Copyright Notice: Content appearing on this page was originally published by TCEA TechEdge magazine by Miguel Guhlin sharing his work under Creative Commons Copyright (ShareAlike-Attribution-NonCommercial).

Subscribe to Around the Corner-MGuhlin.org

Everything posted on Miguel Guhlin’s blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

Discover more from Another Think Coming

Subscribe to get the latest posts sent to your email.

Leave a comment