Last March I wrote about locking your computer so people don’t steal your data. In the post there’s a great video about one way to do that. It’s a bit severe, but funny.
A lot of us don’t take the time to lock our computers, because we forget or maybe we don’t think anyone will try to steal anything. That’s a false hope, because there are too many people who will steal a laptop, phone or tablet computer, whether they want the data or not.
If you aren’t good about locking your computer, you should lock your files. There are simple ways, like putting a password on a Microsoft Word document or a PDF. Password protecting a file will stop the casual person from getting your data, but it won’t stop anyone with a little sophistication or a criminal. There are too many file cracking tools on the internet to break into password protected files. Most of them are billed as password recovery tools, since this is a legitimate action for people to take.
Another approach is to use disk encryption tools on your computer. Microsoft Windows has EFS and BitLocker, depending on which version of Windows you have. Mac OS X has FileVault and Disk Utility to encrypt files. There are numerous free and paid full disk encryption (FDE) tools out there for Windows, Mac and Linux that do a good job of protecting your data if someone steals your computer.
The problem with FDE is that it doesn’t protect files when they are off your computer. If your intent is to protect your files while stored somewhere locally or in the cloud, this is fine. If you try to read them from the cloud on any other computer, you can’t do it. The FDE is tied to the computer you used to encrypt the files. If you want to use them on another device or actually use them online, you are out of luck.
If you want to encrypt your files and have the ability to use them on multiple systems, then you need to use a persistent security policy that moves with the files. Rather than relying on the computer used to encrypt them, you can rely on enterprise digital rights management (EDRM), an independent system that’s tied into your directory service, like Microsoft Active Directory or LDAP. The system encrypts your files and lets you control who can access the information inside them. That’s actually better than FDE, since you can give some people limited access to your files and still protect them.
This is really important as more of us use cloud computing. If you use Onehub, DropBox or another file sharing service, you want to share your files with numerous people. You also want to sync files between different devices. By applying a persistent security policy to your files, you can access them anywhere and still protect them. You can even give someone, including yourself, the right to use them offline, while retaining their protection. Nice feature to have if you need to work on something during a long plane ride.
However you choose to do it, make sure you lock your confidential files. At a minimum, use your operating system’s built-in encryption tools. Use EDRM for file level protection. If you don’t, I can guarantee you that someone will steal your data.
Photo credit jimmiehomeschoolmom