Tuesday, August 4, 2009

Securing your Data: Keep what you have from prying eyes

Now that you have your PC clean and secure and locked up from the outside, there are still a few other things to consider. One thing is who might have physical access to it. I will tell you that there are some ideas out there that are just false, and really are not secure practices.

One example of this is using passwords on your windows accounts. Give me about 30 minutes with your computer and I will have whatever passwords you have on it including the administrator password, after I am through you wont even know I did anything to it. The trouble with it is that about any teenager with a bit of curiosity can do this, and so can the crooks.

A step up from this is using a BIOS password, yes it is a bit stronger than just using windows passwords, but again, 30 minutes and I am in. It only provides protection from non tech savvy people.

You can take the hard drive out of your computer and lock it up, but if I get it in my hands I can hook it up to another computer and read anything that is on it. I am not trying to brag, I'm not a hacker or anything like that, I just read, and have a bit of curiosity. Anyone can do these things I've mentioned, all it takes is Google and some time to read and learn, but all is not lost...

The only way I have found to keep what is on your hard drive private is to encrypt the entire drive. I use PGP Whole Disk Encryption for this, but there are some other free open source alternatives. It needs to be noted though that you have to use strong encryption. By doing this it doesn't matter who has access to the hard drive or what they do to it, the data is unreadable and useless to everyone but the person who has the password.