Establishing Digital Trust: Don't Sacrifice Security for Convenience
One solution is to encrypt the sensitive files. But this can be asking too much, technically, for the computer user, many of whom are not techies. Then too, there's human error: someone can just forget to encrypt a sensitive file.
The ultimate in protection is often thought to be whole disk encryption (a.ka. full disk encryption).
Someone I know, who works for a large company, was recently assigned to encrypt their laptop hard disk with a software-based whole disk encryption product. The software runs very early in the startup process and encrypts/decrypts everything on the hard disk.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i There is no possibility of forgetting to encrypt a file and no burden on the computer user to do anything differently while using the computer. If the computer is lost or stolen all the files are encrypted.
What's not to like about whole disk encryption?
Surprisingly, a lot.
The Downside To Whole Disk Encryption
For one thing, you've placed all your eggs in a single basket. Any problem with the whole disk encryption software renders the entire computer useless.
The person I mentioned earlier almost had this happen to them. During the boot process one day, the screen froze, displaying the message "boot guard loading."
Fortunately, in this case simply turning the computer off and back on again got it going. But if the problem hadn't gone away on its own, the cost to the company and the employee would have been huge.
When you chose a whole disk encryption application, you're making a big bet on the competence and timeliness of the tech support from the vendor. Not to mention the ongoing cost of tech support.
In the worst case, the only fallback position would be to restore the hard disk using a prior image backup. How many people or companies do you know that regularly make image backups?
Hard drives also fail, typically a sector at a time. Most sectors on a hard drive can go bad without a fatal impact. The exception is the MBR and probably some internal to the file system. Being dependent on a software application to boot up your computer just adds more sectors to the list that can't fail.
Even if the whole disk encryption software works perfectly, if it's stored on a hard drive sector that goes bad, the computer is useless until the hard disk is replaced.
While the protection offered by whole drive encryption is widespread in terms of files, it is, at the same time, limited to when the computer is turned off (or possibly hibernating). If someone swipes a laptop while it's sleeping, they can access the sensitive files.
Thus, anyone who works in an office gets no protection during the workday when they step away from their computer.
One whole disk encryption product that I looked into does protect the computer when it's hibernating. But even here, we're back to depending on the computer user to place the machine in hibernation every time they step away from their desk.
Is that realistic? I'm not sure if other whole disk encryption products offer protection during hibernation.
Another problem with whole disk encryption comes up when a computer needs to be worked on by a tech support person. If the repair person is given the password, they have access to all the sensitive files. Not good.
I recently wrote a trio of articles here about scanning for viruses and other assorted malicious software (malware) from outside the infected operating system. It's a great approach and one that's all too necessary.
It's also impossible on an encrypted hard drive.
Whole disk encryption also complicates disk imaging. For example, I'm a big believer in segmenting my operating system and applications in one partition and my data files in another partition. I make image backups of the OS partition and file oriented backups of the data partition.
But, this may not a viable approach on an encrypted hard drive. Getting a straight answer on this from the vendor of either the imaging program or the whole disk encryption program is likely to be difficult. And, there may be multiple answers because some imaging backup programs run from inside the operating system while others run from a bootable CD.
Upside to External Hard Drives for Security
Consider storing sensitive files on an external hard drive. Not just any drive of course, but one like Lenovo's ThinkPad USB Secure Hard Drive which uses hardware based whole disk encryption.
As with the software-based whole disk encryption, every byte on the hard drive is encrypted. But with Lenovo's drive, security exists totally in the device.
In other words, it could care less about the hardware or software on your computer. This is a huge advantage. The drive can be used with a Mac at home and a Windows machine at the office.
Upgrading to Windows 7? No problem. All the potential crippling software problems described earlier are gone.
Our eggs are now stored in two baskets.
To recap how the ThinkPad USB Secure Hard Drive works, when you connect the drive to the computer, the drive detects the connection and then waits for the entry of a valid password (really a pass number).
Passwords can range from six to sixteen digits and are entered directly on the device using buttons on its top. When a valid password is entered (the drive supports 10 different passwords) the computer is finally made aware of the presence of the drive and has access to all the files on the drive.
Like software-based whole disk encryption on the computer, this approach only protects data at rest. That is, after you get access to the files, there is no more protection.
But the advantage of an external hard disk is that it's much easier to lock everything up when you step away from your desk for a minute - just pull the USB plug. This simple act leaves no sensitive files exposed for anyone in the area to peek at while you're in the bathroom.
Good for Laptops
Laptops are always going to be lost or stolen. By keeping sensitive files on an external hard drive, they don't go with the computer. Because the hard drive is so small, it can go with you many places that a laptop computer can't, thus, it's less likely to be lost or stolen in the first place.
In an airport, for example, the hard drive can stay in your carry-on bag, it doesn't have to be separated out.
Storing sensitive files on an external hard drive makes tech support a breeze rather than a problem. You can give your computer over to a techie safe in the knowledge that it harbors no sensitive files.
Since everything is external to your computer, there is no impact on disk imaging.
The worst case scenario is much better here too. If the drive breaks or crashes, you lose access to the sensitive files. But your main computer is not impacted in any way, shape or form. (No matter what approach is taken, all files need to be backed up, so that's a wash in terms of the different approaches)
There may a psychological aspect too.
Spending $150 or more by a company for an encrypted storage device sends a message to the employees that they are dealing with sensitive files. The encrypted hard drive may serve as a constant reminder that some files are for their eyes only and to always be aware which are sensitive and which arent.
This is not to be taken as an endorsement of the ThinkPad USB Secure Hard Drive, I haven't actually used one. Rather, it's an endorsement of the concept of an external hard drive that does its own hardware encryption, independent of the computer. There may be other such devices, I don't know.
Personally, I use TrueCrypt for my sensitive files. But, I don't mind mounting and unmounting encrypted volumes.
Also, I don't use a Mac, only dabble with Linux and always log-on to Windows as an Administrator class user. Not everyone fits this profile.