How to Ensure Your Data is Secure and Avoid the Loopholes of Encryption

How to Ensure Your Data is Secure and Avoid the Loopholes of Encryption
With all of the recent news about the accidental disclosure of confidential information, many savvy computer users have begun encrypting their data to prevent unwanted users from gaining access to their data. And if they are Windows Vista or Windows XP users, they are probably taking advantage of the built in encryption capabilities of those operating systems known as Encrypting File System. EFS provides seamless encryption of data files that are stored on computer disks using the file system known as NTFS. Although Microsoft made EFS so simple to use, it can lead to a false sense of security. If you are using or intend to use EFS to protect the contents of your files, you will need to take a few steps to close a few loopholes.

How to Use EPS

EFS protects the contents of files from prying eyes even if the computer or disk drive is stolen. And using EFS is very simple. To encrypt a file, you will need to right click on it in Explorer or My Computer and select Properties. When the Properties box appears, click on the Advanced button in the Attributes section near the bottom and when the Advanced Attributes box appears, select the Encrypt contents to secure data option.

Automatic Decryption of a File

Once a file is encrypted, the operating system will automatically decrypt it whenever it is opened by the user who encrypted it. There is no need to do anything special, Windows detects that it is encrypted and decrypts it. But this feature points to the first loophole in EFS. Anyone who knows your username and password can access all of your files, encrypted or not. So if your user account doesn’t have a password or it is one that can be easily guessed, encryption is not going to be effective.

The automatic decryption of a file leads to another loophole. When you load the document into your application such as a word processor or spreadsheet, the application is now dealing with the unencrypted form of the information. If that application keeps a backup or temporary copy of the data on the disk while it is working as many of Microsoft’s applications do (and Microsoft is not alone), the data on the disk is probably not protected. Even though the temporary file gets deleted when the document is closed, it is still possible to “undelete” the file using easily available utilities. To close this loophole, consider encrypting the entire folder your files are in. This way, when the temporary copy is created, it will be automatically encrypted as well. The way to encrypt a folder is the same as for a file.

Finally, consider that anytime a copy of the encrypted file is made, the system automatically decrypts the file as it is read from the disk before copying it to its destination. This means that if you are copying it to a destination somewhere else on your network, the data is traveling unsecured. Anyone who can monitor the network can see the data in its unencrypted form. Unless you are encrypting your network communications with a Virtual Private Network or equivalent, the data is in unencrypted form for all to see.

Don Orifice

Don has been providing IT management, consulting, services, and training for the past 30 years. He is a Microsoft Certified Trainer, and holds numerous other certifications including CISSP, CCP, CCNA, MCSA, etc. He is currently employed at New Horizons Computer Learning Center in Waltham Massachusetts. Don has designed, implemented and managed local and wide area networks and performed system deployments and upgrades as well as server virtualizations. He has managed the creation and implementation of several web based applications and services. Don has also created and implemented security and disaster recovery policies and procedures.

New Horizons Learning Centers of Boston

New Horizons Computer Learning Centers of Boston provides learning solutions that help organizations achieve business results, such as increasing productivity and efficiencies, driving revenue, and reducing costs. New Horizons provides customer-focused training choices in multiple formats and delivery methods, offering organizations and individuals top-quality training that can be tailored to meet individual learning styles and specific needs.

Whether you are in search of a solution for the complex training needs of a large, multi-location business, or you are an individual seeking the skills to excel in a new or blossoming career path, New Horizons is your integrated learning solution.

New Horizons of Boston offers Desktop Applications Training, Technical Training, Certification Programs, Business Productivity Solutions, Professional Services and Enterprise Learning Solutions.