Jump to content
Sign in to follow this  
bhvm

Am I doing this right? (about data security)

Recommended Posts

Hello all,

Sorry if it has been discussed before.. I used search but could'nt find exactly what i wanted.

 

 

I work as an accountant and deal with sensitive files all day.

My natural choice is to encrypt them.

So i use 7 Zip to create an encrypted archive with AES 256.

 

Some of the articles i read made me give this a second thought.....

 

1>How secure is 7 Zip encryption anyways? Are there any Backdoors etc for some hacker/Security agency to exploit?

 

2>Most of such softwares use a sort of TEMP folder for working....(7Zip uses too) Which means plain text copies of my work can be found here.

 

3>The data could also be found in pagefile, Prefetch, LOG or some other forms of virtual memory that is outside mine or Encryption program's authority.

 

What could be the solution?.

 

4>7 Zip creates a .TMP file in the current folder, then deletes it on completion of task. Can this .TMP be recovered and Files discovered?

 

5> Where Should i wipe other 'traces' of my data...locations which i don';t know about...?///

 

My data mostly consists of TXT, DOC, PDF, JPG etc...

Share this post


Link to post
Share on other sites

I think the best way is to make sure you clear any and all temp areas you know of. and for added security I would say check with 7zip if they have forums and see what all temp files they make and if they are deleted on completion of the file. also you should password protect the zip files and make it a really hard password with numbers and caps in it as well. there are many things that you can do to protect data you just have to be careful with it.

Share this post


Link to post
Share on other sites

I think a more secure option for you would be to use an Encryption program like PGP or Truecrypt. Truecrypt is open source software and the best there is without paying a lot of money.

 

This is what I do - all my sensitive data is stored in an encrypted container (4GB) which sits on my desktop. When I need to use this data, the container is mounted as a Virtual Drive and you have access to the information as if it were a normal drive. When you 'unmount' the drive, all the data is secure and there are no temp files left behind (as far as I am aware). You can also create a hidden volume inside a Truecrypt volume, which is very difficult for anyone to find or even know about. The volume will unmount on power down too and no traces are left behind.

 

For routine maintenance I wipe the free space on my hard drives using Eraser (also open source). If you have a reasonably good machine with plenty of RAM, you can do without a pagefile these days too, so just turn it off. If you are happy to do so, it is also a good idea to turn off System Restore as people with knowledge can recover data from the hidden 'System Volume Information' folder, which stores the restore points. But doing this can leave you vulnerable if you are not good at problem solving, when something goes wrong. An alternative is to use a good backup solution like Acronis True Image, then you have no need for system restore, as long as you maintain a good backup procedure.

 

I do all of the above and have secure data, together with a very quick disaster recovery procedure. As most of my time spent on a computer is at work, I need to quickly be back up and running when things go wrong, which they often do, due to the nature of my work.

 

http://www.truecrypt.org

 

http://eraser.heidi.ie

 

http://www.acronis.com

 

Hope this helps? :)

Edited by Great_Gig

Share this post


Link to post
Share on other sites

Gig, You really deserve that 'great' prefix...

 

I' went through all of the truecrypt manuals online (over 50 pages i think); and that too, thoroughly.

I feel truecrypt is really the best.

 

But there is a catch...and a BIG one that.

As per the nature of my job(freelance) ... I need to move around a lot (and so my laptop and data on it).

That Includes through Airports, Security cabins etc..

 

and ya' know.. those cheap security chaps are notoriously instructed to 'Check' your laptops and everything with it.

And any signs of encryption software (Eg. Truecrypt) or some encrypted archive is

 

<<<<<<<< RED ALERT!!!>>>>>>>>>> for them.

 

 

Get my point?

 

7Zip passes on as 'not so interesting' software and i can avoid the embarrassment of explaining and showing my Encrypted files..

 

 

Any more ideas gig?

Share this post


Link to post
Share on other sites

And few things more gig,

 

1> system restore is turned off

 

2> How to disable Paging? (I did it from System>advanced>Performance....> NO paging file) That enough? But I still see windows use some Virtual memory (in everest ultimate edition)

 

3>What other temp/Page locations are you aware of?

 

4>I am using CCleaner to remove temp, MFT, Freespace files with US DoD 3 pass overwrite once a week. Any way i can scamble timestamps of the Dummy files it uses to Clean freespace?

 

5> Defrag and Scandisk comes in every fortnight.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...