my row in your table

17Oct/10Off

Setting up encrypted My Documents with TrueCrypt.

think: business data security.

There are several good howtos, but I will put another one for my friends an neighbors.

Why?

I worked for two unrelated companies in Poland, and both of them suffered from laptop theft and confidential data loss. Both times it was a theft during normal working hours. In first case CEO's laptop, in second case two laptops of high managers. (disclaimer: both incidents happened quite long time ago, and I'm not making the news, and I don't have any more details)

The tools for protection are easy as <put your favourite here>, but still many people do not use it.

Install TrueCrypt.

(easy. get installer from here).

Create volume

Login to your account.
Create volume from TrueCrypt GUI or with "C:\Program Files\TrueCrypt\TrueCrypt Format.exe".

  • Choose default "create encrypted file container".
  • Choose default "standard truecrypt volume".
  • Choose file location; I'd recommend "C:\Documents and Settings\YourUser\my_documents.tc" (or C:\Users\YourUser\my_documents.tc, or wherever the profile is).
  • Choose default encryption / hashing algorithms unless you really know the difference.
  • Choose volume size; remember that: (a) all space will be preallocated, (b) it's not possible to resize existing partition.
  • Choose passsword, you can use keyfile/smartcard/token for auth too.
  • Choose a filesystem, NTFS is ok. Do not use Dynamic (sparse file) because such volumes are slower and unsecure.
  • Click Format.
  • Never forget the password.
  • Never write down the password.

Add mounting your new volume to your startup

Go to your Startup folder (it's "Menu Start\Programs\Startup")

You can do this either of two ways:

  1. with Windows shortcut (screenshot here)
  2. or with mount_my_docs.cmd batch: 
    @echo off
REM automount encrypted vol for disk X:
"c:\Program Files\TrueCrypt\TrueCrypt.exe" /v my_documents.tc /lX /a /q

Now, test the batch/shortcut by double clicking it.
Next, test the shortcut by logging out and back in.

Relocate your sensitive data into encrypted volume

Right Click My Documents, choose Properties and change location.

When you click OK, it will offer to move all files - probably you want to say Yes.

From now on, keep sensitive data inside My Documents (X: drive).

That's it!

Simple and a lot more secure than running with laptop full of business data.

Tagged as: , , Comments Off
Comments (0) Trackbacks (0)

Sorry, the comment form is closed at this time.

Trackbacks are disabled.

» «

donosy / read

z blogów znajomych / friends’ blogs

Tags

bash bazy danych bezpieczeństwo business inteligence databases ekologia film fun GMO gospodarka hr hurtownie danych internet jabłonie język kosmos LinkedIn linux mssql muzyka niniwa2 performance perl plpgsql poland politics polityka polska postgres programming programowanie psql religion sieci społeczeństwo sprawiedliwość sql unia europejska unix USA vim warszawa windows wolne oprogramowanie wybory

blogi znajomych

polecam

Archives

Meta