If You Aren't Using Data Encryption, You Should
Jan 17, 2018
By: Jeff Olejnik
Healthcare
All of the information we send and receive across the Internet is valuable. The data on your computer, tablet, or smartphone is certainly valuable, and you should take steps to protect it. Computers can be configured with full hard drive encryption. Portable devices can usually be encrypted as well as their internal, removable storage devices like SD cards.
Cloud storage services like Dropbox, Box, and OneDrive are holding your files for you and they are typically encrypted in transit and at rest at the provider. But these services also potentially have access to the encryption key, typically your login password. Consider what would happen if everyone in the world had access to your cloud storage folder. Would they be able to get into your bank account? Would they know when your house is empty? Encrypting this information before storing it in the cloud will provide a second, self-controller level of safety to help prevent this information disclosure in the event of a breach.
- For your computer, tablet, and smartphone, it is important to enable encryption on your storage devices (FDE, or full disk encryption). For Windows computers this can be enabling BitLocker encryption. For Macs FileVault 2 supports FDE.
- For your tablet and smartphone, enable encryption on the device. For iOS, using a password on your device enables encryption by default. Android is a little more complicated but well worth the effort.
- If you need to use a cloud storage service, create a secure container within your cloud storage that only you can access. Wipfli recommends 7-Zip (www.7-zip.org). It’s a free, open-source file encryption and compression software program.
- Follow these steps to create a secure container inside your cloud storage that only you will have access to. Detailed instructions with examples can be seen at http://www.northeastern.edu/securenu/sensitive-information-2/how-to-use-7-zip-to-encrypt-files-and-folders/ .
- Download, install, and launch 7-Zip.
- On your computer, create a folder that you would like to store encrypted files in.
- Right-click this folder and select 7-zip, then Add to Archive.
- This will bring up a new window. Make the following changes in this window:
- Change Archive format: to “zip”
- Enter a password. (SEE PREVIOUS BLOG – INSERT LINK for recommendations on selecting a password.) Please note: This password is critical to securing your data and should be at least 20 characters long, with letters, numbers, and symbols.
- Under Encryption method, choose “AES-256”
- Click “OK” once you are satisfied with your password.
- Once you have created this encrypted container, you can add files to it by dragging them to the file and dropping them in. If you are using a service like Dropbox, Box, or OneDrive, the changes will be copied to your cloud backup.