Encrypted Data

<h1>Encrypted Data</h1>Author: <a title="Mike Foster, The Foster Institute" href="http://www.articlesbase.com/authors/mike-foster,-the-foster-institute/103868.htm">Mike Foster, The Foster Institute</a> Data security is a big issue for companies, and no one is untouchable. Even worse, the attacks on companies' IT systems aren't diminishing. In February 2007, 2.2 million active duty personnel records were compromised, and unfortunately, many of them were not encrypted. 
 
What's encryption? It's when the data is scrambled using a cipher based on a key in such a way that no one can read it unless they know the key to unlock the cipher. With all that's happening in the world today, you'd think everyone would encrypt their data, especially on laptops, hard drives, memory sticks, and other devices that are easily carried out of the office, but they don't. 
 
I do security reviews for companies all the time, and I can't think of a single company that I've been to that didn't have at least one laptop out in the field with unencrypted data. Workstations, especially laptops, need to have full disk encryption in place so if the computer is ever stolen, the thief will not be able to read any of the information. And in fact, none of the companies I've worked with yet use something called full-disk encryption on every single one of their laptop systems. 
 
When it comes to data encryption, some people use the encryption tool built into their word processing program. That's a good start, but it's not nearly enough. When I travel I sometimes bring my "penetration testing" laptop with me if I'll need it on that trip. On that laptop I have special "hacker tools." One of the things I like to do during my presentations to business executives is set a password in my word processing program and then save a file. 
 
Now everyone in the audience believes that data is encrypted, and it is, but only at the bare minimum. I then show the audience how easy it is to crack the encryption code. 
 
The first thing I show them is how they can right click on the file, and then click on the summary tab. By doing this, you can read the first line of the file-even though the file is encrypted. So if you have an employee who you suspect may be up to no good, you can right click on their files, choose the summary tab, and read the first line of their files. Who knows...maybe you'll see one that has a first line of, "This is how I'm going to sell our information to our competitors," or something similar that would implicate the employee. 
 
Then I run a password tool program on the computer-something any good hacker has in his or her arsenal-and usually by the first meeting break, the password program has cracked the code and all the encrypted data is available for full viewing. 
 
At that, most executives are amazed. "Wow. I didn't know you can do that," is all they're able to say. 
 
On top of that, have you ever had your computer shut down abnormally, while you were in the middle of working in your word processing program, and when the computer rebooted and you tried to re-open your work, your word processing program displayed the file you were just working on with a message that it automatically saved a copy of your work? That's an unencrypted copy-even if the original version of the file was encrypted. The danger here is that, if your word processing program saves unencrypted files as "backup copies" while you are working on the file, even though the word processing program deletes the files when you close out normally, the "deleted" unencrypted backup copies aren't really deleted until they are written over. A malicious hacker could potentially use a data remembrance tool to read those "we thought they were deleted" unencrypted backup copies of your confidential information. 
 
There's also something in most computer systems called a paging file. It's a way that the computer stores information about what you are working on "right then" even if you don't have enough "chip memory" installed in your computer to process multiple and/or large programs. This way your computer doesn't have to totally rely on just the chip memory you have installed. In other words, it sets aside part of the hard drive and pretends that it's chip memory too. If your confidential document gets copied to the paging file while you are editing the confidential file, then that information gets stored in that paging file in an unencrypted manner. 
 
So even if you use the built in encryption feature of your word processing program, there are still all these copies of your files available. That's why you need what's called full-disk encryption. Quite simply, it encrypts everything on your drive. 
 
Many people say they don't use full-disk encryption tools because they think it's expensive. Well, it's not expensive at all. I have full-disk encryption that came included for free with my laptop. Some people also believe that security is very difficult to configure. No. Enabling full-disk encryption only adds about forty-five seconds to your computer's setup once the IT professional knows the procedure. It's very easy. 
 
Other people say, "Once you use full-disk encryption, it becomes almost impossible for the end user to use the computer." That was true at one point. But now, if I want to lock my laptop, all I have to do is use the Windows L key combination and the computer locks, or I can just set the computer to lock automatically if I walk away for very long. Then whenever I want to get back in, I can take any one of my ten fingers and swipe it across the fingerprint reader that is on the front of the laptop. Now I'm ready to go again and can access all the data on the system. 
 
People also tell me that encryption is slow. It's not. I use my laptop to run large and involved programs all the time, so I need speed. And I have overkill encryption on my machine just to prove to audiences how fast it is. I have my data locked or encrypted three different ways, and it only needs to be encrypted once. This is to demonstrate the speed. 
 
So in a nutshell, full disk encryption security is inexpensive, it's easy for the user, it's very important to have, and it's easy for your IT administrators, too. So it's time to be secure, and full-disk encryption is a great start to having some peace of mind. 
 
Action Item: Investigate some full-disk encryption tools and make sure everyone in your office encrypts their data. Often encryption can be enforced for your employees that use computers belonging to your organization.About the Author: Most executives would rather have a root canal than learn technology. Mike Foster has 25 years experience explaining technology in plain English to owners and executives. Executives learn tips to increase profits and avoid losses. IT professionals are empowered to be even more valuable to organizations. Learn more at <a href="http://www.keepmynetworksafe.com/">Keep My Network Safe</a>.Article Source: <a href="http://www.articlesbase.com/">ArticlesBase.com</a> - <a href="http://www.articlesbase.com/internet-articles/encrypted-data-684837.html" title="Encrypted Data">Encrypted Data</a>

Data security is a big issue for companies, and no one is untouchable. Even worse, the attacks on companies' IT systems aren't diminishing. In February 2007, 2.2 million active duty personnel records were compromised, and unfortunately, many of them were not encrypted.

What's encryption? It's when the data is scrambled using a cipher based on a key in such a way that no one can read it unless they know the key to unlock the cipher. With all that's happening in the world today, you'd think everyone would encrypt their data, especially on laptops, hard drives, memory sticks, and other devices that are easily carried out of the office, but they don't.

I do security reviews for companies all the time, and I can't think of a single company that I've been to that didn't have at least one laptop out in the field with unencrypted data. Workstations, especially laptops, need to have full disk encryption in place so if the computer is ever stolen, the thief will not be able to read any of the information. And in fact, none of the companies I've worked with yet use something called full-disk encryption on every single one of their laptop systems.

When it comes to data encryption, some people use the encryption tool built into their word processing program. That's a good start, but it's not nearly enough. When I travel I sometimes bring my "penetration testing" laptop with me if I'll need it on that trip. On that laptop I have special "hacker tools." One of the things I like to do during my presentations to business executives is set a password in my word processing program and then save a file.

Now everyone in the audience believes that data is encrypted, and it is, but only at the bare minimum. I then show the audience how easy it is to crack the encryption code.

The first thing I show them is how they can right click on the file, and then click on the summary tab. By doing this, you can read the first line of the file-even though the file is encrypted. So if you have an employee who you suspect may be up to no good, you can right click on their files, choose the summary tab, and read the first line of their files. Who knows...maybe you'll see one that has a first line of, "This is how I'm going to sell our information to our competitors," or something similar that would implicate the employee.

Then I run a password tool program on the computer-something any good hacker has in his or her arsenal-and usually by the first meeting break, the password program has cracked the code and all the encrypted data is available for full viewing.

At that, most executives are amazed. "Wow. I didn't know you can do that," is all they're able to say.

On top of that, have you ever had your computer shut down abnormally, while you were in the middle of working in your word processing program, and when the computer rebooted and you tried to re-open your work, your word processing program displayed the file you were just working on with a message that it automatically saved a copy of your work? That's an unencrypted copy-even if the original version of the file was encrypted. The danger here is that, if your word processing program saves unencrypted files as "backup copies" while you are working on the file, even though the word processing program deletes the files when you close out normally, the "deleted" unencrypted backup copies aren't really deleted until they are written over. A malicious hacker could potentially use a data remembrance tool to read those "we thought they were deleted" unencrypted backup copies of your confidential information.

There's also something in most computer systems called a paging file. It's a way that the computer stores information about what you are working on "right then" even if you don't have enough "chip memory" installed in your computer to process multiple and/or large programs. This way your computer doesn't have to totally rely on just the chip memory you have installed. In other words, it sets aside part of the hard drive and pretends that it's chip memory too. If your confidential document gets copied to the paging file while you are editing the confidential file, then that information gets stored in that paging file in an unencrypted manner.

So even if you use the built in encryption feature of your word processing program, there are still all these copies of your files available. That's why you need what's called full-disk encryption. Quite simply, it encrypts everything on your drive.

Many people say they don't use full-disk encryption tools because they think it's expensive. Well, it's not expensive at all. I have full-disk encryption that came included for free with my laptop. Some people also believe that security is very difficult to configure. No. Enabling full-disk encryption only adds about forty-five seconds to your computer's setup once the IT professional knows the procedure. It's very easy.

Other people say, "Once you use full-disk encryption, it becomes almost impossible for the end user to use the computer." That was true at one point. But now, if I want to lock my laptop, all I have to do is use the Windows L key combination and the computer locks, or I can just set the computer to lock automatically if I walk away for very long. Then whenever I want to get back in, I can take any one of my ten fingers and swipe it across the fingerprint reader that is on the front of the laptop. Now I'm ready to go again and can access all the data on the system.

People also tell me that encryption is slow. It's not. I use my laptop to run large and involved programs all the time, so I need speed. And I have overkill encryption on my machine just to prove to audiences how fast it is. I have my data locked or encrypted three different ways, and it only needs to be encrypted once. This is to demonstrate the speed.

So in a nutshell, full disk encryption security is inexpensive, it's easy for the user, it's very important to have, and it's easy for your IT administrators, too. So it's time to be secure, and full-disk encryption is a great start to having some peace of mind.

Action Item: Investigate some full-disk encryption tools and make sure everyone in your office encrypts their data. Often encryption can be enforced for your employees that use computers belonging to your organization.

Most executives would rather have a root canal than learn technology. Mike Foster has 25 years experience explaining technology in plain English to owners and executives. Executives learn tips to increase profits and avoid losses. IT professionals are empowered to be even more valuable to organizations. Learn more at Keep My Network Safe.

Rate this Article:

0 / 5 stars - 0 vote(s)

Re-Publish

Article Source: http://www.articlesbase.com/internet-articles/encrypted-data-684837.html

Article Tags: Technology, Security, Computers, Spyware, Malware, Hackers, Data Encryption

Related Videos
Related Articles
Ask / Related Q&A

Play

Sendmail's Sentrion for Enterprise Message Management

Play

How to Secure a Local to Remote Connection

Play

How to Secure Linux - SSH & iptables Firewall - VPS BIBLE #6

Play

How to Encrypt emails using Voltage Security Network

Play

How To Hide Files In JPGs: Tweak Hack XP Vista

Latest Internet Articles
More from Mike Foster, The Foster Institute

Is Using Cheap Web Hosting a Good Idea?

By: Jason Kay | 30/12/2009
In your quest to save yourself some money with your online business should you consider using cheap web hosting? We all know the old saying, 'You get what you pay for,' but does this ring true for cheap hosting services? The short answer is yes and no. Typically the reason something...

Downloading NINTENDO DSI Games – My History and the Lesson Learned - Nintendo DSI Download Center Best Way

By: Dimitar Mishev | 30/12/2009
The New light: I couldn’t resist playing the games, so I bought another NINTENDO DSI. Sounds crazy right? But I really did it, that’s how addicted, I was. And also again buying each and every game for money was killing me. Recently, I heard from a friend that he was able to play a lot of downloaded NINTENDO DSI games from the internet. I warned him about what happened to me.

Get Internet On NINTENDO DSI - It Really Can Be Done, And In Five Simple Steps - Nintendo DSI Download Center

By: Dimitar Mishev | 30/12/2009
Did you know you can use your NINTENDO DSI to pick up free wireless internet? Most people don’t even realize this but it’s pretty straightforward once you know how! Sit back and relax while you learn to get internet on your NINTENDO DSI! Nintendo DSI Download Center

Download Free NINTENDO DSI Themes - 3 Essential Tips - Nintendo DSI Download Center

By: Dimitar Mishev | 30/12/2009
Do you want to download a free NINTENDO DSI theme? I think most NINTENDO DSI owners do. The NINTENDO DSI is a tremendously popular piece of electronics equipment, and one that allows it’s owners to be truly unique-who needs Ipod socks when you change the whole way your NINTENDO DSI looks and behaves? Nintendo DSI Download Center

Download NINTENDO SDI Movies - 3 Options to Choose From -Nintendo SDI Download Center

By: Dimitar Mishev | 30/12/2009
Are you looking to download NINTENDO SDI movies? There are many ways to do so, but if you aren’t careful many may leave you out of pocket and leave your poor computer struggling! Follow this guide and find out what choices are open to you and exactly how to download NINTENDO SDI movies the safe way. Nintendo SDI Download Center

How to Download Music to NINTENDO DSI - 3 Simple Steps is All It Takes - Nintendo DSI Download Center

By: Dimitar Mishev | 30/12/2009
Learning how to download music to NINTENDO DSI really is a piece of cake, but like anything, it seems tough unless you know exactly how to do it. Read on to find out just how easy it really is to download music to NINTENDO DSI! Nintendo DSI Download Center

Data Protection

By: CODANK WEB DESIGN | 30/12/2009
All businesses should take all necessary precautions when looking to keep their valuable information secure. A major problem that Internet programs are experiencing is hackers. If you do not back-up your data then these intruders should not be the only thing your business focuses on.

Download NINTENDO SDI Emulator - How To Get Emulators For Your NINTENDO SDI and Play Classic Games - Nintendo SDI Download Center

By: Dimitar Mishev | 30/12/2009
Want to download NINTENDO SDI emulator software? Many people aren’t aware of it, but using your Sony NINTENDO SDI with emulator software is just about some of the best fun you can have with it. Imagine how cool it is to download and play yesterday’s classics like Super Mario and Sonic? Nintendo SDI Download Center

The Great I T Disconnect

By: Mike Foster, The Foster Institute | 28/09/2009 | Internet
It's time to take the steps that can keep your company safe. One of the most important steps you can take is to learn how to communicate with your IT team. Realize that of all the professional relationships that can make or break your business, your relationship with your IT support...

Pros And Cons Of Outsourced IT

By: Mike Foster, The Foster Institute | 22/03/2009 | Internet
Outsourcing your IT needs is a great option for many companies. I created and operated a company that was "outsourced IT" for many organizations for more than ten years. The key is to beware of the company you're working with. Check them out and make sure it's a company you...

Cell Phone Security And Your I T Department

By: Mike Foster, The Foster Institute | 15/12/2008 | Internet
When it comes to IT security, our computers aren't the only thing vulnerable. Almost everyone these days has a cell phone, and a cell phone can be hacked too. One way to infect someone's cell phone is with a malicious program called FlexiSPY. Here's how it works. Let's say that...

Encrypted Data

By: Mike Foster, The Foster Institute | 15/12/2008 | Internet
Data security is a big issue for companies, and no one is untouchable. Even worse, the attacks on companies' IT systems aren't diminishing. In February 2007, 2.2 million active duty personnel records were compromised, and unfortunately, many of them were not encrypted. What's encryption? It's when the data is scrambled...