Sensitive data needs to be protected through encryption

NUMEROUS high-profile events in 2017 and early 2018 have made it abundantly clear that all enterprises and government agencies are responsible and liable for the protection of personal data collected from customers and clients—no exceptions. New regulations, such as the European Union’s General Data Protection Regulation, which goes into effect on May 25, will back those expectations of protection with substantial penalties and fines for noncompliance.

To avoid potential fines, organizations need to demonstrate initiative by establishing measurable security protocols that protect collected personal data. One of most common methods for protecting stored data is encryption.

The software required to encrypt files and hard drives is readily available and is often offered for free or at low cost. Therefore, the establishment of an encryption protocol for your enterprise does not have to incur a large outlay of resources. The five encryption applications listed below are all free to use and perform their function using the highest industry-standard encryption algorithms available.

Some of the applications in this list will encrypt an entire hard drive, operating system and all. That means you will have to know the password or have a USB drive with the password file on it to access the system. Other applications will allow you to encrypt a single file or folder, if you prefer. The operational difference is important to keep in mind as you evaluate each app.

1. BitLocker Device Encryption

Since the BitLocker Device Encryption software is integrated directly into Microsoft Windows 10, it is probably the most obvious application on this list. You will find the BitLocker app in the Control Panel, but the best way to get to the management screen is by typing bitlocker into the Cortana search box.

BitLocker is designed to work best with a computer or device deployed with a Trusted Platform Module   version 1.2 or later. The TPM is a hardware component that works with BitLocker to help protect user data and to ensure that a computer has not been tampered with while the system was offline. Older devices with no TPM can still use BitLocker, but users will need access to a USB drive that will act as a key to the system. BitLocker encrypts the entire disk drive and not individual files or folders.

2. FileVault 2

Similar to BitLocker, FileVault 2 is a full-disk encryption tool; however, it is limited to use on OS X Lion or later. The app prevents unauthorized access to the information on an OS X device’s start-up disk using an XTS-AES-128-bit algorithm with a 256-bit key.

To turn on FileVault, navigate to the System Preferences screen and click the Security & Privacy link. Of course, you will have to enter an administrator name and password to complete the process. Once the encryption is complete, FileVault will require you to log in every time your Mac starts up, and no account will be permitted to log in automatically.

3. VeraCrypt

VeraCrypt is an open source application based on the now-abandoned TrueCrypt 7.1. Like BitLocker and FileVault, VeraCrypt is designed as a complete drive or partition encryption tool and not for the encryption of individual files or folders.

The software creates a virtual encrypted disk within a file and then mounts that file as a usable disk drive or USB drive. The encryption is automatic and performed on the fly, so the drive acts like a normal storage device.

Since VeraCrypt is an open source project, its documentation is a bit sparse—and it’s cryptic at best. While this application does use advanced encryption protocols and keys to create an additional level of security, it is best deployed by professionals or users with
advanced skills.

4. AxCrypt

Unlike the previous applications in this list, AxCrypt is designed to be used for encrypting individual files or folders. AxCrypt integrates directly into the file explorer system of either Windows or OS X, making encryption as simple as clicking the right choice from a menu. The application can also be downloaded and installed on a mobile device.

AxCrypt also uses the same AES encryption algorithms with 128-bit and 256-bit keys as the other applications. In addition to integrating with system file explorer apps in Windows and OS X, AxCrypt integrates with cloud-based storage apps like DropBox and Google Drive, making it a flexible encryption application.

5. AESCrypt

AESCrypt is also designed to be used as an encryption tool for individual files and folders. The application integrates directly into the file explorer systems of Windows, OS X, and Linux. AESCrypt can support developers working in programming languages like Java and C#, as well.

AESCrypt is an open source project, and it uses the AES encryption algorithm, and the documentation for AESCrypt clearly states that the software can be used for business purposes as well as personal ones.

Warning—It is important to keep in mind no matter which tool you choose to use for your encryption needs, it requires the use of a strong password. Once encryption takes place, that file or hard drive can’t be accessed without providing that password. So be careful what you encrypt, and make sure you use a password you can remember.

Computer hacking has become a professional discipline—and attacks will continue to grow in sophistication and number.

However, as mentioned above, there are many things security and business professionals can do to protect their data, their customers and —most important—their reputation, including encryption, keeping software up to date, retaining offline backups and teaching employees how to detect social engineering attacks.

Let me conclude by saying, that “ethical hackers” are available (EITSC has access to a team), that can perform vulnerability/penetration tests.

Comments are welcome—contact me at [email protected]

Image Credits: Sentavio | Dreamstime.com

House Manila Leaderboard
ECA 728×90 Leaderboard
Suntrust banner2

LEAVE A REPLY

Please enter your comment!
Please enter your name here