From banks to school districts to the Veterans Administration, every other week, we hear about some other individual who has jeopardized confidential information for millions of people. This article is about how YOU can maintain your digital privacy on your computer. Consider these statistics:
- More than 600,000 laptop thefts occurred in 2004, totaling an estimated $720 million in losses and totaling an estimated $5.4 billion in theft of proprietary information. Source: Safeware Insurance, 2004
- 73% of companies do not have specific security policies for their laptop computers. Source: Gartner Group, 2003
- Informal surveys show that thieves are intent on selling the data in 10 to 15 percent of laptop thefts. Source: Securityfocus.com, 07/30/2001).
- According to 2003 statistics, Texas ranks fourth per capita among all states for identity theft with about 93 of every 100,000 Texans being a victim. More than 20,000 Texans were victimized in 2003. Source: Texas ID Theft Statistics, 2003
- 97% of stolen computers are never recovered. Source: FBI
Let me say that again. Ninety-seven percent of stolen computers are NEVER recovered. That means your data could be out there forever, waiting like a time-bomb to explode until someone discovers it and then uses it.
As we become more mobile, there is no doubt that laptops will be stolen. The question is, "Do you know how to protect the data on your laptop or desktop in such a way that thieves can't get in?"
We so often shred paper documents that we leave unencrypted on our computers.
In addition to encrypting data on your hard drive, you are also able to encrypt email messages you send to others. While some question why they would ever encrypt their email, remember that information about you can be used by a criminal. Unless you are using a Virtual Private Network (VPN), your data can be easily accessed by others. Once your data has been encrypted, it is not viewable by others, even while in transit. When the encrypted email arrives at its destination, the recipient can decrypt it. Confidential data can then sit on the computer — safely encrypted — until the reader needs to access it.
If you're not sure what to encrypt, ask yourself what you wouldn't want some stranger getting access to on your computer. That could cover lots of things, but here are some items that are critical from my perspective:
- Name, address and birth date. This information can be used in combination with other data to impersonate you.
- Documents with social security numbers in them.
- Documents with credit card numbers, bank account information, etc.
- Any information that might be considered confidential. This can be your spouse or child's medical information, house insurance, etc.
What do I do After I've Identified Critical Data?
Once you have identified confidential data, realize that you should separate it from other data on your hard drive. When you do this, you make it easier to protect. Once you have encrypted the data, you can easily move it from one place to another.
- Move all confidential data files into a common folder.
- Use zip compression option (available via the right-mouse click on Windows, Mac and Linux) to create ONE, compressed file with your data.
- Encrypt that zipped file with the option to wipe the original zip file.
- Make a backup of the compressed,encrypted file to external USB drive (e.g. 120gig or PenDrive, etc.). Include a copy of the program you did the encryption with. There are several encryption programs available for your use.
Before we jump into some specific free, open source tools, be aware that both Windows XP and Mac OS X operating systems have built-in encryption schemes that can protect your data at a basic level. However, I have found that they slow down your machine. And, to be honest, I'm nervous about entrusting my private documents to an operating system...what happens if it fails for some reason other than your files? Everything could be lost. I like to use the smallest tool to get the job done.
There are several free, open source encryption tools you can use. Here are several that I have used and continue to use on a regular basis:
For Windows, use Windows PrivacyTools. I have used this program over the last few years and have been very pleased with how easy it is. The main benefit of WinPrivacy Tools — aside from the fact that it is free — is that once setup, it is incredibly easy to use to encrypt/decrypt files. Aside from being able to encrypt zip files — or any other file you have, whether zipped or not — is that you can also encrypt the contents of your clipboard. This is helpful when sending confidential information via email to others.
Windows Privacy Tools - http://www.equipmente.de/gnupt-int.exe
On the Macintosh, there are several privacy tools you can use. While the Personal version of the Pretty Good Privacy, or PGP for short, (which is free but lacks hard disk encryption — which you don't need for the zip and encrypt method I recommend — after the 30-day trial expires) is the easiest to use, there is another free, open source alternative. This alternative is a combination of FOSS tools.
PGP - http://www.pgpi.org/products/pgp/versions/freeware/mac/
(Note that you'll want the 8.x version if you want Mac OS X compatibility).
Free Mac Encryption Tools (Open Source)
- GPG Tools - http://www.tomsci.com/gpgtools/
Graphical installer for
- Mac GNU Privacy Guard - http://macgpg.sourceforge.net/
Includes most of the programs that you will need.
While there are several tools on the Linux side, KGPG is the easiest to get working (I've worked on Gnome and KDE graphical user interfaces to Linux). As mentioned earlier, an excellent tool to use for encryption includes KGPG. Installing KGPG is straightforward, especially on Debian Linux distributions such as Edubuntu, SimplyMepis, and others. You can use the built-in, graphical Synaptic to get the program or at the command line, use Apt-Get (e.g. "apt-get install kgpg").
KGPG is a nice front-end to GPG, which is already installed on your Linux system. An easy start tutorial is available online. Unbelievably, KGPG is easier to get going than the MacGPG Tools mentioned earlier!
If you deal with confidential data on a regular basis, you might consider using a "Boot-n-Nuke" software program to complete wipe your hard drive. This is especially useful when discarding of older computers. In this case, you may have an administrator computer that has housed documents containing sensitive data. Or, it may be one of your own computers. Either way, you need to wipe the hard drive completely.
The ultimate solution for erasing or wiping a hard drive may be a program known as Darik's Boot-n-Nuke to ensure all previous data was erased from the hard drive. According to their web site, Darik's Boot-n-Nuke works for both Macintosh and Windows computers. It is a self-contained CD that securely "wipes the hard disks" and will do so "automatically." To get the boot CD, you will need to download an ISO file and create a CD from it. Not sure how to do this? Use the free BurnCDCC to make a CD from the ISO file. (Find BurnCDCC at www.terabyteunlimited.com/utilities.html).
I have successfully encrypted emails and specific zipped files with the Mac privacy tools above, then unencrypted them with privacy tools on other platforms (e.g. WinPT on Windows or KGPG on Linux). This enables you to enjoy cross-platform security.
While some see the use of encryption tools like those discussed in this article as the recourse of the paranoid, remember that identity theft is the fastest growing crime in the United States. If you are a victim of identity theft, you may spend an average of 607 hours and at least, a $1000, in clearing your name. Make sure that your computer is not one of the sources of confidential information. Protecting yourself online is as much a digital literacy as being information literate. Pass it on!