Encryption is a process that is used to encode information so that it cannot be read by normal means. In order to read the contents, you have to go through the process of decrypting the information. For example, if I take the phrase “Mary had a little lamb” and provide an encryption key (password), the result could look like this:
ZZZZZ ARKQX FWWEV PWGEK UEGOS PAOFR FLBPI PDGRL IQJTW HWAID HAOEC VVAIK ARPKB JTCEB OCBBR HIMJB QFACA RQAUX OMHXC QBULR LJWRK DMCWU NNHHF NCEQM PCABX WIXJM BKVZZ YYYYY
That doesn’t look like Mary had a little lamb to me. And that’s the whole idea of encryption. If you obtained a file that had that in it, you wouldn’t know what it said. The only way to read it is to know the password and the type of encryption used and run it through the appropriate decryption process. Then you could read the information.
Now that we all have a basic understanding of what encryption is, let’s talk about using in the real world. Most people don’t need to use encryption. It’s generally used to keep information safe and secret. Most residential computer users don’t need it. It’s mainly used in certain businesses and by government agencies.
Windows has encryption built in to it that you can use to protect your files. In order to use it, your Windows account must be password protected because that’s the password it’s going to use to encryption information. Once you have that, you can right-click on a file or folder and choose properties. Then click the advanced button and then click to put a check mark next to “Encrypt contents to secure data”. When you open that file on your computer, it uses your windows password, which you already entered, to decrypt the information automatically and then shows you that information.
There are quite a few drawbacks to using the encryption feature in Windows. If you forget your password, then you won’t be able to access your files. If you move those files to another system, you won’t be able to open them. Once logged into Windows, anyone who has access to the computer can access the encrypted files. We don’t recommend using this feature in Windows.
There are two other popular ways to encrypt information on Windows PC’s. For years, a product called PGP (Pretty Good Privacy) was the standard for information encryption. PGP was purchased by Symantec in 2010 and is now called Symantec Encryption.
The other well-known encryption solution is TrueCrypt. The best thing about TrueCrypt is that it is a free, open-source product that will run on Windows, Mac, or Linux.
With these types of encryption packages, you can generally encrypt your entire hard drive, or you can create a virtual encrypted drive where you store files you want to be encrypted. With some of them you can also encrypt email.
We do not recommend encrypting the entire hard drive because that also encrypts Windows and when something goes wrong, Windows will no longer boot. We’ve seen this happen several times. If you need to encrypt files, create a virtual encrypted drive where you can store your critical information.
Having said all of that, you should also know that there is forensic software available that can easily access information encrypted with any of the three technologies I just talked about. This software is meant to be used by law enforcement, but is available to the public. It uses memory dumps and hibernation files to find out what your encryption password is. So if you relay on file encryption for security, you should disable hibernation and set up an automated process to securely wipe memory dumps.
Computer security is like home or business security in that each level of security is a deterrent that deters criminals. All you can do is deter criminals. If a criminal has the motivation and the resources, no level of security can prevent them from cracking security.
Encryption is another level of security that will deter most criminals, but not all. So don’t think just because you have encrypted your information that there is no way anyone could ever access it. That’s just not true. In addition to security having different levels of deterrents, security is a balancing act. The amount of security verses the usability. If you put in so many levels of security to the point where the computer is difficult to use, then you have gone too far. You want a level of security that will deter most criminals while still allowing you to use the computer to do what you need to do without a lot of frustration.