How Paranoid Should You Be For Backing Up Your Data?

Backup Backup Backup - And Test Restores

Backup Backup Backup – And Test Restores (Photo credit: Wikipedia)

If you ask me what is the best way to backup your data, I will probably direct your concern to more than one way.  I like to think of not placing all of your eggs in one basket kind of scenario.  What’s the point of backing up data in the first place?  It’s to hope that when things go crazy such as a computer’s data corruption might occur, you can then access your most valuable backup data.  If you only rely on one preferable backup method, then what if in a critical moment that even the backup data isn’t accessible through your preferable only backup method, what will you do then?  Even a perfect storm is a possible scenario for spreading eggs in more than one basket, therefore I think being paranoid about safekeeping your data with more than one preferable backup method is the best way to go about doing the backups for your valuable data.

For us normal folks, the regular Joe(s), who have data that we want to safeguard, it’s a must for us to spread our data in more than one basket.  It must not be that you have to be a company to take this approach.  Furthermore, nowadays regular Joe(s) do have plenty of ways to go about doing backups for their data.  Let me list few of them:

  • Google Drive
  • Pogoplug
  • Dropbox
  • Amazon Simple Storage Service
  • CrashPlan
  • External hard drives
  • Network attach storage solution such as QNAP NAS servers
  • Do it yourself FreeNAS server solution
  • rsync to a renting server with affordable monthly fee

And the list can go on a lot longer as third party cloud services are now in amble supply.  I think the problem isn’t about finding a backup solution or solutions for the regular Joe(s), but it’s about the affordability, speed, security, and conveniency aspects.  Let say, if a regular Joe wants to spread his backup data in more than one basket, how affordable can this be?  So on and so on…

I think affordability should not be as big of an issue as before the time when there were no third party cloud service and competitive (affordable) computer hardware pricing.  If you don’t intend to harbor 100 of Gigabytes worth of data for streaming purpose or whatever extreme configuration, backing up few Gigabytes worth of data should not cost you much at all.  Perhaps, you can do it at no cost too.  One example, I think Google Drive gives you around 10 Gigabytes worth of free data space or a little bit more than this, and just with this service alone you know you don’t have to spend a dime to backup your data as long you are not going over the free space limitation that Google Drive allows.  Don’t like third party cloud services for whatever reasons?  Computer hardware such as external hard drives nowadays are no longer pricing at outrageous prices, therefore it’s easier for regular Joe(s) to go this route for doing their data backups.  How about coupling Linux with a spare, dusty computer to form a local backup storage server at zero cost in term of money, but you have to spend time on putting things together such as installing Linux and deploying Linux’s network attached storage services to have a more complete backup server solution.

I can see that the many third party cloud services as good solutions for doing backups.  How come?  Let say you’re paranoid about the safety of your data to a point that you consider the scenario where local backup data can all be corrupted at the same time for whatever reasons such as a virus/hack attack (or by even a more nefarious scenario), therefore you think third party cloud services are the additional safety reservoirs for your backup data.  If you are this paranoid, I think you’re doing it right.  Although third party cloud services are good measures against local data corruption, there are problems with this whole approach in general.  Let me list a few:

  • Broadband’s upload speed (Internet connection) isn’t fast enough to do a major backup (i.e., backing up huge amount of data in Gigabytes worth)
  • Security issue… how do we know our data can be securely safeguarded and stored on the remote servers?
  • Trust issue… such as how do we know our data privacy and our privacy won’t be breached on the remote servers?

I sneakily snuck in the speed and security concerns about backing up data remotely through third party cloud services, but we should not take the security issue lightly since many people may not want their privately backup data to be made known to the whole world.  Security done right in term of backing up data locally and remotely, this will also address the privacy issue/concern too.  I think employing good network and computer security measures locally will enhance the security protection level for the backup data.  Such measures should be about employing hardware and software firewall, antivirus, and so on.  Don’t forget to update the software and firmware, because through updating these things that you can be assured of weeding out security bugs.  You can never be too sure about the security of your data when you’re backing up your data remotely, therefore you should employing encryption for your backup data before you upload your backup data to the remote servers.  One good encryption measure I know of is TrueCrypt software which can be downloaded and used freely.

I don’t think we should sacrifice our data security for conveniency, because data security is definitely more important than otherwise.  Still, conveniency should be considered in the calculation of our data backup challenge too.  It’s just that we have to make sure we don’t have to sacrifice data security for conveniency.  Let say, you want to backup your data to a third party cloud service, but you don’t like the idea of doing a local encryption for your data first… this means you are sacrificing your data security for conveniency and this is truly bad for you as the owner of the backup data (i.e., privacy concern).

In summary, I think if you’re paranoid enough about the health of your data, then you should devise many backup plans for your data.  You should try to backup your data both locally and remotely, but you should employ encryption for your data when you do backup your data remotely.  Backing up huge amount of data remotely can be very inconvenient at this point in time since so many regular Joe(s) do not have access to fast upload broadband speed.  Let hope this will change soon, and I know things will be moving in this direction since data streaming and data sharing and data backup are in much more demand than ever before.  One example would be Google fiber Internet service.  Google is driving the Internet Service Provider competition forward as Google deploys its Gigabit Internet connection service for many households in various lucky cities and towns.  With Google pushing for more competition in the area of broadband speed, I think the future — having great Internet connection for uploading our backups — is definitely bright.  As time is moving on, the costs of computer backup hardware and backup services can be even more competitive, we can expect the cost of deploying backup measures for our data can only get cheaper and easier.  I like the idea of having a NAS locally, and using one or two third party cloud services for my data backups.

(How paranoid should you be for backing up your data?  In my opinion, the answer should be, the more the merrier.)

Advertisements

How Much Are You Willing To Spend On Securing Your Data?

Network Attached Storage

Network Attached Storage (Photo credit: Wikipedia)

The actual cost of making sure your data is safe (i.e., redundancy) and secure can be quite ambiguous.  The ambiguousness is probably derived from the plethora of options that you can choose to go about making sure your data is safe and secure.  I guess it is all depending on how you want to go about making sure your data is safe and secure.  Nonetheless, if you insist on wanting to know an estimated price range for securing and backing up whatever data, I think you’re looking to spend around a little more than $1,000 or just about $0.  You see, the ambiguousness can already be found from just looking at the possible cost of implementing a solution for securing and backing up data.

Remember, we are speaking about implementing a solution in securing and backing up data for small business or home, therefore I think the cost of implementing this kind of data assurance solutions should not be too outrageous.  Let us just go over some possible data assurance solutions to see how much you might have to spend, OK?  Nonetheless, remember the cost will be ambiguous as each unique data assurance implementation might require unique data assurance solution.

Requisite elements for $0 spending in securing and backing up data:  Talking about spending $0 on securing and backing up data is totally possible.  This scenario requires you to have a spare computer which you will not have any other use for it besides of wanting to use it as a backup machine for this specific scenario.  You will definitely need to download an open source backup solution such as FreeNAS or a Linux distribution (an open source operating system which is similar to Unix type).  You also need to download TrueCrypt.  In the case if you want to protect database of passwords, you totally need an additional layer of protection such as password manager which is capable of encrypting its database (e.g., KeepassX, etc…).  A proper home or small business network needs to be setup correctly, therefore you need to have a working router.  Also, you need to know how to distribute a local, non-public, static IP address for your backup server.  In the case of backing up data from outside of the network, you definitely need to know how to open up ports on your backup server and forward ports on your router.

Piecing together the elements for $0 spending in securing and backing up data:  So basically, the spare computer can be setup with FreeNAS or Linux distribution as a backup server.  You will use TrueCrypt to encrypt data first before backing up the data onto FreeNAS or Linux server.  Linux server requires your knowhow of setting up a proper service which allows you to use proper protocol to backup the data.  One example of backing data to Linux would be using rsync.  FreeNAS is a lot easier to deal with as it’s designed to launch NAS (Network Attached Storage) services quick and fast.  In the case of digitizing saved passwords, you need a proper password manager which is capable in encrypting your passwords in an encrypted database, therefore I suggest you should try out KeepassX.  To make your digitizing saved passwords even more secure, you can totally use TrueCrypt to encrypt the KeepassX database.  On Linux server, you can totally download free firewall and free antivirus solution to protect your Linux server from hacks and viruses, consequently providing even more protection for your data.  In the case of a FreeNAS server, at the moment I don’t think you can install firewall and antivirus programs, therefore you should make sure the firewall of the router is properly configured (i.e., to protect the FreeNAS server from intrusions).  I think you might be able to use an antivirus solution on a PC to scan iSCSI drives of FreeNAS server, therefore I guess you can use an antivirus program with FreeNAS server if you have setup iSCSI drives on FreeNAS properly.  Nonetheless, you must know that this is a dirty fix antivirus solution for FreeNAS server as you can only initiate an antivirus program on a PC and not on the FreeNAS server itself, limiting you to scan FreeNAS iSCSI drives only and not the entire array of physical hard drives that reside within a FreeNAS server.  To backup data from abroad to your backup server at home or office, you need to rely on VPN (Virtual Private Network protocol).  VPN will safely encrypt and secure the data that is in transit (i.e., utilizing the Internet to transfer data from one network location to another network location).  I think you can set up VPN service on Linux server with some efforts, and this will not work if your ISP doesn’t allow VPN traffic.  I’m not sure if FreeNAS supports VPN or not, but if it’s you should use it to backup data from abroad.  Don’t forget to open up or port forward necessary ports for the router and the backup server to allow proper transfer of backup data, OK?

Requisite elements for $1,000 spending or more in securing and backing up data:  No specific recommendation on NAS (Network Attached Storage) hardware, but I have seen many NAS machine can be purchased as low as $100.  Nonetheless, I think you should choose a NAS machine that fits to your data assurance plan.  Firstly, you want to make sure the NAS machine you want to buy is regularly updating its firmware to combat vulnerabilities and software errors.  Usually, searching Google might reveal critical complaints on specific NAS machine that you are thinking of buying.  As long you don’t find any critical complaint about a NAS machine you want to buy, then go ahead and purchase the NAS machine if you think it’s the right solution for you.  Secondly, you want to know the NAS machine you are looking at is diskless or vice versa.  If it’s diskless, then you should know that you have to buy hard drives to install into the NAS machine.  If the NAS machine comes readily with hard drives, then you should not buy any additional hard drive.  Thirdly, you might want to check how many hard drive bays the NAS machine you’re looking at has.  The more hard drive bays a NAS machine has, the more RAID choices you can implement.  Nonetheless, the more hard drive bays a NAS machine has, the more money you might have to spend (e.g., the cost of more bays on a NAS, the cost of more hard drives to fill up the bays).  Fourthly, you want to check to see the NAS machine you’re looking at is capable of supporting all the software implementations that you have in mind (e.g., Time Machine, CIFS, VPN, NFS, FTP, rsync, etc…).  Fifthly, you want to make sure the NAS machine you’re looking at is capable of doing fast data transfer in terms of reading and writing speeds.  Obviously, this specification will not guarantee fast data transfer as other network and hardware bottlenecks must also be considered (e.g., slow hard drives, using slow RAID choices, slow local network, etc…).  Other things you also need to consider before purchasing a NAS hardware is a NAS temperature under heavy loads, the fan noise levels, the size factor, data encryption support, antivirus capability, security measures, and so on.

Piecing together the elements for $1,000 spending or more in securing and backing up data:  Putting a NAS machine to work is probably easier than having to configure a FreeNAS or Linux backup solution since many NAS machines are designed with NAS users in mind.  This means the NAS machine you have bought should be easily configurable, allowing you to setup proper NAS services with ease.  If your NAS machine is supporting Time Machine and you have a Mac, then you should setup Time Machine on the NAS machine to allow the Mac to backup to the NAS machine whenever.  If your NAS machine is supporting CIFS, NFS, rsync, FTP, iSCSI, and so on, then you can setup these protocols/services on the NAS machine to allow all major operating systems to backup the data to the NAS machine.  The major operating systems I’m referring to are Linux, Mac, and Windows.  Furthermore, if your NAS machine supports cloud type of service and mobile data, then you should setup these services to allow cloud type of usage and mobile data backup.  Nonetheless, you should only enable the services that you need on the NAS machine, because enable way too many unnecessary services might open up unwanted vulnerabilities (i.e., allowing hackers to exploit more than one vulnerable services in a machine).  Your NAS machine might be readily announced what ports you need to open on a router for network traffic to transfer data to the NAS machine correctly.  Also, your NAS machine might also allow you to change default port of a service easily.  To secure your data even more, you should consider the option of encrypt the NAS hard drives if the NAS machine supports encryption.  I think some NAS machines might have encryption programs installed by default.  If this is not possible for your NAS machine, you can use TrueCrypt to encrypt the data before such data get upload to the NAS machine.  To further enhance the security of digitizing saved passwords, you can totally use KeepassX as KeepassX automatically encrypts its password database.  Don’t forget to use TrueCrypt for the KeepassX database so digitizing saved passwords will be even more secure right after such passwords get backup to the NAS machine.  When backing up data from abroad, you need to setup VPN service on the NAS machine so the data can be securely transit from abroad to the NAS machine that resides in a home or an office network.

Some of you think backing up data to a third party backup service such as CrashPlan is a great idea, it might be so if you’re careful about encrypting the data.  Backing up to the cloud is definitely an additional layer for data redundancy, therefore it’s a plus for a complete data assurance scheme.  Nonetheless, when data leaves the local network and resides on someone’s else network (e.g., CrashPlan, Amazon Cloud Drive, etc…), the data is truly beyond your control.  This is why when encrypting the data before allowing such data to be uploaded to the cloud is a wise data security measure.  The cost of backing up data in the cloud can be varied as each cloud service will have different cloud plans.  Nowadays, I have found many cloud services are quite affordable, therefore it’s up to you to find out which cloud service is best for your data assurance plan.

Apple Needs To Implement Stronger Authentication For iCloud; Google Can Be A Great Teacher On This!

Before Mac OS X Mountain Lion roared its way into the market, iCloud was already a stir.  After Mac OS X Mountain roared its way into the market, iCloud is even a bigger stir.  iCloud is now more integrated into Mac OS X ecosystem evermore than before.  iCloud is better now as it allows so many more apps to have the option of saving data in the cloud.  One example would be TextEdit.  If you open up TextEdit on Mac OS X Mountain Lion, you would see a finder gladly greets you and asks you if you want to create a new document in iCloud or on the Mac itself.  This way, TextEdit clearly presents you the option of saving data in the cloud.  Many more apps on Mac OS X Mountain Lion are implementing this approach for iCloud too.

It’s great that iCloud is evermore readily available for many more apps on Mac OS X Mountain Lion, because it’s definitely a convenience for Mac users to be able to save data on the cloud for syncing and safekeeping (i.e., to recover when local data cannot be recovered).  Nonetheless, can one’s data be secure on iCloud?  Just recently I had read “The Dangerous Side Of Apple’s iCloud” Forbes article, and this daunted on me that if one isn’t too careful — one might save important information in iCloud and such information can totally be leaked by being hacked as iCloud’s password protection isn’t exactly strong at the moment.  Unlike Google which has 2 step password verification, iCloud only requires a user to enter password once to access iCloud data.  To add the insult to an injury, although iCloud does encrypt the data during the transit of data and on the iCloud itself, the encrypted data can still be decrypted easily as long the evildoer has the correct password which can be used to unlock the data from iCloud.

Then there is another issue of trust.  Can we trust Apple to be honest enough to not take a peek at our data?  Sure, the data are encrypted on iCloud, but is there a way in which Apple can ensure us that their employees won’t try to decrypt our data at will?  Perhaps, this is a concern for using any third party cloud service and not just only with Apple, because once the data reside on the cloud — such data are truly beyond our control (i.e., no longer in the control of the data owner).  Nonetheless, I think when one encrypts the data before sending such data onto iCloud, one might be able to sleep better even though one knows Apple is way more trustful than some unknown and untested third party cloud services.  This is why, one needs to keep TrueCrypt in mind even when Apple does assure one that iCloud is encrypting all data on Apple’s iCloud servers.

To end this blog post, I must say iCloud is a lot more attractive than ever before.  I definitely think iCloud is worth it, because it’s so integrated into Mac OS X Mountain Lion and onward (i.e., I hope it would be so integrated into Mac onward).  Knowing that you can always recover your data from the apps that are supported by iCloud is definitely a peace of mind when it comes down to that one extra layer of data redundancy.  You never know how unreliable the state of your data are until your data become unrecoverable, and by then everything is just too late.  Obviously, even with iCloud, one can never have too much data redundancy, therefore it’s still wise for one to backup their Mac to an external hard drive with the usage of Time Machine, regularly.  This to ensure and insure one in the case of having one’s iCloud account being wiped out by a hacker — just as how Forbes had mentioned how Mat Honan had his iCloud account wiped out by a hacker.  To really end this article, I wish Apple actually implements or at least giving Mac users a choice of implementing 2 step password verification, just like how Google is doing it now.

Sources:

Passware Claims To Break FileVault 2 Encryption In 40 Minutes

Cryptographically secure pseudorandom number g...

Image via Wikipedia

Cnet reported Passware, password recovery company, has claimed that FileVault 2 for Mac could be broken under or around 40 minutes.  In case you have never used Mac before, FileVault 2 is similar to TrueCrypt and Windows’ BitLocker.  These three major popular encryption software help computer users to securely wipe (i.e., format hard drives, partitions, external drives, etc…) and then encrypt hard drives and the likes.

Using encryption technology supposes to be helping computer users to secure their data, but it seems companies such as Passware do have ways around the encryption technology after all.  Nonetheless, since we now know encryption software are vulnerable, we can at least understand that relying on encryption software alone to protect our most precious data might not be enough.  This way we only have ourselves to blame and be angry at when we’re not actually going to the extend to protect our precious data beyond the deploying of encryption software.

To the best of my knowledge, I think most software that are designed to break encryptions (i.e., encrypted data) need to have access to the physical machines before such software can actually decrypt the data.  I wonder will this be the case for Passware’s claim too.  If it’s, then as how it has always been so; computer users best protect their precious data by physically secure their machines better.  This way, hackers have to jump more than one hoop to actually attain your precious data.

In the end, I think security is at best when wise computer users go to the extend in deploying whatever that is necessary to protect their computer data, that’s if such computer data are that important to some folks.  For now, let hope Apple, TrueCrypt, and Microsoft can soon come up with better encryption software so computer users know they can rely on encryption technology to protect their data better.  Let hope Passware isn’t claiming to have the ability to decrypt data from the cloud also, because such a scenario might be horrible for people who rely on encryptions to protect their data in the cloud.  So far, I don’t think this is possible yet.

Source:

Combining Local Virtualization And Remote Cloud Together Can Truly Help Everyday People Prevent Data Loss

Oh, crap!! [DSCF8022]

Image by portfolium via Flickr

Not the best data redundancy solutions of all, but if you follow my data redundancy solutions here, I think your data are going to be very resilient against data loss.  The idea is to have more than one backup of everything.  Emphasizing on data redundancy is the key.  This is well known for businesses, but here I’m pointing this out to everyday people who happen to have some personal data they want to protect for a long time to come.  So let us begin.

You need to create a personal file server and remote cloud.  Personal file server has become easy to create nowadays.  What you need is the right solution.  I used to love Pogoplug, but I noticed how Pogoplug required your local data to be trafficked through its network from remote locations from time to time, this would not be a good idea for slow Internet connection or data security.

In our specific case, we want a personal backup file server solution to help boost our data redundancy, and we don’t really have to have our file servers to stay up 24/7 as how businesses do.  With this in mind, we can just use a virtual machine as a webDAV or rsync or FTP server.  We can then clone our main virtual machine.  We’re going to store our important backup data onto the main and clone virtual machines.  We can place the clone virtual machines onto different external hard drives so we can access our clone virtual machines as easy as how we can access our main virtual machine.  Each time we have new backup data, we have to sync or copy the new backup data onto the main and clone virtual machines.  Even if our main virtual machine goes bad, we can rely on our clone virtual machines to recover our backup data.

For security purpose, our backup data must be encrypted.  Nonetheless, you don’t really have to encrypt your external hard drives since such a process would take too long, but I recommend you to encrypt one big backup partition within the main virtual machine once.  To encrypt one big partition for backup data we can use Truecrypt.  Using Truecrypt to encrypt one big backup partition within our main virtual machine once can speed the encryption process up tremendously, and yet the backup data can still be super secure.  We don’t have to create newly encrypted backup partitions for clone virtual machines since we are going to clone our main virtual machine anyway.  We only clone our main virtual machine right after we have completely saved our backup data onto the encrypted backup partition (i.e., using Truecrypt to encrypt data) within our main virtual machine.

To go about creating a main virtual machine, you can use VirtualBox or Parallels or VMware.  I recommend VirtualBox since it’s free and as capable as the paid products.  Next, you have to know which operating system you want to use for your main virtual machine.  I recommend you use an operating system you know best so you can set up a webDAV or FTP as fast as you can.  For the people who care about the planning process more and want to learn something new at the same time, I recommend Ubuntu as the operating system for the main virtual machine.  Why?  Ubuntu and any other Linux distribution can allow you to rsync backup files easily, and so by using Ubuntu or any other Linux distribution you get not just the webDAV and FTP capabilities, you also get the rsync capability.

The obvious next step is to set up the file servers for our main virtual machine so we can backup our important data onto it.  If you want to have a lot of choices, you can set up both webDAV and FTP servers for your main virtual machine.  If you want only one choice, I recommend you to set up webDAV.  webDAV is better since it allows you to map network drives to your webDAV folders.  This way, you can just copy, paste, drag, and drop the files and folders from local hard drives onto the network drives.

Ubuntu comes ready with rsync capability, and so you can just use rsync to sync your backup data from your desktop or laptop to the main virtual machine. Rsync will sync only new backup data, and so it can update your backup partition faster than otherwise.  You can also use rsync to delete old backup data from the backup partition, this way you will be able to keep the backup partition of your main virtual machine identical to the backup structure of your desktop or laptop and the clone virtual machines.

The obvious last step for the creation of personal file server solution is to clone the main virtual machine.  I think Parallels and VMware and VirtualBox all have their own special method to allow you to clone a virtual machine.  After having clone the main virtual machine more than once, you can then place the clone virtual machines onto separate external hard drives.  Each time you backup the new backup data, you have to fire up the main and the clone virtual machines to do so.  The good thing is that you don’t have to fire up all virtual machines at once, because you can always fire up the main virtual machine first and each subsequent clone virtual machines later.

By having proper local/personal backup file server solution, your backup data are now more resilient against data loss than before.  Still, local/personal backup file server solution is susceptible to fire, flood, power surge, hardware failures, and other unfortunate catastrophic events.  When such unfortunate events happen, your backup data will forever be lost.  This is why we must also backup our data to a remote cloud.

There are several remote cloud solutions you can look into, but most remote clouds require you to pay certain amount of monthly fee for a certain size of cloud storage space.  You can use free remote cloud solutions such as Skydrive, Ubuntu One, and Dropbox.  With that being said, sometimes it’s better to go with a premium cloud solutions since free cloud solutions usually come with limitations.  One good example of the limitations of using free cloud solutions is not enough cloud storage space.

Besides using remote cloud solutions through third parties, you can create your own remote cloud solution such as renting a web hosting server.  This requires you to be knowledgeable in securing your web hosting server.  After renting a web hosting server, you can turn it into a personal webDAV or FTP or rsync backup server.  This way it acts as if it’s your remote cloud, but it will be a private remote cloud.  With that being said, some web hosting companies will not allow you to use their web hosting servers as remote file servers or remote cloud solution.  This is why you need to read up on their terms of use before implementing this solution, OK?

Of course, don’t forget to encrypt your backup data using Truecrypt when you have to backup your data to a remote file server or cloud.  Encrypting data is much more important when you are actually sending your backup data out to a remote file server or cloud, because you don’t actually have a complete control over the security of the remote file server or cloud.  We’re talking about the whole enchilada here.  Ideally, the physical location of the file or cloud servers has to be secure from unauthorized access; the file or cloud servers have to be secure with firewall, antivirus and antimalware software, and so on; physical preventive measures and means to prevent hardware failures and so on; the list can go on pretty much.

Another thing to make sure is that your remote file or cloud servers have to be able to churn 24/7.  It’s important for you to be able to reach your backup data at any time, remotely.  You never know what will happen to your backup data if you cannot reach the file or cloud servers that host the backup data, right?

In summary, it costs some money to protect data.  Even if you’re just protecting some private data, it is still going to cost you some money such as buying external hard drives.  For everyday people like us, we might not even need the remote file or cloud solution.  Still, if people who are paranoid enough about protecting their backup data, then I think these people need to deploy a remote file or cloud solution.  It’s smart to go about using virtualization to deploy local backup file server solution since the virtual machines can be cloned easily and stored on external hard drives for data redundancy purpose.

Even The FBI, CIA, And NSA Admit That Full Disk Encryption Is Hard To Crack

Category:WikiProject Cryptography participants

Image via Wikipedia

According to Extremetech’s article “Full disk encryption is too good, says US intelligence agency,” a study with a title “The growing impact of full disk encryption on digital forensics” suggests that CSI teams from intelligence agencies (e.g., FBI, CIA, NSA) are facing many difficulties in gathering evidences against criminals who use full disk encryption to lock out incriminatory data.  So, when the elite federal intelligence agencies within the United States think that full disk encryption is making their jobs too hard, then everybody should know full disk encryption can protect data appropriately against most hackers.  Just don’t let the hackers social engineering you to give out the password to unlock the encrypted data, OK?

Surprisingly, full disk encryption can be done so easily, but I doubt that many good citizens are willing to do so.  Sure, full disk encryption can take a very long time if the disk is huge, but by being patience enough to wait out for the encryption process to finish can actually pay off in the end in regarding to safeguard one’s data.  TrueCrypt is the best free software known to date which allows users to truly encrypting disks and files easily.  TrueCrypt is compatible to Mac, Windows, and Linux.  Besides TrueCrypt, Windows 7 Ultimate and Enterprise editions have full disk encryption known as BitLocker Drive Encryption; Mac OS X Lion has FileVault 2; and Linux has various free software to do full disk encryption.  So, it’s clearly that one can do a full disk encryption on any computer platform easily.

Nowadays, web services and businesses encourage customers and computer users to store data online (i.e., inside cloud networks).  As more people store their data online, it’s obvious that such data should be encrypted.  Online data can be stored in network structure known as cloud network.  Cloud network is like a farm of servers that work tightly together to store and compute data with ease.  Since cloud network provides a central hub to store data, and so it’s enormously attractive to hackers.  Hackers love to go after cloud networks; once they break through the cloud networks’ security measures, one fell swoop can reward the hackers with enormous amount of data.  What if the majority of information that store in any cloud network aren’t that valuable, does this mean hackers are wasting their time?  Not really, because stealing few important data from a cloud network might still yield more booties than targeting small banks of data one at a time.  So cloud network users, you all should encrypt your data before uploading such data to the cloud.

In summary, the bad guys love to use full disk encryption for protecting their illegal activities, and so the good guys too should take note and do the same to protect their valuable information from hackers.  Of course, the difference between the two is that the good guys are willing to give the authorities their passwords to unlock encrypted data when such requests are made.  Just make sure not to do the same for the hackers, OK?  It’s not hard to encrypt one’s data since there are too many freely downloaded free tools that allow full disk encryption.  A perfect example of a very good free tool which allows full disk encryption is TrueCrypt.

Source:  http://www.extremetech.com/computing/105931-full-disk-encryption-is-too-good-says-us-intelligence-agency