I will need to move a number of folders of data and info to my personal computer (from my work computer.) Multiple reasons (one of which is the work supplied laptop sucks.) But that’s beside the point.
To do this with approval, and our IT folks are a bit “behind the curve,” shall we say, I need to demonstrate to them that I can make these folders pretty well invisible on my PC until I am using them. As one of the IT heads stated, “If you took your notebook to Best Buy to have the MB repaired, they should not be able to see these files.” OK, I’d never take my notebook to Best Buy for repair work, but that’s the level that I have to demonstrate to them.
So what’s the best solution? I’d prefer something that was pretty easy to use in terms of me being able to access the files/folders when I need them, which would be probably at least once a day. But also something that, if my notebook were stolen in the airport, the folders would be invisible and thus not the target of some hacker trying to get into them (knowing that no protection is foolproof.) And since the company isn’t paying, cheaper = better.
Oh, also, an external drive is not a viable approach in this case.
Recommendations? Surely someone out there has a porn collection they’re hiding from their wife/husband/parents! ;) Or more to the point, someone out there has a need for securing confidential files on their PC.
Truecrypt is probably what you want. The files will always be encrypted on disk and have to be specifically mounted with the passphrase before you can access them, and can be stegonographically hidden inside other files.
The danger might be if, say, you put the laptop into sleep mode with the data still mounted and no return-from-sleep password, and then the thieves would still be able to access it until it’s turned off.
Edit: Also note the Security Precautions section of the documentation, for how to handle other things like the swap file (an app could potentially write data out to the swap file unprotected.)
Though I usually don’t bother with invisibility and just compress them with p7zip using the format with maximum encryption, which is so over-the-top that you pretty much need to be the American Government to even think about decrypting, at least based on on analyses I’ve read.
Definitely Truecrypt. It has everything you need, including the ability to create hidden volumes and such. I use it for a lot of things, but primarily for my USB key I carry around that has a lot of details in it, passwords and private info and such.
It’s easy to use, has a nice interface, and I’ve never seen it crash.
Wow, your IT people are behind the curve. They haven’t realized that they can expand their power, get more budget, have better data protection, and feel better about themselves by allowing ONLY company-owned laptops with hard drive encryption be used for VPN access and work.
Heh. I’m actually surprised by, well, a lot by the IT folks here. Very, very paranoid in terms of what they block, very lax in some ways, way too uptight in others. To be fair, very small department. Hardly enough people to be called a “department.” We may be the last technical company in the Western Hemisphere to not have wireless access (I have to use my Sprint Card in some conference rooms if I need to hook into the system for a meeting.)
TrueCrypt seems to do the job. The one thing that I’m a little puzzled by is the suggestion that you should turn off pagefiles while using it.
It’s for security paranoids – since Windows uses the pagefile as a sort of auxiliary RAM if things get really busy on your PC, the decrypted contents of your truecrypt-protected file could show up in the pagefile if someone goes snooping around in it.
If you want your super-sekrit data to be really protected, you’ll disable your pagefile completely, and make sure none of your apps write out any sensitive data to temp files at all.