Todays computers contain a multitude of data. Data provided by the computer manufacturers, downloaded from the internet and data supplied by you the user. All this data hanging about on our hard drives leaves us wide open to data theft.

Data thieves have to work hard to get information from corporate servers in most business centers. But almost all home pc’s (yes even macs) are wide open for them to access. Most people that are online do not even know what a firewall is or how to set it up to protect their data. Security knowledge is our best friend to help protect our sensitive data.

Example:

A friend of mine worked for an accounting firm here in Iowa. She needed a computer for her school work, so this firm gave her a “broken" computer with Windows XP installed. She called me up and asked if I could look into fixing it and how much it would cost.

She brought this machine to me. At first I could not get the machine to boot either. At first I suspected the motherboard, which would indicate that the repairs would be too costly to be worth the effort. So I decided to test the machine with BartPE which is a version of XP that runs off of a cd. My intent was to test the hardware on the machine to see what the problem actually was.

After booting the machine with BartPE I determined that the hardware was fine and the it was just a couple of bad sectors on the hard drive that was keeping it from booting. I ran a program to correct this issue and the machine booted.

Good news for my friend, bad news for the accounting firm. On the machine were several hundred client social security numbers, customer credit card numbers, thousands of MP3’s and several tax forms for many customers dating back to 2001.

Luckily for them I was the one doing the repairs on this machine and not some hacker. I carefully copied all of their data off onto a DVD and wiped the hard drive using a secure wiping program. I gave the data back to the thankful company. They were shocked when I told them what was all on the disks. They thought that because this machine would not start the data must be gone. Not so!

Warning to you who use computers (All of us here on this site). Just because you cannot get the computer to work does not mean that the data is gone! This firm told me that they almost threw this machine, hard drive and all, into the garbage. Anyone who would have found this machine could have easily recovered and sold this data to lord know who.

This brings me to the topic of this posting, security. Security is easily had in todays computer laden world. But most people don't use it because they don't understand it, or are afraid of losing their data.

The “security” that comes with your machine (PC or Mac) is junk. All of the standard security features of the machine in the example were enabled. Yet they did not protect the data because BartPE was not running the operating system on the hard drive. They never had a chance to even start!

"So what are we to do Allan?", you ask. Well I suggest keeping your data in an encrypted file separate from the machine if possible. Look your data over carefully, your most important things such as credit card, social security information and financial data are very small files and easily secured.

"But how do I encrypt the data?!" You shout to me. Well I use a free program called True Crypt. This is available from [link] Truecrypt.Org and has very detailed instructions for set up and use.

To use True Crypt you simply start the program and select the options to create an encrypted file, set the file size, ( I suggest 2GB) and the type of encryption you want to use. This allows for double encrypted files one encrypted inside the other. Using todays super computers the program creators calculate that it would take 1,000 years to figure out your password to the first file and then just as long for the second protected file. It is safe to assume that after 2000 years your data will no longer be sensitive.

A word of caution on passwords, don’t use common slogans or things such as your name or pet names! These are easily solved. I suggest using such things as a sentence from your favorite book or something only you know. Remember the longer the password the more secure the file is.

“But certainly I could use an off the shelf commercial encryption program.” You proclaim. While this is true, these programs have drawbacks to them. The main drawback to commercial security programs created inside the United States and many other countries are that they have back doors in them. A back door is a small program that can be run to allow the user who has lost their password, the government, or any hacker in the world access to your data. Also they cost money when compared to the above mentioned free program.

True Crypt has the advantage and disadvantage of no back door. This means that if you lose your password you are hosed. No getting back in to the program, no sending your drive off for recovery either. So be sure you know your password and test the file out for accessibility BEFORE you securely delete the original data.

That brings us to our last tip I have for you. Securely deleting data. If you delete a file in windows or other operating systems the computer simply marks the file in such a way that the computer knows it can overwrite the file if it needs the space. The big issue here is that your sensitive data is still on the drive. It has not gone anywhere and most hackers or wanna be thieves can access it easily. Get your hands on a secure file deletion program and use it.

A good one I recommend is from Jetico and is called BCWipe. It is free to try and cheap to register. Once installed you simply right click on the file you wish to delete, select secure wipe and it will securely overwrite the file using a DOD approved seven pass technology. It can also overwrite free space on a drive after you remove your sensitive data and it makes it almost impossible for most hackers to recover your files. (They may be able to access it though if they have a scanning electron microscope) Get it from [link] Download.Com

Worried about temp files from your browser? Get Ccleaner from [link] Ccleaner.Com. It will delete your temporary files with your credit card numbers, paypal account information and other data you don't want laying about on your machine. Then run the free space wipe in BCWipe afterwards and you are protected.

Are these procedures fool proof, nothing is fool proof, but they are better than just having it on your drive where anyone in the world can access it.

If you have questions comment or send me a note and I will try to answer the ones I can.

Also as a side note I do not work for any of the above companies. I am only suggesting them as I know they work and they have been around for a long time and keep on getting better.

To read more about computer security google file security on your computer, or (gasp) read a book.