How to create a data safe
Would you prefer that important data like information about yourself, account numbers, personal documents and the like are accessible all the time by anyone with access to your computer, or that the data is stored safely in a safe of sorts so that only authorized users can access it?
I would like to provide you with a guide that explains how you can create a data safe easily on your system that you can store all your important files in. It is comparable to a real safe that you may have in your apartment or hotel room that you use to place valuables in. It uses the same principle, only that it is more difficult to open.While you can place external drives in such a safe as well, you may prefer to use a data safe instead as it improves the overall usability quite a bit.Encryption is used to create storage areas on a connected drive, be it an internal hard drive, external drive or USB keys. While that may intimidate some users, it is actually not difficult to set up.
Here is what you need:
- True Crypt: A freeware tool that makes it possible to encrypt (parts of) storage devices like hard drives and usb sticks.
- Free space on an internal or external storage device.
That is all. Both can be easily obtained. If you do not have enough hard drive space you may want to consider buying an additional drive (external or internal), or an usb stick with one or two gigabytes of space.
You use True Crypt to create a container file - the data safe - on the selected device. You can alternatively encrypt the full device. The core difference between both options is that a container takes up limited space on the drive, say 2 Gigabyte of space, while fully encrypting a drive will encrypt all of it so that no files can be accessed on it anymore unless a password is supplied first.
Lets say you have installed True Crypt on your system and have a device ready that you want to use. You choose a password during the encryption process that is used to encrypt and decrypt the device. This password should consist of 20+ chars for security reasons. Whenever you want to access that device you will have to select a drive letter and enter the password to do so. Once you have entered the correct password the drive becomes accessible just like every other drive on your system.
- Open the True Crypt software.
- Select Volumes > Create new volume from the top menu.
- Make sure "Create an encrypted file container" is selected. If you prefer to encrypt the full hard drive, select "Encrypt a non-system partition/drive" instead. For this guide, I assume you have selected to create a container. The steps are nearly identical for encrypting drives.
- Select "Standard TrueCrypt volume" on the next page.
- Click on "Select File", browse to the drive that you want to create the container on and enter a file name. You are free to select any file name. I suggest you do not pick something too obvious as an attacker may stumble upon it by accident in this case.
- Select next on the next screen. You may change the encryption algorithm here but it is usually not necessary.
- Enter a size for the new container on the next page.
- You are now asked to enter the password that protects the container. Make sure it is secure.
- Select if you want to use a Fat or NTFS file system. Move the mouse around to create the random pool. Click format once you are finished.
- This formats only the space that you have selected, not the full disk.
- Congratulations, you have created a data safe on your computer.
To mount the container select "Select File", pick the container file you have selected, and click on mount afterwards in the main TrueCrypt window. You are now asked to enter the password that you have selected during creation.
There are nearly no slow downs when you work with data that is stored on encrpyted drives or encrypted containers.
- Remember to dismount the container or drive before you leave your work place or computer. Anyone can access it as long as it is mounted.
The possibilities are endless. You can for instance install all tools that save user data (like browser history, cache, email and the like) on the encrypted device. No one is able to access this data if the device is not mounted, which means spying on you becomes so much harder.Advertisement