Businesses,
websites, and government agencies that store your personal data have a duty to
protect that data from hackers. Not that even the best practices and security
software can keep the hackers out—they always find a way in. But if the data is
properly encrypted, stealing it doesn't do the hacker much good. You can up
your security game by encrypting sensitive data on your own desktop and laptop
computers. We've rounded up a collection of products to help you with that
project. This isn't an exhaustive list, and we will update this story with
additional products in the future.
No Back Doors
When the FBI
needed information from the San Bernardino shooter's iPhone, they asked Apple
for a back door to get past the encryption. But no such back door existed, and
Apple refused to create one. The FBI had to hire hackers to get into the phone.
All of the
products in this roundup explicitly state that they have no back door, and
that's as it should be. It does mean that if you encrypt an essential document
and then forget the encryption password, you've lost it for good.
Two Main Approaches
Back in the
day, if you wanted to keep a document secret you could use a cipher to encrypt
it and then burn the original. Or you could lock it up in a safe. The two main
approaches in encryption utilities parallel these options.
Which is
better? It really depends on how you plan to use encryption. If you're not
sure, take advantage of the 30-day free trial offered by all of these products
to get a feel for the different options.
Secure Those Originals
After you
copy a file into secure storage, or create an encrypted version of it, you
absolutely need to wipe the unencrypted original. Just deleting it isn't
sufficient, even if you bypass the Recycle Bin, because the data still exists
on disk, and data recovery utilities can often get it back.
Overwriting
data before deletion is sufficient to balk software-based recovery tools.
Hardware-based forensic recovery works because the magnetic recording of data
on a hard drive isn't actually digital. It's more of a wave form. In simple
terms, the process involves nulling out the known data and reading around the
edges of what's left. If you really think someone (the feds?) might use this
technique to recover your incriminating files, you can set your secure deletion
tool to make more passes overwriting the data.
Encryption Algorithms
An
encryption algorithm is like a black box. Dump a document, image, or other file
into it, and you get back what seems like gibberish. Run that gibberish back
through the box, with the same password, and you get back the original.
If you're an
encryption expert, you may prefer another algorithm, Blowfish, perhaps, or the
Soviet government's GOST. For the average user, however, AES is just fine.
Public Key Cryptography and
Sharing
Passwords
are important, and you have to keep them secret, right? Well, not when you use
Public Key Infrastructure (PKI) cryptography.
With PKI,
you get two keys. One is public; you can share it with anyone, register it in a
key exchange, tattoo it on your forehead—whatever you like. The other is
private, and should be closely guarded. If I want to send you a secret
document, I simply encrypt it with your public key. When you receive it, your
private key decrypts it. Simple!
If you want
to share a file with someone and your encryption tool doesn't support PKI,
there are other options for sharing. Many products allow creation of a
self-decrypting executable file. You may also find that the recipient can use a
free, decryption-only tool.
What's the Best?
Right now
there are two Editors' Choice products in the consumer-accessible encryption
field. One is the easiest to use of the bunch, the other is the most secure.
AxCrypt
Premium has a sleek, modern look, and when its active you'll hardly notice it.
Files in its Secured Folders get encrypted automatically when you sign out, and
it's one of the few that support public key cryptography.
CertainSafe
Digital Safety Deposit Box goes through a multi-stage security handshake that
authenticates you to the site and authenticates the site to you. Your files are
encrypted, split into chunks, and tokenized. Then each chunk gets stored on a
different server. A hacker who breached one server would get nothing useful.
for more development and traing cum Webiste Development call +919568180808 or go to SPOKES TECHNOLOGIES
No comments:
Post a Comment