I recently wrote about the lessons I’d learned from losing my laptop computer, and the measures I’d taken to ensure my devices and data were protected going forwards.
I was lucky enough to have my laptop returned to me, but what would happen if you lost a mobile device such as a laptop, smartphone or tablet?
Yesterday I looked at tracking your lost device, but today I’m looking at protecting the most valuable part of any Laptop or another mobile device – your data.
In my case, I had a Windows 7 laptop protected with a strong password – but I know from experience that someone who is well motivated and has even basic IT knowledge could get past a password alone. So what other measures can you take to protect your data?
A really simple one, this – but one many people overlook.
If you’ve got a Mobile Phone or Smartphone, then turn on the SIM lock – a PIN number which needs to be entered when you first turn the ‘phone on or put your SIM into another device. This prevents your lost ‘phone being used to make outgoing calls and racking up a nasty bill for you, or your SIM being placed in a new device for the same purpose.
In addition to a SIM lock, or if you’re running a device without a SIM, turn on the device lock. Every Mobile Phone, Smartphone, MP3 player and Tablet should have this functionality – which ensures that any time your device is unlocked, you need to put in a PIN code to begin using it.
For Laptops and Netbooks, turning on the “Startup Password” or “Boot Password” uses a similar concept to a device lock. Before the Hard Disk boots, you need to type in a password to enable the process to begin. Typically these type of a password are harder to hack than a simple Windows login – but again, a well motivated and IT savvy individual could get around this with time and experience.
The concept of encryption is based on complex mathematics, yet simple to implement. Using software, the data you choose on your PC is scrambled using a specific encryption password of your choice. When you enter the correct password (usually at start-up) the data becomes readable. If you don’t have the password – then even if you try to circumvent any other security measures to get to the data on the device – the only information you’ll be able to read is gobbledegook.
In my case, I implemented the Open Source (and therefore free) TrueCrypt on both my netbook and laptop PC. TrueCrypt is freely available for Windows 7, Vista, XP, Apple Mac OSX and Linux.
Once you download and install the software, you can choose to either create an encrypted folder or folders on your PC (perhaps containing confidential data) or alternatively, an entire Partition on your Hard Drive or indeed the entire Hard Drive itself can be encrypted.
If you create an encrypted folder then each time you use your computer and before you access the files within that specific folder, TrueCrypt prompts you for your encryption password. Enter the password and the folder looks and behaves like any other folder – you can work with documents, add and delete files, etc. But if you don’t have the password to that folder then you can’t gain access to its contents – in fact, the folder actually just looks like a normal file that contains data that can’t be read using any method.
As I wanted to protect all of the data on my laptop (including the temporary files that Windows creates – such as Web-Browser history, downloads, etc.) I chose to encrypt both partitions on my Hard Disk, the first containing my Windows data, the second containing my personal data.
The process was simple. Within TrueCrypt I selected “Create a New Volume” and then selected the C: drive. After creating a strong encryption password, TrueCrypt prompted me to create a recovery CD – which could be used to recover the data on my Hard Disk should I ever forget my encryption password.
TrueCrypt then ran a test to ensure my laptop would be able to handle the encryption. Once the test ran successfully, the encryption process began – which for my 60GB SSD Hard Disk took about 90 minutes.
I repeated the process for my D: (data) drive, and around an hour later I rebooted my PC whereon I was prompted for my encryption password.
Windows 7 booted up, and I continued to use my computer as pre-encryption – albeit safe in the knowledge that if my laptop was ever lost or stolen, the data contained on it would be near impossible for anyone to read without my encryption password.
The only downside I found to the process is that restoring my laptop from Hibernation (Sleep) mode was a *lot* slower than it used to be. I’ve noticed no perceptible difference in speed in using the PC otherwise though, so a small price to pay for peace of mind.
End of Part One
So once you’ve made sure your device isn’t easily accessed, and the data contained on it isn’t able to be read by prying eyes – thoughts then turn to how you’d recover your data if you ever lost the mobile device that data is stored upon.
Tomorrow I’ll take a look at the methods I use to backup the data on both my PC’s and Smartphones. Read Part Two of this article here.