Sunday, 3 April 2011

A Data Vault

I want to make backups of my office files by copying them to my home PC, and as they may contain company confidential information, I don’t want others, not even family members, to be able to access them, and my home PC has only one user account. Do you have a solution?

Guess what: I do :)

If you’ve read other posts here, you'll know that I'm a fan of open-source software, and especially the professional kind that comes from SourceForge.

TrueCrypt is such a program, and it does exactly what you need.

I’ll show you how to create an ‘encrypted volume’ in a file container, and I’ll even tell you what that means:
  • An encrypted volume is a volume, like a disc drive (and that’s how you will be able to access it once it has been established) that is encrypted. In other words, its contents cannnot be revealed unless one knows the password to access it.
  • The ‘file container’ bit means that we will create this volume in a file. TrueCrypt can also encrypt entire discs or partitions, but if you don’t strictly need that, a file container can be more flexible an option as you can move it around, for instance. The file container will appear in Windows Explorer as one file which, after opening it with TrueCrypt, will then also appear as a disc (the encrypted volume) in the ‘Computer’ window of Windows Explorer, and which can then be used like any other disc by dragging or pasting or saving files onto it.

The easiest way to reach your goal (TrueCrypt can do much more, check the site out if you want to know what) goes like this:
  • Get an idea of how much space you need; add spare capacity that you foresee you will require in the future.
  • Download and install TrueCrypt, and run it.
  • From the ‘Volumes’ menu, click ‘Create New Volume’, which opens the TrueCrypt Volume Creation Wizard, where you do this:
    1. Select ‘Create an encrypted file container’, then click ‘Next’.
    2. Select ‘Standard TrueCrypt volume’, then click ‘Next’.
    3. Click ‘Select File’, navigate to the folder where you want the file container to sit, give it a name, and click ‘OK’ (below, I’ll assume you used C:\Users\myuser\Documents\MyTcVolume). Then, click 'Next'.
    4. On the ‘Encryption Options’ Window, click ‘Next’ again.
    5. Now choose the size you want your encrypted volume to have, and click ‘Next’.
    6. Type the password with which you want to protect your information, and type it again, then click ‘Next’.
    7. Choose the filesystem to be used for your new volume; if you don’t know what that is, I suggest to select ‘NTFS’. Then, as stated on the window, move your mouse pointer around in the window for a while. The longer and the more randomly you do this, the stronger the encryption will be. Click ‘Format’ when you’re ready.
    8. The file container is now being formatted. The bigger the size you picked, the longer this will take. A window will pop up to let you know when the formatting has completed and the volume has been created; click ‘OK’.
    9. Click ‘OK’.
    10. You’re back at the beginning of the wizard now; click ‘Next’ if you want to create another encrypted volume, or ‘Exit’ if you’re done.
  • You have now created a volume and you’ll want to use it. In the Truecrypt window, click ‘Select File’ and navigate to the file container you just created (e.g., C:\Users\myuser\Documents\MyTcVolume). Click its name, and click ‘Open’.
  • Now double-click one of the available drive letters you see in the TrueCrypt window – e.g. ‘Y:’. You are then prompted for a password, which is the password you specified when you created the volume. Enter it, and click ‘Ok’. Upon successfully opening the encrypted volume, you will now see ‘Y: C:\Users\myuser\Documents\MyTcVolume’. Double-click that line to open a Windows Explorer window for drive Y:, which is your encrypted volume. You will also see it in the ‘Computer’ window. Now you are able to use this like you would use any other disc.
  • When you’re done using your encrypted volume, click it once in the TrueCrypt window (e.g., the row with ‘Y: C:\Users\myuser\Documents\MyTcVolume’) and then click ‘Dismount’. Drive Y: will then no longer be accessible, until you re-open it with TrueCrypt. Notice that you can select any available drive letter you like; it doesn’t always have to be the same one.
  • If you want to carry your information with you, you can now copy file ‘C:\Users\myuser\Documents\MyTcVolume’ to a USB stick, without having to worry that anybody will be able to read the contents, should they be able to lay hands on the stick – unless they know the password. To use the contents, select and open the file with TrueCrypt and Bob’s your uncle.
  • Last but not least, have a look at ‘Preferences’ in TrueCrypt's ‘Settings’ menu, and change them if you like.
This seems to be a lot of text (and work) to cover your needs, but it’s not as bad as it looks:
  • Create a volume
  • Open it with TrueCrypt
  • Use it like any other disc
  • Dismount it when you’re done

No comments:

Post a Comment