ComTech: IT Support Stirling
TwitterFacebookGoogle

Why encryption can be a double edged sword

Encryption is great. Once a laptop or PC is encrypted anyone who steals them can’t access your files by simply pulling out the hard drive and plugging it into a different system. Unless you know the password you are stumped. This is the main reason I tend to encrypt all my clients systems.


But there are some pretty big limitations when using encryption on a system which I have found over the years.  These observations are based on using Truecrypt and might be different with other products.

1. You can no longer access a system at boot.  You need to type the encryption password when the system starts and this can be a pain when you are remotely supporting a system. Unless there is someone physically on site you will not be able to gain access.

2. Forget doing a system restore on an encrypted volume on a Windows system.  I tested this one yesterday on my own systems as I need to restore a clients system to a point before the encryption was put on and this is something I have never needed to do.  I now have a nice shiny brick in the form of a laptop sitting on my desk.  I have also seen system restores that would not have affected the encryption that have still caused issues on Windows systems. You have been warned!!

3. When you come across a Windows system that will not boot you will have to decrypt the system first before you can do anything.  This can takes hours (have seen one laptop take 7 hours to decrypt a 160 GB hard drive before).

4. What happens when you don’t do backups and the hard drive fails? You can’t really call this a limitation of encryption but rather a failure on the part of the user or company to see the value of backups.  If your hard drive starts to fail and you can’t decrypt it in time you will lose all your files. I never implement encryption unless I am happy there is some form of backup strategy in place.

5. Finally what happens if you forget your encryption password? You lose access to all the files that have been encrypted, for ever.

If you weigh up the pro and cons of using encryption the advantages would usually still win. If you do implement encryption though be aware of the limitations.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to small businesses in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

 

 

Should you encrypt your laptop?

I had an interesting conversation last week with a potential new client regarding encryption.  He works away a lot and was wondering if there was anything that could be done to protect his data should he lose his laptop.  The answer was a big resounding YES. The yes is encryption.


To put it simply encryption scrambles the data on the hard drive making it unreadable. To read it you need the decryption key (password) which when entered allows a user to see everything.  At the moment most types of encryption are unbreakable so as long as you choose the right type you should be fine.

Sounds good but there are some drawbacks which you should know about.

1. Lose the decryption key (password) and you lose access to your data.

2. If you don’t do backups and your hard drive fails you will lose all your data.  I would never recommend encryption to a client if I wasn’t confident about their backup strategy.

3. There will be a slight loss in performance as everytime you enter your password the hard drive gets decrypted.

So which ones are best?

On a Windows system you are spoilt for choice.  On a Windows 7 system I would personally go with TrueCrypt as I have use this in the past and found it to be a fantastic piece of software.  On a Windows 8 system I would upgrade to Windows 8.1 and then use the inbuilt encryption software.  If you buy a Windows 8.1 system and log in with a Microsoft account then encryption is turned on by default so just make sure you do backups!!

On Mac OSX use FileVault2 which following the Apple way of doing things “just works” and on Linux I would again go with TrueCrypt (unless someone has any better suggestions?).

So the question remains should you use it?

If you are a mobile worker who is away from the office quite a bit then definitely yes.  Encryption will give you that added protection and piece of mind should your laptop go “walkies”.  Just remember to do backups and don’t forget your password.

If you work all day, every day from a desk in an office then encryption is probably not for you.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows, Mac and Linux based IT Support to both business and personal clients in Stirling, Alloa and Falkirk.

Follow @Comtech247 on Twitter

 

 

 

 

 

Why Windows 8.1 drive encryption is not necessarily a good thing


I had a client last week who was interested in encrypting a Windows 8 laptop.  His personal choice was Truecrypt but he had read online that TrueCrypt does not support Windows 8. As it was not something I had been asked to do yet I told him I would do some research and get back to him.  This is when I came across drive encryption on Windows 8.1.

Basically it seems that Windows 8.1 comes with drive encryption turned on by default. The only thing you need to do is sign in with a Microsoft account (email address) and the feature will run automatically and store your encryption key on Microsofts servers .  On the face of it this sounds like a good idea.  There is one big downside to this new feature though and that is data recovery.

If you have a failing hard drive that is encrypted it is very difficult to get the data off as you have to decrypt it first.  If your hard drive is failing you may not have the time to decrypt it before you can get the data off.  This is where your backups come in and that is the big problem.  Most home users and too many small businesses don’t do them!!

I know way too many home users and small businesses who don’t bother with backups so a hard drive failure with Windows 8.1 could be costly indeed.  Who would get the blame for this? Microsoft of course.  Microsoft would get the blame for turning the feature on by default which of course would be ludicrous.  People need to start taking responsibility for their own actions and back up their data.

I agree that encrypted hard drives are a massive bonus when implemented alongside a sound backup strategy but I don’t agree it should be turned on by default.

You can of course turn it off (but most people don’t know its on in the first place) and if you update from Windows 8 to Windows 8.1 you would have to turn it own.

So over to you guys. Backup your data or risk losing it.

About the Author

P1020114

Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling and Falkirk.

Follow @Comtech247 on Twitter

What is encryption?


Today I shall talk about encryption, what it is and the different types available on the market.

Encryption is basically taking a computer algorithm and applying it to a piece of data and making it unreadable to a third party. In essence the only person who can read that data is the person who has the key to decrypt it.  If you had data on your hard drive which was sensitive (e.g financial records etc) then you could encrypt it so no one else could read it.

What are the different types?

There are loads of different types of encryption and which one you use will depend on if you want t0 encrypt transmissions, databases or files / folders.  I am going to concentrate on files / folders because that is what most people will be looking for – making files unreadable to third parties.

This is where I shall introduce you to two of the most popular pieces of encryption software, TrueCrypt and Bit Locker both of which work on Windows.  Truecrypt is open source while Bit Locker is proprietary software from Microsoft.  Both can encrypt and decrypt a hard drive and both are virtually unbreakable (at time of print!!).  TrueCrypt is easy to set up and does not require repartitioning of your hard drive, whereas Bit Locker does.  Bit Locker requires a 1.5 Gb partition to be set up prior to installing the operating system.  If not you will have to repartition your hard drive and restore Windows from a backup.

So what are the advantages and disadvantages of encryption?

Advantages

1. Data is safe as no one else can read it without the decryption key.

2. Once set up it requires little or no user input.

Disadvantages

1. If you lose the encryption key you will not be able to read your data EVER.

2. Uses more system resources (ie CPU)

3. If Windows becomes corrupt and will not boot you have to decrypt your files before you can recover them which takes time (I recently had to decrypt a 160Gb hard drive encrypted using TrueCrypt which took 8 hours!! Only then could I recover the user files and restore the system)

Hopefully this has given you an insight into encryption and the advantages and disadvantages of using it.  Just remember don’t lose the key!!!

About the Author

P1020114

Hi I am Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients throughout Stirling, Falkirk and Clackmannanshire.

For a list of what I can offer you why not visit my website www.comtech247.net where you will find a list of my services, testimonials, blog and much more!!

 

CyberChimps
Follow

Get every new post delivered to your Inbox

Join other followers

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera
WP Like Button Plugin by Free WordPress Templates