|Professional Services||Second Signal||Presentations||Andrew's Blog||Support|
If you have customer data, medical data, or anything confidential on your drive and you travel -- you owe it to everyone who counts on your security to encrypt your local data. Sure, your Notes databases can be easily encrypted but what about the rest of the stuff on your drive?
Truecrypt - http://www.truecrypt.org/ -- is free, open source, and very powerful. Spend a few minutes on their site reading through the documentation and you can start to see just how paranoid some people are about their data. Truecrypt is designed to make the most ardent security fanatic satisfied. That means it has some pretty wild options. One of my favorites is the ability to hide even the fact that a secure operating environment exists on the machine. A decoy boot system is set up and unless you know something else is there, that's all you'll ever find. You can use the idea of a decoy another way too. You can set up an alternate password that boots to a decoy operating system. This means if you're being compelled to provide a password, you can give a working one that boots to a valid and functional operating system -- just not the one you care about. Tips are provided for keeping that decoy "fresh".
As rich and complex as Truecrypt is, its also easy enough that any end user should be able to install it and encrypt their local disk. The process walks you through creating a rescue disk and then starts. I chose the simple option of encrypting the entire windows partition. I may install a bootable Ubunto system as well and set that up as my decoy operating system -- but honestly I'm not really that interested in hiding the encryption. To me, the security I'm looking for is in case of theft or loss.
Here's a screenshot of Truecrypt converting my system drive even while I'm working.
Please wait while your document is saved.