Our networks generate numerous opportunities for cyber attack. We are constantly sending and receiving code using a variety of devices. If we could limit these movements to merely data we would mitigate the risk substantially.
Here are some tools that can help you protect your passwords, folders and private files.
KeePass Password Safe is a free, Open Source, lightweight, and easy-to-use password manager for Windows, Linux, Mac OS X, and Android mobile devices. With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way. KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to remember one single master password or select the key file to unlock the whole database. And the databases are encrypted using the best and most secure encryption algorithms currently known, AES and Twofish.
BitLocker (codenamed Cornerstone and formerly known as Secure Startup) is a full disk encryption feature included with select editions of Windows Vista and later. It is designed to protect data by providing encryption for entire volumes.
Windows BitLocker Drive Encryption is a new security feature that provides better data protection for your computer, by encrypting all data stored on the Windows operating system volume. (In this version of Windows, a volume consists of one or more partitions on one or more hard disks. BitLocker works with simple volumes, where one volume is one partition. A volume usually has a drive letter assigned, such as “C.”)
A Trusted Platform Module (TPM) is a microchip that is built into a computer. It is used to store cryptographic information, such as encryption keys. Information stored on the TPM can be more secure from external software attacks and physical theft.
BitLocker uses the TPM to help protect the Windows operating system and user data and helps to ensure that a computer is not tampered with, even if it is left unattended, lost, or stolen.
BitLocker can also be used without a TPM. To use BitLocker on a computer without a TPM, you must change the default behavior of the BitLocker setup wizard by using Group Policy, or configure BitLocker by using a script. When BitLocker is used without a TPM, the required encryption keys are stored on a USB flash drive that must be presented to unlock the data stored on a volume.
How does BitLocker Drive Encryption work?
Your data is protected by encrypting the entire Windows operating system volume.
If the computer is equipped with a compatible TPM, BitLocker uses the TPM to lock the encryption keys that protect the data. As a result, the keys cannot be accessed until the TPM has verified the state of the computer. Encrypting the entire volume protects all of the data, including the operating system itself, the Windows registry, temporary files, and the hibernation file. Because the keys needed to decrypt data remain locked by the TPM, an attacker cannot read the data just by removing your hard disk and installing it in another computer.
During the startup process, the TPM releases the key that unlocks the encrypted partition only after comparing a hash of important operating system configuration values with a snapshot taken earlier. This verifies the integrity of the Windows startup process. The key is not released if the TPM detects that your Windows installation has been tampered with.
By default, the BitLocker setup wizard is configured to work seamlessly with the TPM. An administrator can use Group Policy or a script to enable additional features and options.
For enhanced security, you can combine the use of a TPM with either a PIN entered by the user or a startup key stored on a USB flash drive.
On computers without a compatible TPM, BitLocker can provide encryption, but not the added security of locking keys with the TPM. In this case, the user is required to create a startup key that is stored on a USB flash drive.
Zip up and password protect your files. 7-Zip is a utility program to help you extract compressed files and create your own compressed files in several different formats. With these tools you can easily send large quantities of information or open compressed files you receive without hassle.
The main features of 7z format:
- Open architecture
- High compression ratio
- Strong AES-256 encryption
- Ability of using any compression, conversion or encryption method
- Supporting files with sizes up to 16000000000 GB
- Unicode file names
- Solid compressing
- Archive headers compressing