CaptnAmerca

New Member
Hello,

Like many users, I came to this site as a total security novice. My notion of security was maybe paying for an anti-virus product, and let that do all the thinking for me. Thanks to the helpful people at MalwareTips, I feel like I've at least graduated to Advanced Novice. Seriously, this site is a gold mine of resources for people like me, and it's all thanks to the experts here, who have great patience and empathy for the average computer user looking for some advice. I feel like I have a good handle on controlling what comes into my system, but I am still worried about what goes out.

This leads me to the subject that I am completely clueless about: encryption.

I find myself doing a lot more online shopping and banking these days. Cloud storage is increasing in popularity. I can have the most secure system possible at home, but how can I be sure that once my data leaves my protection, that it stays private and secure?

- How does a user include encryption into their security setup?
- At what level is it necessary? At the file level? System level?
- How do I protect my uploaded files once they are sent to the "cloud" (i.e. someone else's computer)?
- Are there reliable, trustworthy encryption programs out there?
- How do you implement encryption into your security setup?


I'm sure there are more questions I could ask. I did a search on the topic, but it's such a broad subject that there are more hits than I could read through. I'm hoping this can serve as a starting point for MalwareTips newcomers.

Thanks.
 
I think full disk encryption is just needed if you work in a company handling important customer data, but not as a private person (surely there are exceptions). The most important point for me is cloud encryption. Here I can recommend programs like Boxcryptor (paid) or Cryptomator (free and open source).
 

CaptnAmerca

New Member
Thank you for the response.

I am looking at disk encryption as a "last line of defense". If all else fails, and someone gets through to view files, would encryption foil them?

Also, does a full disk encryption affect your home user experience? Meaning, if my files are encrypted, is there an extra step of "decryption" necessary if I want to access them? Does it happen in the background, or would I have to "unlock" every file before use?
 
If you encrypt your Windows system with BitLocker, VeraCrypt or something equivalent you have to put in a password every time you boot up your machine. Also this prevents your data only if your PC is stolen physically. If you get infected with malware they have full disk access because it's unlocked when you use it.
To protect your data when the PC is in use, you can try to encrypt your external drives (make sure to lock them if you don't want the data to be accessed) or better, unplug it (there's no way to hack this :)).
 

jamescv7

Level 61
Verified
Trusted
Encryption should use more on the business level environment where risk is at high stake, but optional/user preference to have on its own.

However you should aware that privacy through cloud contains numerous conditions regarding on encryption, so highly analyze very well although website like Mega which contains strong encryption method to protect the files on cloud.

Reliability where you should convince on the strong encryption algorithm that can took a very long time to crack it.
 

nevereveragain

New Member
I've never did a whole drive encryption, it seems too much job for me. Why don't you take a look at single file encryption softwares, that as I can see is enough in your case. Say Nordlocker, does exactly this. A folder that holds your files encrypted and secured with a password. When it comes to the cloud, you just encrypt them before uploading and they are completely protected (Dropbpox and other major providers accept encrypted file format). Im totally delighted that I've chosen and installed it on my computer, it secures my personal vacation photos, legal documents, invoices and other. So suggest you to take a glance, especially if you are new user as it easy understandable.
 

Umbra

Level 21
Verified
but how can I be sure that once my data leaves my protection, that it stays private and secure?
You can't and they won't unless using tools.

- How does a user include encryption into their security setup?
There is two cases to consider:
Local datas, basically everything you have on your computer and external datas, everything you store outside your computer (cloud backup services, etc...)

- At what level is it necessary? At the file level? System level?
a- File level: I place them in an encrypted vault (Veracrypt).
b- System level: i have Windows 10 Enterprise, so i use Bitlocker to encrypt my data partition. For Windows 10 Home users Veracrypt can encrypt your partition.

- How do I protect my uploaded files once they are sent to the "cloud" (i.e. someone else's computer)?
I use 3rd party tools to encrypt them (PGP4win) then upload them to my cloud service (Mega).
Alternatively, you can also zip them with 7-Zip, which allows you to encrypt your files with a strong algorithm.

- Are there reliable, trustworthy encryption programs out there?
Those i mentioned work flawlessly to me, even too well, in the past i even lost datas to them because i forgot my password LOL
I didn't hear any bypass or massive issues.