Wednesday, June 20, 2007

Open Source Desktop Encryption Solutions

Let me throw out a couple of scenarios:

1.) You get a call from a user who needs a data extract of "XYZ" data. You run the extract, export the data to a spreadsheet and send the data back to the requester.

2.) You have 10 databases you work in, all with different passwords.

Consider these questions:
In scenario 1, what if the extract had some sensitive information in it? Where is that extract, in your local temporary folder? Is that temp folder under your profile (probably not) and who has access to it? What if it is sitting in your local temp folder and your laptop grows legs...

In scenario 2, do you remember all of you passwords or do you store you passwords in text docs locally, in a wiki, post-it note on your desk, etc. to make it easier to access the userid/ passwords?

TrueCrypt: This software allows you to create a encrypted partition in a file (yes, a file) on your harddisk that you can mount as a volume in the OS. Save anything you want to it.This is perfect for using as a temp directory. Provides a solution for scenario 1. If your laptop does take up jogging, the file is a bunch of gibberish without the passphrase.

KeePass: This software fixes the problem presented in scenario 2. The software basically keeps an encrypted database of your any userid/passwords you want to store. Add as many as you want. You only need to remember the single, encrypted passphrase to access the database.

Both of these products are available on multiple platforms. I can only vouch for the effectiveness on Windows XP.

Just to have one less thing to remember, save your KeePass database inside of your TrueCrypt partition.

No comments: