encryption Archives - Page 2 of 2

What is Encryption and Do You Need It?

Office IT, Securityencryption, securityOphtek, LLC

Dec 2014

With more regulatory commissions requiring encryption and privacy being a hot topic, it’s important to understand what encryption is and whether you need it.

Encryption is nothing new; in fact, it was used thousands of years ago during the ancient times in Egypt, encryption was used to hide messages in the tombs of kings. It has been used time and time again by different civilizations, and was even applied through the Word Wars to keep messages hidden away from the enemy.

However, in most recent history from the 90s, encryption has been adapted to be used as a security measure on computers and over the internet.

Nowadays it has become ever so important for financial institutions, healthcare practices, legal, law and governmental offices to apply encryption into their systems. This allows them to secure their information, whilst remaining complaint with data protection standards.

What is Encryption?

A basic encryption implementation explained by Oracle.

As you may now understand from our examples listed above, encryption obscures information, away from prying eyes. More specifically, it does this by making data unreadable to outsiders. In technical terms, a mathematical formula is used to scramble the data, which appears as gobbledygook to anyone else reading it. Only the person who holds the key can, in a sense reverse the mathematical formula to unlock and read the data.

Why encrypt your data?

Data encryption ensures that you can deter hackers and lessen the effect of being a prime target of criminal activities, looking to intercept your data. Often the most valued data is your personal information. Just think of how many emails contain passwords to accounts, medical reports archived, interests displayed, and an insight into all of your personal activities.

With all this, a hacker can spear-phish you and later target you again, with the likelihood of succeeding. This will be done by simply using your details against you, without you even realizing it.

Therefore, it is extremely important to encrypt your information if you work anywhere that handles sensitive information, confidential emails, and if you travel with a notebook or similar device that uses the Internet.

Encrypting your hard drive

Hard drive encryption can help to protect your computer from unauthorized access, since a user needs a key in order to read it.

There are many programs that can help to encrypt your disk such as TrueCrypt, Bitlocker and RealCrypt.

To learn more about Hard disk encryption, please read our how-to article here.

Encrypting your email

An example of what an encrypted email looks like using PGP.

Email is used by just about every person who uses a computer, smart-phone, device and works at a business, or all of the above!

Did you know that your email can be intercepted and read by anyone who has access to the right tools?

A good tool to use is called PGP (Pretty Good Program), which can encrypt your email. In order for this to work, both sender and receiver need PGP installed. The sender will generate a random key, and once the encrypted message is sent and received, the recipient can unlock it with a key generated by their PGP plugin.

Encrypting your internet connection

How VPN works as explained by Private Internet Access.

As the name suggests, VPNs (virtual private networks) are a safe way to connect to a private network or to access the internet.

One good analogy is comparing a VPN connection to a walled tunnel, where outsiders would “hit a wall” along the tunnel, unable to infiltrate and access what goes through the tunnel. Whereas a usual Internet connection can be likened to your data travelling on a street and potentially be seen or accessed by outsiders. This is where the term “VPN tunnel connection” comes from. Within this tunnel, all of your data is encrypted. User can access a VPN by having a VPN client installed and accessing a login prompt that will securely authenticate them.

Some VPN clients worth considering are ProXPn, TorVpn, TorGuard, Private Internet Access and WiTopia.

There’s so much to consider with encryption. Just about everything can be a risk without it, so be sure to adopt this secure technology into your business practice to maximize your security.

If you need support and advice with your encryption needs to stay compliant, contact your local IT professionals.

How To Encrypt Your Hard Drive

Security, Softwareencryption, hard drive, security, WindowsOphtek, LLC

Jun 2014

Do you ever worry about someone getting a hold of the data on your computer after stealing it from you? With disk encryption, the information on your computer is unreadable without a key.

You may use encryption to protect specific directories or the entire hard drive. The latter is referred to as full disk encryption.

While there are many applications that perform full disk encryption, we recommend True Crypt. While some may lampoon this recommendation based on an announcement from its old source page, development of TrueCrypt has continued in Switzerland by a team committed not to compromise the software with legal limitations.

After downloading TrueCrypt from the new site, launch it normally if you have a disk burner, also known as a a CD/DVD-RW drive. The disk burner will be required in later parts of the installation. If you do not have a disk burner, there is a workaround that will still allow you to proceed with encryption even though the program does not normally allow it. For more on this workaround to allow to the program to launch without the disk burning requirement, consult the following article.

After you launch the program, click the System button at the top bar and select Encrypt System Partition/Drive.

For Type of System Encryption, select Normal. Click Next.

Unless you have a RAID driver or hidden partition at the end of your drive, Yes is the best option when you are presented with the Encryption of the Host Protected Area window.

When you are asked if it is OK for TrueCrypt to make changes to the hard drive, click Yes.

TrueCrypt will then see if there are any hidden sectors at the end of the drive. Click Next when it is finished.

Click Next again after selecting whether the computer has a single- boot or multi- boot configuration. If you are running only one version of Windows and no other operating systems, you will choose Single-boot.

For the Encryption Options, AES is usually a good choice. And full disk encryption only supports the RIPEMD-160 hash algorithm. Click Next.

Choose a password for encryption. Choose a strong password of at least 20 characters. Click Next.

In the next window, make random movements with your mouse for about a minute. TrueCrypt will collect data from these movements. Click Next.

When User Account Control asks if it is OK for TrueCrypt to make changes to the hard drive, select Yes.

Click Next after TrueCrypt generates the encryption keys.

TrueCrypt will then create the ISO image of the Rescue Disk that will be needed if something happens to your boot image. The ISO image will be created in your Documents folder.

TrueCrypt will next launch the Windows Disk Image Burner to write this image to a blank CD ROM. Because you will need this disk to access your computer if your boot image becomes corrupted, TrueCrypt will not let you get to the next step until you burn and verify the disk. Choose the correct drive to burn the image to, load the blank CD ROM, and click Burn.

TrueCrypt will verify the disk after burning it. After it has been verified, click Next.

The Wipe Mode allows you to choose how to wipe all traces of previous data that was unencrypted. Typically these were files deleted before this encryption was started. If there was nothing sensitive on this computer that was deleted, click Next.

Next click Test to allow TrueCrypt to make sure everything is working.

When TrueCrypt displays instructions telling you what to do when the system fails to reboot, it is advised that you print these out for reference. Then click OK. Click Yes to reboot your computer.

After the computer restarts, you will need to enter the encryption password.

If you enter it correctly, you will be able to log into Windows. After you log in, TrueCrypt will start up automatically. Click Encrypt to start the encryption. Print the instructions showing what to do if the process is disrupted and click OK. When User Account Control asks if you want to allow TrueCrypt to make changes to the hard disk, click Yes. During the encryption, you may do other things on your computer. The encryption should take a few hours.

You may pause and defer the completion of the encryption to a later time. But until it finishes, the information on your computer will not be fully secure. When encryption is complete, click Finish.

For more information, consult your local IT professionals.

Yahoo Messenger Becomes New Target for CryptoLocker

Security, Softwareantivirus, cryptolocker, cryptoprevent, encryption, malware, ransomware, security, virusOphtek, LLC

Feb 2014

A fairly new CryptoLocker malware has been spreading via Yahoo Messenger, and if you’re infected it may cost you a fortune to retrieve your own data.

Look Before You Jump, Steer Clear of YOURS.JPG.exe

The CryptoLocker ransomware has been wreaking havoc among many users, disguising itself as a file named ‘YOURS.JPG.exe’, the malware will encrypt important system files, and basically locking out rightful owners from their computers and documents.

To regain access, the ransomware—as the name suggests—will demand ransom money from its victims. In this particular case, the CryptoLocker ransomware demands $400 for a key which will supposedly unlock the encrypted files. Once the ransom process is initiated, the malware will set off a timer that will destroy the key within a given amount of time if the exploiters don’t receive their fund.

Main Target: Yahoo Messenger Users

If you’re using Yahoo Messenger at home and especially at work, please take the necessary precautions to prevent this form of exploitation from happening to you. Recently CrytpoLocker has been targeting Yahoo Messenger users in the form of image attachments. First, we suggest you install the latest version of CryptoPrevent to keep CryptoLocker from infecting your computers. It is also highly advisable that you keep your antivirus/antimalware software up-to-date, as this will also shield your computers from various online attacks.

For more tips and tricks on what you can do to prevent these types of intrusions and attacks, please don’t hesitate to contact our IT professionals.

« Previous 1 2

Tag Archives: encryption