One of the best ways of keeping people out of your private accounts or preventing unauthorised local access to your personal information is by not letting them on your Desktop or Laptop in the first place, but how do you go about it?
It’s straightforward, you create a password!
Is that it?
Sort of, is the response I usually get. Of particular interest is one of the most common misconceptions. I like to call it "False Sense of Security": Colleagues who usually boast that their user profiles are impenetrable because they have 10-plus character long passwords. Then again, what happens if passwords fail you? Simple: Securing your data with VeraCrypt is a good starting point!
Simple Disk Encryption Solution
Keeping one’s personal information or data safe doesn’t have to be difficult as long as you keep the sensitive stuff encrypted and under your control.
VeraCrypt is an open source based disk encryption and decryption software that was developed to handle this. It runs on Windows, Mac OS X and Linux Operating Systems and is a descendant of TrueCrypt. Its developers claim to have addressed some of the issues that were raised during TrueCrypt’s initial security audit.
VeraCrypt Encryption Scope
Some of its features are entire drive or storage encryption, i.e Full Hard Drive, USB / External Drive encryption. With VeraCrypt one can also encrypt a partition or drive where Windows is installed and even create a hidden partition within another partition, let alone hide volumes on data discs.
It must be noted though that Windows 8 with UEFI or GPT is not supported. VeraCrypt is praised for being an on-the-fly encryption tool, as your files are only decrypted when they’re needed and they’re encrypted at best at all other times!
Basically, nobody can steal, read or edit your data on the encrypted volume without using the correct password or keyfile(s). The entire filesystem will be encrypted including file names, folder names, contents of every file, etc. That being said, and to reiterate, Passwords are not bad!
Vulnerabilities of non-encrypted Drives
The problem most users overlook is that they tend to forget that, in the event that one’s laptop is stolen, temporarily seized or taken away from them (for a considerably long period), the following can happen (assuming the Hard Drive or Partition with sensitive data is not encrypted using VeraCrypt):
- The Local password can be reset (using Password reset utilities) on the desktop or laptop, which enables unauthorized users to be able to login to your profile and access your sensitive data.
- The internal hard drive can be taken out and plugged into another machine as an example, and information on the drive can be copied across to or accessed from another machine.
The following can happen, assuming the Hard Drive or Partition with sensitive data is encrypted using VeraCrypt:
- In the event that the local password is reset on the desktop or laptop, the unauthorized user will not be able to access any sensitive data unless they know the password / have key file decryption key of the encrypted volume.
- In the event that they take the hard drive out they won't be able to access anything as the contents of the drive are encrypted rendering the drive useless from a data access perspective. Usually when the drive is plugged in, it shows up as an empty drive.
- If pre-boot authentication is in place, one will not even be able to get past boot up, which prevents unauthorised data access of the whole drive.
Recommended Extra Security Layer
That being said, some security concerns have been raised:
- VeraCrypt cannot secure your data in the event that your Desktop or laptop has been physically accessed by an attacker and the unauthorised attacker installs key logging capable software and VeraCrypt is used again by the user.
- VeraCrypt cannot secure your data in the event that the user has keylogging Malware running on their Desktop or Laptop.
Clearly in both scenarios the Keylogger captures the decryption password that can then be used to access your encrypted volumes or drives. I recommend the use of VeraCrypt with an Anti-Keylogger software to help in such situations, as an added layer of security.
Peace of mind when your machine is stolen
Talking from personal experience, at one point I was a victim of theft but all I can say is the Tsotsis got away with my two desktops but NOT my data as both PCs had full drive encryption. What I mean to say is, I was only worried about the useful data I lost as it had taken me years to collect it but NOT at all worried about my data being accessed.
VeraCrypt is a must have and useful tool if data confidentiality is top priority for you. Unfortunately and honestly speaking, laptop or desktop theft is inevitable and likely to happen to anyone at one point in their life.
If you want to have peace of mind from a Data Security perspective when your time is up, securing your data with VeraCrypt is the way to go. You will not be disappointed!