We all have read some things about Snowden’s revealings and suddenly the world is realizing everybody can be checked out. This is nothing new, IT Security Experts have been saying for years that we weren’t really busy enough with security. But of course, we always wait until something comes out and then act surprised.
To become a bit more secure, I already mentioned the use of PGP in a previous post. The use of this simple to use tool makes e-mail a lot more secure. The next step is making your data more secure. To do this, you have a few options.
First of all, your computer is most secure when unplugged, but obviously this isn’t always an option. That’s why I advise to keep an USB key or USB disk with important data unplugged. Because these devices also tend to break now and then, always have a copy of that USB key or USB disk. This simple practice makes sure that even when your computer is compromised, the data simply isn’t always available to the compromising party.
When you want to travel with your laptop, make sure you have the right tools onboard for secure storage of the rest of your data. Use tools like Symantec Drive Encryption (used to be a PGP tool), Microsoft Bitlocker in Windows Enterprise or Ultimate or Truecrypt. The first two are paid packages, but the last one is open source and freely available for Windows (complete bootable encryption), MacOS X (just virtual disks) and Linux (also just virtual disks).
Problem with the last mentioned encryption tool is that there appears to be some unexpected behavior in the downloadable binaries. That’s why there is a project underway to Audit the binaries / source. This project is called “Is TrueCrypt Audited Yet?” and it wants to make sure we use safe and secure tools to encrypt our data. Needless to say, I just donated a fee to make sure they get their project underway.