Monday, April 23, 2007

I have trying to develop a way to make the encryption of sensitive documents as seamless and effortless as possible for non-techie people.

There are brilliant applications available for people to use and they are very easy to set-up.

The problem is that secure volumes and folders are set-up as separate areas for the storage of sensitive documents, with the result that either they are not used or some sensitive documents are left out.

The solution is to make the secure volume the default area for these individuals to store all of their data and for most windows users, that means the My Documents folder.

I used Truecrypt to create the secure volume. It was setup using a meaningless file name in a non-descript folder on the C: drive. Normally, I would have used a separate physical disk for this volume but it was a laptop with only a single hard drive.

I then moved the My Documents folders for this user into the secure volume after pruning out some default save folders for iTunes and Google Video.

The trade-off for using the my Documents folder is that a lot of non-secure items will be saved to this location (Christmas lists, letters to family and friends) but it will also be the default folder to hold all of the sensitive items that need to be secured. The user does not need to make a decision whether or not the document being saved is needing encryption.

As long as the TrueCrypt password chosen is of a reasonable length and memorable, this fellow is safe from prying eyes for those items that need to be secured.

No comments: