logo

Center for Information Technology

Directories

contact us

search

home

 

 

 

 
Click to return to CIT home page

Encryption Tools

 

 

Data Encryption Tools

There are many, many data encryption tools available for downloading from the Internet. Many of the products available for free are quite good. Any that you purchase must be at your own expense. DO NOT use any product on a college-owned computer that would prohibit or inhibit the ability of CIT to effect repairs, as needed. In addition, BEWARE of using any product that encrypts your personal computer's entire hard drive (i.e., File Vault on a Mac). If you forget the login and master passwords, YOU WILL NOT BE ABLE TO RECOVER ANY OF YOUR DATA.

Below are the encryption tools recommended by CIT.

TrueCrypt *most recommended

TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. The entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc).. You can use it to encrypt an entire partition of your hard disk (including your system partition) or to create an encrypted container file which appears like a normal hard disk to Windows. You can then store and access your files on that virtual drive just like any other file. Since the program does not mark the encrypted container (or partition) in any way, there's no way to for any intruder to guess which file is your encrypted container. This program works under Windows Vista, XP, Mac OS X and Linux. A tutorial is provided on the TruCrypt website.

GPG: GNU Privacy Guard

GPG, a.k.a. GnuPG, is the GNU version of PGP (Pretty Good Privacy), a public key encryption system. GnuPG is the GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880. GnuPG allows you to encrypt and sign your data and communication, and features a versatile key management system as well as access modules for all kind of public key directories. GnuPG is a command line tool with features for easy integration with other applications. A wealth of front-end applications and libraries are available. Version 2 of GnuPG also provides support for S/MIME. Like all things GNU, it is free and can be freely distributed and modified.

File Vault (Information on this product can also be found on your Mac by going to Help and entering File Vault in the Search menu.)

Mac OS X includes FileVault, which allows you to encrypt the information in your home folder. FileVault creates a separate volume for your home folder and encrypts the contents of it. The data in your home folder is encoded and your information is secure if your computer is lost or stolen. FileVault uses the latest government-approved encryption standard, the Advanced Encryption Standard with 128-bit keys (AES-128).

When you turn on FileVault, you also set up a master password for the computer that you or an administrator can use if you forget your regular login password.

WARNING: If you turn on FileVault and then forget both your login password and your master password, you will not be able to log in to your computer and your data will be lost forever.

If you store sensitive information on your computer, you should consider using FileVault. For example, if you carry all your company's financial data on your portable computer, losing it could allow someone else access to sensitive data that might hurt your business. If you are logged out of your account when your portable is lost, and FileVault is turned on, your information is safe.

Because your home folder is encrypted, some tasks that normally access your home folder may be prevented. For example: backup utilities may see your home folder as one that's always changing, and this could slow down your backup. Also, if you're not logged into your computer, other users will not have access to shared folders in your home folder.

This program works under Macintosh OSX only.

If you need any assistance with data encryption, contact the CIT Help Desk at cit@oberlin.edu or x58197. Students may also visit the TSC (Technology Services Center) in the Mudd Academic Commons.

REMEMBER: COMPUTER SECURITY IS EVERYONE'S RESPONSIBILITY!

This page last updated: 27-Apr-2009  
line comments Directories search ochome