I constantly push to implement a solid backup plan for clients. Some opt to get their data off-site, which is always a smart thing to do. You can’t ever have too much backup. Only thing is–there’s no easy way to get a 30 gig Exchange database off-site regularly over a WAN connection… unless you use an external disk. For this, I carry my trusty Seagate, but what if it fails? What if it were lost or stolen? Huge amounts of private information could be exposed. NOT good. We need security.
I copy these super sensitive files to an encrypted volume on my external disk. I created this volume with TrueCrypt, a free encryption utility that runs on Windows, Linux, and Mac OS X.
There are a few ways to go about encrypting a removable volume. (Before we begin, make sure you’ve downloaded and setup TrueCrypt.)
Part 1: Create an encrypted container on a flash drive
This works pretty good on flash drives, though a few caveats exist. First of all, Windows XP & Vista don’t support multiple partitions on removable drives. Because of this, we must create a container file that resides on one partition.
Note: Some flash drive manufacturers (such as Lexar) have created utilites that allow you to set the removable media bit, effectively fooling windows into thinking the flash drive is a real hard drive. Unless you know of a way to do this on your flash drive, a container file is the way to go.
Part 2: Create an encrypted volume on an external disk
Notice how we’ve previously created one large encrypted partition, and one smaller unencrypted partition. This can be done within the Disk Management subset of Computer Management (when right-clicking My Computer > Manage). The traveler files will live on this smaller partition.
Any type of TrueCrypt volume will secure your data with very strong encryption (using a password of at least 20 characters). Attempting to break this would bring the best cryptographers and supercomputers to certain resignation. This is real government-grade security (and certainly good enough for 007).