Dear Lifehacker, I’ve read a number of articles recently about encryption and keeping my personal data safe. I can see the need for protecting financial information, but what other info do I really need to be concerned about? Things like my photo album, music collection and video library (which by far take up the majority of my hard disk space) don’t seem like the things that need to be encrypted so much as just backed up — so full disk encryption seems a bit like overkill. Right? Signed, Unsure About Security
It’s great that you’re thinking about protecting your files considering there are all kinds of snoops out there (from big government to identity thieves). You’re right, though — you don’t need to protect every single file you store or send (especially the MP3s). Financial records are the obvious types of information you should protect, but there are many other kinds of files you should encrypt as well. Encrypting these files will make sure that even if someone gets through your firewall, or if your laptop is stolen and your password guessed, your data will still be protected. (Once you’ve decided which files to password-protect, encrypting them is easy using open-source TrueCrypt, 7-Zip or Mac’s built-in Disk Utility. You can encrypt your email with PGP.)
Basically there are two kinds of sensitive data you should encrypt: personally identifiable information and confidential business information/intellectual property.
Personally Identifiable Information (PII)
Personally Identifiable Information or PII is any kind of information that can uniquely identify you, such as your tax file number, driver’s licence number or full name. Because thieves can easily steal your identity if they gain access to your PII, it’s really important you protect all of the documents you have that contain this information.
You should also add these to your encryption container:
- Bank account statements, credit card statements, tax records
- Medical records like private health insurance and medical payments
- Work performance reviews
- Educational records, thesis
That may sound like a lot, but when you think about it, all of this data boils down to your vital information (health, education, work, finances) — easily organised into folders that you can encrypt. So in addition to your financial statements and tax folders, also encrypt your folders with basic life information (health, education, work) or however you organise them.
It may go without saying, but you should also have any security-related things already encrypted: passwords and PINs, for example (it’s easiest if you have them all stored in a password manager).
Encrypt Confidential Business Information/Intellectual Property
If you keep any files on your computer that are work related, you may need to encrypt those as well — especially any that contain individual customer information. (As a former tech director who worked in the field of consumer marketing, I know that protecting personal customer information is paramount.) If you work in an industry like banking or health care, you’ll also be subject to regulatory standards for protecting consumer information.
Business information or “secrets”/intellectual property may need to be protected too — financial reports, legal docs, patents, product releases, research and development data and so on. It’s often said that when laptops get stolen it’s not the hardware that’s most valuable to thieves, it’s the information on it.
Two Tests for Whether You Should Encrypt Or Not
Here are two questions you can ask about any file you’re considering encrypting:
- If the file was on paper instead of in digital form, would you shred the paper before throwing it out?
- If this information was leaked or posted to the interwebs tomorrow, could there be terrible repercussions or could someone do something malicious with it?
Keep in mind, too, that you should safeguard all the media and places where these sensitive or confidential files may be found: your backup files, for example, email PSTs, a portable drive you use for backup, your smartphone.
All of this said, you probably have much more data that’s not sensitive and doesn’t require cryptography. Protect the ones that do, and you can rest easy. And if you want a faster, easier solution, a full disk encryption is a good idea — especially on laptops that can get easily lost; the full disk encryption will protect all your data and ensure no one can break into your Windows computer or your Mac. You can enable full disk encryption using File Vault on the Mac, BitLocker in Windows, or TrueCrypt.
Got your own question you want to put to Lifehacker? Send it using our contact tab on the right.