Encryption
Types of encryption
Before the invention of the Internet, little was known by the public about encryption. Now, with services like, banking, healthcare and shopping all available online, awareness about encryption, and the use of encryption software has grown.
Encryption makes data private, but not necessarily secure. To be secure, the recipient of the data must be identified as the approved party. This is usually accomplished online by using digital signatures or certificates.
There are many types of encryption, but not all are reliable. Types of encryption now in use include:
Web browser and email encryption
Web browsers (like Internet Explorer and Firefox) automatically encrypt data when they connect to a secure server – this is identified by an address beginning with https. The server decrypts the data when it arrives, but as the information travels between computers the data is scrambled into a non-readable format.
Encryption programmes can be used to encrypt emails. The oldest of these is a military-grade program called 'Pretty Good Privacy', which allows users to encrypt email messages, personal files and folders.
Hard drive encryption
An entire hard drive can also be encrypted – some people choose to keep financial programs or other sensitive data on encrypted drives. There are three methods for encrypting data on a hard drive:
Complete encryption of the hard drive, encryption of a designated area or encryption of individual files and folders
This is the easiest method, as you simply load the encryption software, set it up as required with the necessary passwords and use it. There are some restrictions with this method, though - for example, once the machine has been booted anyone can access the encrypted data.
Restrict encryption to user- or operator-designated files and folders
This method is built into the Windows 2000 and Windows XP packages.
Create a dedicated encrypted ‘virtual’ drive that contains only encrypted data
Such virtual drives (also known as containers) are relatively easy to back up, and in the process retain the encryption - that way the data remains secure.
Once a hard drive is encrypted it has to be mounted using a decryption key so that it can be used and read normally. To re-encrypt the data the drive is ‘dismounted’, after which it is once again unreadable by interlopers, Trojan horses, spyware or un-authorised viewers.
Operating system protection
Microsoft plan to launch integral security features that provide considerable off-line data and operating system protection for computers.
The Vista package will have seven product editions, of these Vista Enterprise and Vista Ultimate will provide BitLocker Drive Encryption. BitLocker ensures that data is not revealed if a computer is tampered with when the installed operating system is offline. It uses a Trusted Platform Module (TPM) to provide enhanced protection for data.
