shadow_tr
image of lock and binary code symbolizing encryption

Encrypting Your Digital Identity


Posted: 10/10/2013

The prevalence of digital devices, social media, web based services, and the digital cloud have culminated in the existence of a strong digital identity that correlates to a given modern day individual. As the average person interfaces with these technologies through their computer, data moves back and forth through a network connection to share, collaborate, and communicate. However, for something to be viewed, submitted, or shared, it first has to exist, if ever so briefly, on your computer. With the right tools, someone with even temporary access to your device can harvest a great deal of information you'd not likely share. The password to your operating system does not protect information when a hard drive is removed and attached to another computer.

What is Full Disk Encryption?
While there are many things to consider when maintaining your digital privacy, this article's focus is Full Disk Encryption. Many people associate encryption with communication via the Internet, but it can applied in many different ways. Full Disk Encryption is used to encode the physical hard drive of a computer with a cipher that only those with the proper credentials, such as a password, can unlock. An encrypted computer functions normally with no visible change to the user, and data leaving the system will not be encrypted. The important moment is when data is 'at rest.' A removed, but encrypted, hard drive will no longer be visible to a computer that does not have the ability to unlock the encryption.

Securedoc
The encryption product Securedoc was introduced to the Tulane Medical Campus in 2011 as our method of ensuring the safety of HIPAA and HITECH data, which is federally protected, in the event of a lost or stolen device. It is important to note that our product has the added benefit of providing an audit trail, which is very important in a worst case scenario. Having been used to successfully encrypt hundreds of laptops, it was introduced to the uptown campus in 2012 to ensure the safety of FERPA data.

Encryption Can Be Used By Anyone
While federally protected data is an obvious priority, encryption can be used by anyone, and may even be freely accessible to you. Personal Apple computers running OSX have a technology called Filevault 2 that can be turned on in the System Preferences. Windows has an application called Bitlocker in the Ultimate and Enterprise editions, but there are free open source solutions as well. Make sure to store your recovery key somewhere safe in the event that there is a hardware failure, and always back up your most important data somewhere you trust.

Questions? Email us at encryption@tulane.edu.

Author: Paul Sieberth is an Encryption Analyst provides Digital Forensic Services as a member of Tulane's Information Security Office.

Technology Services, Tulane University, New Orleans, LA 70118 -- TSNOC: 1-866-276-1428 -- help@tulane.edu