Vassar Technology Today |Do you have a plan to secure sensitive data?

Matthew Leung Managing Editor

Windows and Mac provide quick and easy interfaces for creating data. Hitting the “save” button in an application like Microsoft Word creates digital data that can be manipulated and retrieved later. But neither platform provides ways to manage and organize the data you’ve created. There are many different data types, including user, application, system, and history data, and each type can contain sensitive personal information that should be safeguarded. If the user does not implement a structured method of data management, then data on a computer is scattered haphazardly throughout the hard drive, and private data becomes difficult to contain and protect.

It is important to know what time-sensitive data is created and where it is saved. When an operating system records a user’s actions (I call the records of these systems “history data”), the recorded data are specific to the user and should be private. This is an especially big issue for public computers. The files you have accessed and their names are recorded as part of a user history. Therefore, it is never a good idea to put information you don’t want the public to see into a filename. While encryption always protects the content of a file, it usually does not protect the filename.

Besides history data, the other major source of private data is that which is intentionally created by the user, such as a personal documents. Having the personal and history data saved on the hard drive of a computer will not effectively keep them private because it is difficult to permanently erase data on a hard drive. This usually involves replacing the original data (also called overwriting) at least seven times, usually with random 1s and 0s, to prevent data recovery via ordinary means. But doing this even once is extremely difficult, as hard drives are large and data is often spread in multiple places. Removing all the data would be like trying to remove all of your traces after committing a crime—wiping off every piece of hair and every fingerprint, seven times.

The best approach to securing sensitive data is to keep it from being written onto the hard drive in the first place. This entails using an alternate storage media such as flash memory. Most flash memory drives are inexpensive, and are small enough to fit on a keychain or in your pocket. One major advantage with flash memory, such as secure digital or compact flash (which Personal Digital Assistants [PDAs] and digital cameras use), is that data only need to be overwritten once to prevent recovery. By isolating sensitive data onto flash memory, you can easily encrypt the entire memory. Since the size of flash memory is relatively small (one or two gigabytes, compared to a hard drive that might be 100 or 200 gigabytes), data written to the flash memory is less likely to be scattered, so overwriting a file or the entire memory is much easier and quicker.

Diverting private data onto flash memory is as easy as saving directly from an application like Word. For Web browsing, a new free application released recently called Torpark (torpark.nfshost.com/download.html), a Firefox-based browser created by a group of human rights advocates and computer experts called Hacktivismo, enables the user to run the browser from a USB flash memory and establish an encrypted connection to the Internet.

As for encrypting personal files, a utility known as Superstorm Pro (thegreatpuzzle. com/stormpro.php) can even hide a password-protected file inside another file. Lexar’s USB TouchGuard flash drive (lexar.com/jumpdrive/jd_touchguard.html) also encrypts content on the drive, which you can decrypt by placing your finger on its built-in fingerprint reader.

Proper data management to protect sensitive information does not require complex theories or procedures. It should not require a Facebook newsfeed to alert us that every time we save data to a hard disk and every time we sit down at a public computer in order to browse the Web or work on a document, we are dispersing private information that is almost impossible to keep track of, contain, and erase.