INLS 187 Information Security

Software Review

Thursday, September 22, 2004

 

MS Windows Data Encryption

 

 

The protection of sensitive data is becoming more important in the world that we live in. Thus Microsoft has made data encryption available within the Windows 2000 and Server as well as Windows XP which rides on the same kernel as Windows 2000. This option was not available within Windows 98, revealing the fact that they are becoming more advanced. This availability shows that the value of the right to secure our data is more widespread.

 

I feel that this is a very useful tool when you are using machines in an open and closed environment. One would want to be very careful when using this feature because use without proper knowledge of the results is unwise. Through research during a installation of Microsoft Windows 2000 on a Dell x86 Family 6 Model 5 Stepping 1 Computer, I discovered that in order to be able to enforce the option of using Encryption you must select NTFS as your security choice as opposed to option FAT while partitioning your hard drive. If NTFS is not chosen you cannot use this feature.

 

 

 Only the files and folders that belong to you should be encrypted, so researching completely must be done.   The way to find out how to go about the encryption process of files and folders in Microsoft Windows is to click-on the Start menu and go to “Help and Support”. Once the screen comes up giving you the option to search, type “encryption” into the search menu. I received fifteen results when I searched with Windows XP.  Through my search I discovered an array of features within the encryption feature.   The most popular in my opinion is the operation within the C: drive of My Computer. First you right click on almost any file in the C: drive within the My Computer icon then scroll down to properties option, you can observe that the number of things that can be encrypted in Windows are vast. For example, my documents within the documents and settings folder in the C: drive, leads to all types of personal files on the desktop. Let’s go into Documents and Settings, from there choose My Documents and  right-click.  Scroll down to properties, click and select the Advanced button.  After this, you can look down in the last option window at the bottom of the display panel where it gives you the choice to pick “Compress contents” or “Encrypt”. Choose “Encrypt and secure data contents”, click “Apply” and then OK to activate. When you close this box and then open to observe your file options you will be able to identify the encrypted file by its highlighting in a greenish glow verifying change.   

 

Other features of encryption exist within one: the configuration of dial up modems and last on drives within your server that you  would want protected from  hackers who steal valuable information for all kinds of purposes and also to simply destroy your organization as well as damage your personal interests. The downside to encryption of certain entities in Windows is that it slows down the overall functions of the machine and or network. Encryption of the wrong things can have serious negative effects and if you lose the password for your encryption it could be costly to have the administrator unlock the process.  This is also an interesting prospect; Windows provides a built in data recovery by requiring its users to adhere to a policy that must be put into place before you can encrypt files. Most importantly, for a stand alone personal machine one must back up files in a safe place for emergency in case of system failure or lockout.

 

 

Another way to protect yourself after encryption is to add a data recovery for your local computer: -- a simple task. Click Start then Run then write in “mmc /a” and choose OK. Click Add and Remove and then choose Add, and when you see the Group Policy under snap-in click Add. This is just a brief overview of a few types of encryption and my argument for encryption in the environment of Microsoft Windows 2000 and Windows XP.