How Does Individual File Encryption Work?
Techquickie
·Techquickie
·2017-05-06
·
863 words · ~4 min read
0:00
with all the things about our lives that we've laid bare on our hard drives many
0:06
of us have done a woefully bad job of
0:10
protecting the things that are for our eyes only I mean sure you can put a
0:16
password on your computer but Windows
0:19
passwords are notoriously easy to get around and if you share a PC with family
0:24
members co-workers or roommates there is often very little to keep them from
0:30
rifling through your private files so
0:34
what's the security conscious user to do
0:38
there are actually Hardware level whole
0:41
Drive encryption Solutions but these are mostly designed to keep an attacker from
0:46
getting into your data when switching the computer on or from just physically
0:52
ripping out your drive and walking away with it once you log into the OS the
0:57
entire Drive is decrypted meaning that sharing a computer with
1:02
someone or just walking away from it while it's turned on becomes a big
1:06
security risk this is where the ability
1:10
to encrypt individual files and directories can really help and possibly
1:17
the most straightforward way to do this is with file system level
1:21
encryption on Windows this takes the form of a baked in technology uncreative
1:28
called encrypting file system system or EFS which works with NTFS the main file
1:35
system used by modern Windows versions for the desktop here's how it works EFS
1:41
allows you to encrypt a file or directory simply by checking a box on
1:46
its properties window once you click okay it uses standard public key
1:51
cryptography which you can learn more about here to encrypt the file or folder
1:56
with a generated key called an FK this
1:59
key itself then is encrypted as well with a public key unique to that
2:04
particular user and finally the encrypted FK is stored in the files
2:09
header when the user wants to go back and access it later it's decrypted with
2:15
the user's private key and this is all done seamlessly and transparently so you
2:20
won't be continuously prompted for keys or passwords as long as you're logged in
2:25
under the account the encryption is tied to the nice thing about this Paradigm as
2:31
opposed to whole Drive encryption is that it's much more difficult for other
2:36
users logged in under their own accounts to Peak at your files but before you go
2:43
rushing off to encrypt all the embarrassing stuff you've filled your
2:47
drive with over the years remember that EFS does not obviate the need for a
2:53
strong Windows account password a weak password not only makes it easier for an
2:58
attacker to log into your account account but it also weakens the
3:01
encryption on the files themselves as the cryptographic keys that Windows
3:07
generates to do the actual encrypting are based on your password so make sure
3:13
you pick a strong password as we discussed in this video but if you don't
3:18
feel like having all your data available after login is secure enough and you
3:23
want another layer that asks for some kind of verification when you try to
3:28
access a file or folder you might want to consider various third-party
3:32
encryption tools although these usually aren't as seamless or sexy as file
3:38
system level encryption they might provide you with a bit more peace of
3:42
mind as they aren't tied to your login and can offer more options such as
3:46
stronger encryption algorithms or the ability to create things like hidden
3:51
virtual drives to make it exceptionally difficult for snoops to uncover your
3:56
secrets But whichever method you choose to secure your individual files the most
4:01
robust solution is to combine it with hardware-based whole disk encryption to
4:06
frustrate multiple kinds of attacks after all think about the humiliation
4:10
you could suffer if someone found those sappy letters to your ex that you forgot
4:15
to delete additionally if you're looking to
4:20
take your sappy letters to your ex with you on the road how about an encrypted
4:25
USB flash drive to protect it from prying eyes the Kingston an encrypted
4:30
USB flash drive provides highlevel security with 256-bit AES hardware-based
4:36
encryption USB 3 support means you don't have to compromise on transfer speeds
4:41
for top-notch security and for additional peace of mind the drive locks
4:45
down and reformats itself after 10
4:49
intrusion attempts you can also upgrade your drive with built-in antivirus
4:53
protection and Remote Management features and if you're curious about the
4:57
other secure USB options that Kingston has has they have encrypted USB drives
5:01
for all levels of security from entry Lade entry Lade that's a mix between
5:06
level and grade entry level all the way up to government and military grade
5:10
construction and certification so check them out at the link in the video
5:14
description so thanks for watching guys like dislike check out our other
5:18
channels comment with video suggestions and
5:24
subscribe subscribe dance let's do a new dance move can you do something else
5:30
that is a new dance move no youve been doing that for I have not