The data that you create is one of the most valuable things on your network or computer. In fact, that data is the only reason to have a computer or a network in the first place. Although you can always install a OS or software applications, but once data is lost, it is irreplaceable. In fact, some data is confidential, so you won’t like to lose it under any circumstances, and you also don’t want others to view it without your authorization.
Exposure of your credit card details, social security number, and bank account information may also lead to identity theft. Mostly, company documents contain personal information about employees, trade secrets, and company’s financial records. If proper measures are taken, not even data dvd copying will be a potential problem. Therefore, data protection is necessary for saving all these details from prying eyes.
Let’s have a close look at ways to protect the important user data from unauthorized access or loss:
* Back up early and often-One of the best and most important steps for protecting your data is to back it on regular basis. So how often you should back up your data? Well, it depends on how much data is important for you. A day’s work, or a week’s work?
You can use built in backup utility in Windows (ntbackup.exe) for performing basic backup. You can also use Wizard Mode for simplifying the backup process. You can also use many third party backup software programs.
* Use file-level and share-level security-You can keep others off your crucial data by setting permissions on your data files and folders. For data protection on network, you can also set share permissions for controlling what users can or cannot access across the network. You can do this in Windows 2000/XP by clicking on Permissions button on Sharing folder on folder or file’s properties sheet. However, if you share your computer with others, you should set file level permissions (NTFS permissions).
* Password-protect your documents-Many applications such as MS office and Adobe Acrobat allow you to set document passwords. To open up the document, you will have to add password. However, this is not a foolproof data protection method and is prone to hacking. You can also use PKZip, and WinZip software for compressing and encryption documents.
* Use EFS encryption-Windows 2000, XP Pro, and Server 2003 support the EFS (Encrypting File System). For data protection, you can use built-in certificate based protection for protecting individual files and folders on your NTFS formatted partitions.
Also keep in mind that EFS is only for data protection on disk, and if you are sending EFS file across network, anybody can use sniffer for capturing your data packets snf can read data in files.
* Use disk encryption-By using third party software programs, you can easily encrypt all the data on your hard disk. This type of encryption locks the contents of your hard drive and is totally transparent to the user. Some programs can even create invisible containers inside the partition that may act like a hidden disk within the main disk. Other users may only be able to see the data on the “outer” disk.
* Make use of a public key infrastructure-It is a system for managing digital certificates and public/private key pairs. As they are issued by trusted third party, certificated based security is much stronger and offer good data protection.
* Hide data with steganography-You can also use steganography program for hiding your crucial data inside other data. For instance, you can hide text messages within MP3 music files or JPG graphic files. Steganography may not encrypt your messages, but can be used in conjugation with encryption software.
* Protect data in transit with IP security-Your crucial data can also be captured while it is traveling over the network using sniffer software. For data protection, especially when it is in transit, you can use IPsec (Internet Protocol Security). However, it is successful only when both sending and receiving systems support it. Windows 2000 and later OS come with built-in support for IPsec.
* Secure wireless transmissions-Data sent over wireless network is more susceptible to interception than data sent on Ethernet network because hackers don’t need physical access to the device and anybody with wireless enabled PC with high gain antenna can capture crucial data if it is not configured properly.
* Use rights management to retain control-If you want to send data to others but are worried about its security once it leaves your computer, you can use RMS (Windows Rights Management Service) for controlling what recipients can do with it. For instance, you can prevent recipients from making changes in the MS Word documents, or prevent them from forwarding email messages you send them. You can even set date and time for your documents to expire and they won’t be able to access them ever again!