An interesting fact about notebook computers is that they’re called notebooks instead of laptops because the term laptop implies that you can use it on your lap, blocking the ventilation ports and causing the unit to overheat. The industry initiated the switch to the term notebook several years ago not because of a change in size so much as a change in usage patterns. More and more people were buying these notebooks and more and more notebooks were getting faster and hotter. My roommate, my girlfriend and I were watching TV the other night and I noticed that there were four notebooks for the three of us. I’ve seen many people lean back in a recliner using a notebook perched on their laps, thinking to myself that the heat was probably bad on the notebooks and bad on the people.
In any case, as the notebook becomes more prevalent as a part of pop culture and less a rare business expense to be treated like a prized possession, we need to consider the security ramifications in a business context. Now my personal notebook has nothing on it about which I would be concerned should it be stolen or misplaced. Everything is backed up using Carbonite, and while the contents are immensely valuable to me, they probably wouldn’t be very valuable to someone else.
My business notebook, however, is a different story. While I try to make sure that everything is stored on our servers, sometimes important files are copied to it while I’m working on them, and I don’t always do the best job of making sure those files are moved back when I’m finished. I know for certain that I work with others who are even less careful about storing important documents on their notebooks. Enter TrueCrypt.
TrueCrypt allows for several types of encryption to be used several different ways. The encryption algorithms provided are AES-256, Serpent and Twofish. All that you need to know is that AES, or Rijndael, is government-level encryption that won’t be broken any time soon.
TrueCrypt allows you to create an encrypted volume, which is essentially a large, single file that can be mounted as a drive. You access the drive like a USB key or another hard drive on your computer, copying files to and from it or working directly on files stored there. When you try to mount the volume, you’re prompted for your password. If it’s correct, the new drive appears.
Another encryption option offered by TrueCrypt, and in my mind the much more important and valuable option, is full drive encryption. With this option, you can completely encrypt an entire drive such as your USB key, an external hard drive, or – most importantly – your main hard drive on your computer.
Full system drive encryption requires you to enter your password on boot. TrueCrypt prefers passwords greater than 20 characters in length, so you can rest assured knowing that nobody will be able to brute-force your password any time soon. If your computer is lost or stolen, you know that nobody will be able to get to any of the information stored on the computer.
The next logical question relates to how TrueCrypt works without slowing down the computer’s normal function. Because TrueCrypt completely encrypts every byte in every sector of your hard drive, Windows and any other file utility can’t read it. If you enter the correct password, TrueCrypt loads its special driver into memory that is allegedly faster (PDF) than the stock Windows drivers.
The first thing I do when I prep a new notebook is load TrueCrypt and enable full disk encryption. It’s very careful, forcing you to burn a recovery CD and allowing you to pause and resume the encryption process at your discretion, so it’s very easy to use without fear of messing up your computer.
There are many more options and features offered by TrueCrypt. The best encryption is open encryption, which means that if you keep something secure by making it a secret, as soon as that secret gets out nothing is secure anymore. The beauty of TrueCrypt is that everything about it is open source, meaning that anyone can verify that it works and works well to protect everything in every situation. It’s great for notebooks, but should also be installed on desktops and severs that may contain sensitive data. Entering a password on boot is a small price to pay for piece of mind.
TrueCrypt is free and open source and it works on Windows, Mac and Linux. It makes your computer faster, it makes you feel safer and should be an integral part of your business practice to ensure that if your notebook or desktop computer does fall into the wrong hands it won’t be anything other than a paperweight.