Friday, 5 August 2016

How To Securely Store Data

Note : You require knowledge about file recovery to understand this article. In case, you have no knowledge about this, I highly recommend checking out my article on file recovery.

In one of my earlier posts I demonstrated File Recovery using Forensic Tools.
While File Recovery is possible if the file is deleted using Shift-Delete or even if the partition is formated.

This becomes a major security issue if your pendrive held confidential data earlier. Even quick format is not an option.

Using specialized tools forensic experts can manage to recover any data which was stored on pendrive or any other storage device, provided it is not overwritten. In case , it is overwritten the data could still be partially recovered. I had once recovered partially, a few images using Recuva. They don't look like the exact image but just the thumbnails can be pretty informative.


What Can You do?


In case you have to store confidential data here what you do:

 

Use Encrypted Files

Store your data in a zip. And encrypt it using AES. Make sure to hide the file list too. This approach is not practical. If the file often needs to be edited and stored back.

Use Encrypted Partitions

Encrypted Partitions, on the other hand work very well when files are to be repeatedly edited and saved. You can use TrueCrypt if you are not concerned with safety. TrueCrypt however has some security issues. If you are working on a Linux System I suggest you use LUKS partitions.

Configuring it can be a little tricky. But usage with modern file mangers is fairly simple. There is no need for manual mounting, the system just asks you for the passphrase and gets the job done. If you ever forget the passphrase ,God Help You.

If you stored Confidential Data on Unencrypted Drive!


Here is the first thing you must do

sudo shred --verbose --random-source=/dev/urandom --iterations=4 /dev/sdd2

Fire up this command to fill your partition(sdd2) with random data. Four iterations should be more than sufficient. Personally I would never bother trying file recovery on your drive if I know that you even ran 1 iteration.

It takes considerable amount of time to fill the drive with random garbage. So further increase in iterations would increase security infinitesimally, would reduce the life of your storage device and would increase the time. Thus, any increase in iteration is largely futile.


Image Source:https://pixabay.com/en/security-lock-padlock-locked-146536/

 

No comments:

Post a Comment