| There are various types and methods of data | | | | directory are still there. Even if you were to delete |
| encryption. Some of the most popular forms of data | | | | them, there is a significant chance they can be |
| encryption include single file encryption, folder | | | | recovered using open source or very inexpensive |
| encryption, volume encryption, whole disk encryption, | | | | undelete or data recovery software. If someone |
| and of course email encryption.The Windows XP | | | | where to get hold of your computer, hard drive, or |
| operating system has the ability to perform file and | | | | gain remote access to your system somehow, there |
| folder encryption. There are 3rd party tools, like PGP | | | | is a significant chance the unencrypted original version |
| Desktop, which can perform whole disk, logical disk, | | | | of your document can be located. So what can you |
| file, and e-mail encryption.If you routinely deal with | | | | do to make sure that your encrypted version of |
| confidential or sensitive information, or if you are | | | | your file and data is the only version. There is not a |
| concerned about private information falling into | | | | clear or 100% secure answer to this question but I |
| someone else's hands, encryption may be the way | | | | will share with you how I deal with the issue.Changing |
| you want to go. However, there are a few things | | | | The Location Of Unencrypted Temp Files |
| you should be aware of so you don't have a false | | | | ---------------------------------------------------------- |
| sense of security.First, What Is Data Encryption | | | | The primary way applications like Microsoft Word |
| -------------------------------------------------- | | | | determine where to store temporary versions of |
| Throughout ancient and modern history people have | | | | your files is by looking at two user environment |
| come up with ways to mask, hide, and verify that | | | | variables. One called "tmp" and one called "temp". |
| information is secure or valid. For instance; the | | | | They can be accessed by right clicking on "my |
| ancient Babylonians in 4000 B.C. used something call | | | | computer", choose properties, then choose the |
| intaglio, a process in which images and writing were | | | | "advanced" tab and click "environment variables". Here |
| carved or etched into stone that identified certain | | | | you can edit or change the default location for |
| Babylonian merchants when they were trading. Each | | | | temporary files. One thing I have to point out is even |
| trader, or merchant, had a specific intaglio to make | | | | though a large number of software packages use |
| his mark, this way his customers would know that | | | | these locations for temporary storage, it will be hard |
| what they were purchasing belonged to, or was | | | | to determine if they all do or if they save temp files |
| produced by, a specific merchant. This is a bit | | | | in other locations. You will have to do a little |
| different then encryption, more like today's digital | | | | investigating to determine where various applications |
| signature, another process typically part of data | | | | store their temp files. On my system, I have |
| encryption.Encryption today is much more advanced | | | | changed these variables to point to an encrypted |
| and complex. It is used for everything from securing | | | | disk where I store my encrypted data and files. This |
| military secrets to keeping intellectual property | | | | way, I can be reasonably sure that temporary or |
| confidential. There are various forms of encryption | | | | working versions of the files are also |
| techniques, some stronger or more secure than | | | | encrypted.Encrypted Files May Not Stay Encrypted |
| others. In it's basic form, encryption can be thought | | | | When Copied or Moved |
| of as the masking, or the scrambling of original human | | | | ----------------------------------------------- |
| readable information. The person who is masking the | | | | Another thing you should be aware of is what |
| information must provide the person he is sending | | | | happens to encrypted files or folders when they are |
| the information to with some sort of key that allows | | | | copied or moved to another location. If a file or |
| them to unscramble the information so they can | | | | folder that has previously been encrypted is copied |
| make sense of it. For instance; I use encrypted e-mail | | | | or moved to another Windows NTFS partition or |
| messages so I can correspond with my customers | | | | volume, the encryption is preserved (under most |
| on a regular basis. I do this because during certain | | | | circumstances). However, if you move or copy the |
| types of projects my customers and I discuss | | | | encrypted data to volume or partition that is not |
| private information such as security holes discovered | | | | NTFS, the file is automatically decrypted. Also, just |
| during security assessments. This type of information | | | | because a file is encrypted on your hard disk it does |
| is obviously not something we would want to fall into | | | | not mean that this file will be encrypted when you |
| someone else's hands.Most Data Does Not Start Out | | | | e-mail it to someone. E-mail encryption is a totally |
| Encrypted So Be Careful | | | | different procedure. Also, keep in mind that |
| ---------------------------- | | | | encrypted files are decrypted when they are |
| The primary reason I am writing this article is to | | | | transmitted over a network connection.Make Sure |
| point out a couple specific issues with data | | | | Deleted Unencrypted Files Are Really Gone |
| encryption. During a recent discussion with a friend of | | | | --------------------------------------------------- |
| mine he told me that he was using Windows XP | | | | Because data that is deleted from disk may be |
| folder encryption to secure some of his confidential | | | | recoverable for quite some time, I use another |
| information. He asked me if I thought this was a | | | | procedure to limit or reduce the risk of this possibility. |
| secure method of storing important documents. My | | | | As I mentioned earlier, data that has been deleted |
| response was yes and no. The data encryption used | | | | can in many cases be easily recovered using off the |
| by Windows XP is relatively secure, but the issue is | | | | shelf software. In order to be reasonably sure |
| that the majority of the data that is now encrypted | | | | deleted data is not easily recoverable, you need to |
| in the folder did not start out that way.Let's take for | | | | write over that portion of the disk where the file and |
| example, a word document that contains your | | | | it's fragments were located. Actually, you most likely |
| personal financial information. You may have written | | | | need to do this multiple times just to be sure the |
| this document so you have a central location where | | | | data is unrecoverable. The PGP Desktop software I |
| account numbers, social security numbers, and other | | | | use to create encrypted file systems, send |
| private and individual identification information is easily | | | | encrypted e-mail, and create encrypted zip files also |
| retrievable. After you are finished writing the | | | | has a tool called "Wipe Free Space". This tool will |
| document, you then transferred it to your secure | | | | write random patterns of data to all space on a drive |
| encrypted folder. Since it is now in a secure folder, | | | | that is flagged as free. You can tell the software |
| only you are able to access it because only you | | | | how many times to perform this procedure but the |
| know the pass-phrase that was used to generate | | | | default it usually three passes. My primary system |
| the encryption key. For the most part, this | | | | performs this task every night. This way I can be |
| assumption is correct.While you were writing that | | | | reasonably sure the unencrypted versions of my |
| document, you probably hit the save button several | | | | encrypted files are not just sitting around waiting to |
| times. Or if you are like me, many times. I've lost | | | | be recovered.Conclusion |
| lengthy documents several times in the past and | | | | ---------- |
| have trained myself to hit the save button pretty | | | | If you are concerned about keeping important data |
| frequently. Every time you hit the save button, a | | | | confidential, file, folder, or disk encryption is a good |
| new temporary version of the file is created. This is | | | | solution. If configured properly you can be reasonably |
| typically saved in the c:documents and settings"profile | | | | sure that your private information will remain private. |
| name"local settingstemp directory. This is done for | | | | Just remember that most data does not start out |
| recovery and undue purposes. For instance, if you | | | | encrypted and that remnants of the original |
| make a mistake while writing the document and need | | | | information may still exist in an unencrypted state. |
| to undue your actions, one of these temp files may | | | | There are many options with regard to data |
| be used to undue the action. Also, if your system or | | | | encryption; Windows XP native file and folder |
| application crashed while writing the document, you | | | | encryption, open source encryption solutions, or |
| can recover it from the temp files stored in this | | | | commercial encryption solutions such as PGP (Pretty |
| directory. You may have had to go through this | | | | Good Privacy). Do some research up front to |
| before and it works very well.Now that you have | | | | determine which may be the best method for |
| finished your document and copied or moved it to | | | | you.You may reprint or publish this article free of |
| the secure folder, your document is secure, right? | | | | charge as long as the bylines are included. |
| Wrong. Chances are the temporary files in your temp | | | | |