More info coming, we cover this topic in depth during DHAC training
Why not encrypt?
There exists countless options for data encryption, and cryptography itself is an amazingly complex topic. As we advance computers, seemingly strong passwords and encryption standards have grown weaker, and given enough time, many can be broken. I tend to encrypt things by default, on several levels, to achieve strong protection of my data. This helps me sleep better at night knowing that my machines and important information are kept safe, even if it should fall into the wrong hands.
To do this, I use the following strategy for my daily driver machines, these are easy to employ for the average end user.
1. Encrypt your Operating System during installation. From the get go when installing a new OS, I choose LUKS (Linux Unified Key Setup) to encrypt my hard drive. LUKS is recognized across nearly every Linux system and even others. Using LUKS means that each time you boot your machine, you will enter the password to unlock cryptsetup to access your hard drive content. Then you will enter the password for whichever user you want to login as on your machine. (If someone yoinks your hard drive, your standard username password does nothing to protect what’s on the drive, so having encryption is advised to prevent a thief from viewing your data)
2. Use VeraCrypt containers to store sensitive data.
3. For cloud based storage, try out Cryptomator, this is compatible with most cloud services.
A VeraCrypt example screenshot:
Cryptomator:
Learn how to create encrypted volumes using VeraCrypt here:
