Document Actions
Tools
Information Security Tools and Tips |
 |
Specialized software tools are frequently useful when privacy and security is required on a computing device. For example, ensuring that Sensitive Information is not left in a recoverable state on a notebook computer used for field research is an important consideration of many regulations and is standard best practice.
"Sensitive" is the key word in more information than is commonly thought. Sensitive Information includes but is not limited to information such as medical/health, grades, financial, social security number or other information of a personal nature; confidential or proprietary research data and other information that would not be routinely published for unrestricted public access.
Tool and Tip Topics:
Secure File Deletion and Erasure from Hard Drives and Removable Media
Secure Storage of Sensitive Information
E-Mail: Secure and Encrypted
[Back to top]
University Secure and Encrypted E-Mail
The University uses "Post X" e-mail encryption to allow for secure sending
and receipt of e-mail. More information on this tool including how to configure
and use it is located at the following web site:
https://docushare.louisville.edu/dscgi/ds.py/View/Collection-2189
Secure File Deletion and Erasure from Hard
Drives and Removable Media
[Back to top]
Caution: Do not use any of these tools without thoroughly understanding their operation. It is possible to accidentally and permanently delete needed data, up to and including everything on all of the hard drives in a computer! If you have any questions check with your Tier One or other technical support before doing anything.
DBAN hard drive wiper for PCs
Software to use on any hard drive in a "PC compatible" computer to completely
remove all data. Use this software before surplusing or transferring a
computer to another area. Available on the UofL IT Software Resales "Free
software" site (requires valid UofL ID and password to log-in). Go to
http://softwareresales.louisville.edu/
Heidi Eraser - Secure file eraser for Windows PCs
Software to use on any "PC compatible" computer to eradicate individual files.
Use this software to remove sensitive data from a PC that will remain
in service. Allows you to target files that should be eradicated. This
is free (they would like a donation) software available for download from
the company's web site. Go to
http://www.heidi.ie/eraser/
Permanent Eraser - Secure file eraser for MAC OS X 10.1 and
later
MAC OS 10.3 natively provides support for the permanent deletion of files
with the Secure Empty Trash feature, but for those who have earlier versions
of Mac OS X, Permanent Eraser is the answer to ensure that your files have
been securely removed. Use this software to remove sensitive data from
a MAC that will remain in service. This is free software available from
the company's web site. Go to:
http://www.edenwaith.com/products/permanent%20eraser/
MAC OS X Disk Utility to securely delete entire hard
drive
To permanently delete entire hard drive: According to Security Now podcast,
"If you boot to the OS X installation disk, you can run Disk Utility from
the menu bar and securely erase the whole hard drive with seven- or 35-pass
secure deletion." See
http://www.grc.com/sn/SN-130.htm
(Thanks to Jay Barbee).
Secure Storage of Sensitive
Information
[Back to top]
When saving sensitive information it pays to carefully consider where this information is stored:
-
Safest: One of the most reliable and safe places is on the University's Enterprise Novell servers. Using these servers minimizes the chance of data being lost, stolen or misplaced. Additional benefits include enterprise class data servers and facilities which encompass back-up and recovery of data, a highly secure climate controlled data center with fire suppression, electric power conditioning and power generating equipment along with many other features that are costly to duplicate.
Your "H" drive space is reserved for your use only. Your "I" drive space is access controlled and can be set-up based on department, workgroups or other teams of individuals who have a legitimate need to access the information stored in an "I" drive folder. Never store any sensitive information in the "I" drive "Scratch" folder!
MacIntosh OS X Users and Novell Server Access: Software available from Prosoft Engineering allows OS X users to seamlessly connect to Novell resources including the "H" drive and the "I" drive. This software is being used successfully within the University. Check this link for more information: NetWare Client for Mac OS X
-
Can be Safe: If you must store sensitive information on a locally available device (such as a workstation or laptop), recent versions of both Windows and MacIntosh operating systems already have good file encryption capabilities (see below). Some PDAs, cell phones and other highly portable devices also have encryption capabilities. Always use encryption capabilities if you must store sensitive information on these devices.
-
Unsafe: Workstations, notebook computers, PDAs, cell phones and other portable computing devices, removable media (CDs, DVDs, memory sticks, etc.) are not safe for sensitive data unless you are able to encrypt the sensitive data files stored on them. If unencrypted, sensitive data should not be stored on these devices.
Before using any type of server for sensitive information storage or processing (web server, file server, etc.) regardless of whether the server is a department, school or university server, make sure you understand the ways the files can be accessed, the file security (which affects who can read the files on the server) and the access controls in place to help manage access to the files.
Caution: Do not use any of these tools without thoroughly understanding their operation. It is possible to accidentally and permanently lose access to needed data, up to and including everything on all of the hard drives in a computer! If you have any questions check with your Tier One or other technical support before doing anything.
Windows XP, Windows 2000 and MacIntosh OS X File Encryption
Recent versions of Windows and MacIntosh OS X have built in support for file encryption. Always use this encryption when storing sensitive data on your workstation or laptop/notebook computer:
Microsoft has the following overall article available:
223316 Best Practices for Encrypting File System
Windows XP - Microsoft has the following articles available:
Encrypting File System in Windows XP and Windows Server 2003
307877 How To Encrypt a File in Windows XP
308989 How To Encrypt a Folder
308991 How To Share Access to an Encrypted File
308993 How To Remove File Encryption
Windows 2000 - Microsoft has the following articles available:
Implementing the Encrypting File System in Windows 2000
222054 Encrypting Files in Windows 2000
MacIntosh OS X - Apple has the following article available
Home
About Us
Index A-to-Z
Find People
Contact Us