One of the knocks against Google's online applications is that your personal data is stored unencrypted on the company's servers. For the many users of Google apps who are unconcerned about somebody snooping around their files, this won't matter. But those servers are no place to store sensitive personal or business information.
You can store your financial and other confidential information online for free by using a service such as Mozy or IDrive that encrypts the data on their servers, usually in a way that prevents the service's own employees from decrypting it. I looked at three services that include encrypted online storage along with other security services.
SpiderOak gives you up to 2GB of secure online storage for free but requires that you download a big client program, though you can access your data via a browser. The free storage offered by CryptoHeaven and SwissDisk top out at 50MB, but both of these services have more to offer, and SwissDisk doesn't even require a client download.
Free encrypted storage with room to spare
Secure online storage is only one of the features of the SpiderOak service, but the site's 2GB of encrypted-file capacity is difficult to ignore. You can also sync and share folders between multiple Windows, Mac, and Linux PCs. The service is designed primarily for backup but also lets you access your online files from any Internet-connected system.
SpiderOak claims to provide fault-tolerant servers to guard against data loss and also keeps old versions of your files to assist in recovery. The service uses a combination of 2048-byte RSA and 256-bit AES encryption. It also encrypts the keys you use to access the data so the company itself can't access your data.
The SpiderOak client program lets you view and access your online files.
(Credit: SpiderOak)The SpiderOak client program crashed when I attempted to transfer a single 1MB JPEG file. The software is a real throwback, and the reason I prefer an online service. In testing, I was prompted to download a 12MB update of the SpiderOak app. When I restarted, the program automatically updated the 257MB of data I had backed up previously.
It took more than an hour to transfer 257MB of data to the SpiderOak server. Subsequent syncs and single-file transfers went much quicker, but using the program feels like you're plodding through the settings and folder tree. If 2GB of storage space isn't enough, you can buy 100GB increments for $10 a month or $100 a year.
Secure more than files
Online file encryption is only one component of the security services CryptoHeaven offers a workgroup. You can also send and receive e-mail and IM securely by inviting people to communicate with you; for an added fee, the company will also host your domain to give your encrypted communications a personal touch.
The free service lets you store up to only 40MB, but that's expandable up to 50GB for prices starting at $7.99 a month or $66 a year for 200MB. Personal accounts come with up to five e-mail addresses, and business accounts offer up to 12 addresses.
Passwords are optional for the CryptoHeaven secure online file storage, e-mail, and IM service.
(Credit: CryptoHeaven)After you download the 8.4MB CryptoHeaven client program, the installation routine asks whether you want to password-protect the account and use a password hint. Business plans let you create and manage accounts, including assigning passphrases and setting permissions.
The company promises that no one can access your data but you via its "AES encryption with 256-bit symmetric key as well as public-key cryptography with 2048-4096-bit keys." Sounds secure enough for my needs.
The quick-and-easy approach to secure online storage
There's something to be said for the multifunction approaches taken by such security services as SpiderOak and CryptoHeaven. But there's a time and place for specialists as well. The SwissDisk service offers 50MB of secure online storage as a "gift" but charges from $3 a month for a Mobility service to $12 a month for a personal account that includes access to your data from Windows Explorer or Mac Finder.
After you sign up for your free account, you simply log in the SwissDisk site, browse to the files or folders you want to upload, and click Upload. My test 1MB JPEG file uploaded in about five seconds. You can download, delete, rename, or create a temporary URL for your online files. Simple and straightforward.
Storing files securely online couldn't be simpler than with the free SwissDisk service.
(Credit: SwissDisk)The only downside of the SwissDisk service is that you have to provide a telephone number and mailing address in addition to an e-mail address to sign up for a free account. Considering that the data and transmission lines are protected by 256-bit AES encryption and the SwissDisk servers "certified Hacker Safe," I'd say my files are safer online than they are on my own PC.
A reader named Eric found himself locked out of his Vista administrator accounts:
"Somehow, my account and my son's accounts were downgraded to standard user on his new computer using Vista Home 32-bit. I cannot seem to log in to make any changes to the accounts now. It prompts me to enter a password but no password box is available to type it in. How can I log in to change my account back to administrator?"
In a post last year, I described how to enable Vista's hidden administrator account and password-protect XP's default administrator account. Of course, this tip works only if you use it before you actually need it because it requires administrator privileges.
I found another approach described by Microsoft MVP Ronnie Vernon on the Soft32 forum. Here it is in a nutshell:
• Restart your PC and press F8 repeatedly before Windows loads to open Vista's Advanced Boot Options screen.
• Use the arrow keys to select Safe Mode and press Enter.
• On the low-res Windows Welcome screen, choose the Administrator account, which by default has no password.
• click Start > Control Panel > User Accounts and either change your standard account to an administrator one or create a new administrator account.
Choose Safe Mode on the Vista Advanced Boot Options menu to restore or create an administrator account.
(Credit: Bert Kinney)When you restart the machine normally, you'll have access to the administrator account you just restored or created. (Note that I wasn't able to verify this tip because I'm not willing to risk losing the administrator accounts on my Vista PC just to test it.)
Gmail encrypts transmissions, not messages
Another reader named Ian contacted me about some misinformation in a post from last month entitled "Five simple PC security tips":
"In this article, you refer to 'encrypting Gmail' where you urge people to turn on the https: feature when using Gmail. Technically, while any e-mail read/written is encrypted in transit between your browser and Gmail's server, the e-mail is nevertheless still stored in the clear.
"Perhaps you could clarify the wording somewhat so people might potentially avoid interpreting your remarks so as to conclude that their stored e-mail is somehow encrypted on Gmail's servers."
Right you are, Ian, which is why you want to think twice about storing confidential information on Google's servers or any other Web servers that don't support encryption. Google is reportedly considering changing Gmail to default to encrypted sign-ins, as explained by Brian Krebs on his security blog earlier this week.
This doesn't affect your stored messages, however, nor the files you share via Google Docs & Spreadsheets, nor any of your other personal data accessible through Google free services. That's the best reason I know not to keep any sensitive information in Gmail or any other Google app.
In a future post, I'll describe secure online services. You can bet none of them will have "Google" in their name.
The list of PC security products never ends. For every name that drops off, two more jump on. In fact, determining the best security hardware and software is a full-time job. Sometimes, you just want to throw up your hands and take your chances.
Maybe I'm just a cockeyed optimist, but I think you can stay safe without spending all your spare time doing research, installing updates, and generally becoming a PC-security expert. Here are five relatively easy ways to improve your security.
Use the firewall that's closest at hand
In the computer industry, the reputation of a product, service, or Web site is just about worthless. Yesterday's best firewall, ad blocker, spam buster, virus spotter, or spyware cleaner is today's bust.
Maybe the product got bought and the new owners aren't as conscientious about updates as the previous ones. Or the service's management team decides to go for profits and skimp on support, updates, and enhancements. There are lots of reasons why a good product goes sour, and the computer industry has seen nearly all of them.
So if you can't go by reputation, how do you choose a security product? One way is to go with the tools you've already got. Windows' security is roundly criticized, but the fact is, it's better than it used to be, and third-party security products have their own shortcomings.
Last February, I recommended that you use a third-party firewall rather than the one built into Windows. Six months earlier, I suggested that you pass on the third-party tools and stick with the Windows Firewall despite its shortcomings.
So which side of the fence am I on now? The simple side. The fact is, any third-party security tool complicates your setup. It's not difficult to find weaknesses in the Windows Firewall, but it's safe enough for most PC users, and it's much better than using no software firewall at all.
My previous post included links to information on Microsoft's TechNet site providing technical details of the Windows Firewall, tips for customizing the Windows Firewall, and help troubleshooting the firewall in XP and Vista.
Don't hesitate to try another free antivirus program
Just last week, I switched antivirus programs on my XP test system--for the umpteenth time. Something was slowing the system down, and after defragging the hard drive and doing other standard maintenance tasks, the machine's performance didn't improve as I expected it to.
Rather than go through a bunch of diagnostic tests, I simply uninstalled the system's antivirus tool and downloaded a competing package. The old and new programs were both free, and the switch didn't take much time to complete. The topper? The XP machine's performance perked up immediately.
Two antivirus programs that are free for home use and that are currently highly rated are Avast Home Edition and Avira AntiVir. You'll find a list of dozens of antivirus programs for Windows on this Download.com page.
Change your password...again
I hate those "your password will expire in x days" warnings as much as you do, but one of the simplest ways to protect yourself is by keeping your passwords fresh. Last year, I described the Ten Password Commandments, one of which was to devise a password-creation strategy that's all your own.
Just two months ago, I complained about the shortcomings of passwords as our primary security option, though I concluded that there's nothing better, for now. Lots of people swear by password managers such as RoboForm, but then you have yet another third-party app complicating matters.
For me, it's simpler just to devise a new password based on my unique, inimitable password-creation system, which I share with no one. No need to write it down, enter it in an online form, or encrypt it in a master-password file. Temporary amnesia, well, that's another matter.
For secure e-mail, use encryption
You would think that encrypting e-mail would be a breeze, but doing so is anything but. You and the recipient have to deal with digital certificates, public and private keys, and any number of other time-eating preparations and precautions.
The simplest way I know of to encrypt your e-mail is by using the Mozilla Foundation's Thunderbird with the Enigmail extension. Jason Thomas provides step-by-step instructions in this tutorial on the Lifehacker site.
Gmail users can secure their e-mail communications by enabling the service's built-in encryption. To do so, click the Settings button at the top-right of the main Gmail screen, scroll to the bottom of the General tab, select "Always use https," and click Save Changes.
Select "Always use https" under the General tab in Gmail's Settings to encrypt your messages.
(Credit: Google)
Keep your browser up-to-date
Most people will tell you that the Mozilla Foundation's Firefox browser is the safest way to surf, but a recent report from Google Switzerland and the Swiss Federal Institute of Technology found that "(u)sing the most recent version of a browser will lower the risk associated with drive-by-downloads and other Web-based attacks, which start by targeting the browser."
The report cites Google Chrome's silent updates as the best way to ensure that your browser is protected. The researchers also laud Chrome's lack of a way for users to disable its silent-update feature. Some people will object to software being downloaded to and installed on their system without their knowledge, but the fact is, these behind-the-scenes updates are the best way to keep you safe from the Internet bad guys.
Personally, I'm starting to rethink my choice of default browser. But as I mentioned earlier, you can't put any faith in a computer security product's reputation. And you can't be afraid to switch.
When I mentioned in a post last week that I forward select messages from my office Microsoft Exchange account to Gmail, several people claimed that this puts the company's data at risk.
I failed to point out that the information in the messages was not at all sensitive: no invoices, strategic plans, credit-card numbers, customer records, etc.
But what if I had needed to access private information from this account on a system other than Outlook? Assuming that no company can be trusted, how could I use Gmail without worrying about security?
One part of the problem was addressed when Gmail began supporting HTTPS connections. Well, Google claims that Gmail has always supported HTTPS, but you had to add the "s" to the URL prefix manually to access the encrypted version of the service, and log in at "https://mail.google.com," not "https://www.gmail.com." (Note that Google Calendar also supports HTTPS.)
Now Gmail lets you encrypt all your connections to the service via a simple settings change. To secure your e-mail transmissions, click Settings in the top-right corner of the main Gmail page, scroll down to "Browser connection" at the bottom of the window, select "Always use https," and click Save Changes. The next time you open your Gmail in-box, the transmissions will be encrypted.
Make all your Gmail connections encrypted by choosing "Always use https" in Gmail's Settings dialog.
(Credit: Google)The Gmail Help Center states that encrypting connections may slow down your page loads, but this is a small price to pay to secure your e-mail link, especially when you're computing in the great outdoors, whether using your own laptop or a public PC.
But does this truly secure your data? There are several Firefox add-ons that encrypt messages and attachments sent and received via Gmail. One of these is Gmail S/MIME by Richard Jones and Sean Leonard. Gina Trapani's Better Gmail includes encryption among many other useful Gmail enhancements.
Even these measures won't be sufficient to convince some people to trust Gmail specifically or Google generally. Nearly all of my remote connections to the office servers are made over a VPN link. When in doubt--even a little bit of doubt--encrypt.
- prev
- 1
- next
